From d419f652bbf282bbb6353429261776d6293fcfb6 Mon Sep 17 00:00:00 2001
From: Vadim Yanitskiy <axilirator@gmail.com>
Date: Sun, 9 Feb 2020 04:44:35 +0700
Subject: exec: prevent uninitialized memory access in osmo_system_nowait()

If (!env_whitelist && addl_env), osmo_environment_append() would
access uninitialized memory. If both are false, execle() would
also deal with garbage values. Let's ensure that at least the
first element of new_env[] is initialized.

Change-Id: Id3901de4692ef44e9e9c67b1804e027fc4ce7c18
Fixes: CID#206571
---
 src/exec.c | 3 +++
 1 file changed, 3 insertions(+)

diff --git a/src/exec.c b/src/exec.c
index a9d8ce0f..b806ad56 100644
--- a/src/exec.c
+++ b/src/exec.c
@@ -217,6 +217,9 @@ int osmo_system_nowait(const char *command, const char **env_whitelist, char **a
 		/* close all file descriptors above stdio */
 		osmo_close_all_fds_above(2);
 
+		/* man execle: "an array of pointers *must* be terminated by a null pointer" */
+		new_env[0] = NULL;
+
 		/* build the new environment */
 		if (env_whitelist)
 			osmo_environment_filter(new_env, ARRAY_SIZE(new_env), environ, env_whitelist);
-- 
cgit v1.2.3