What were you trying to do that didn't work?

The segfault occurs when gdm starts up.

What is the impact of this issue to you?

Minor - just log messages about xdg-document-portal segfaulting

Please provide the package NVR for which the bug is seen:

fuse-2.9.9-17.el9.x86_64

How reproducible is this bug?:

Every time gdm starts, but not entirely sure what is triggering gdm to load xdg-document-portal.  I think it is related to BeyondTrust's remote support tool.

Steps to reproduce

Expected results

No segfault

Actual results

Core was generated by `/usr/libexec/xdg-document-portal'.
Program terminated with signal SIGSEGV, Segmentation fault.
#0  receive_fd (fd=8) at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/mount.c:285
285             if (cmsg->cmsg_type != SCM_RIGHTS) {
[Current thread is 1 (Thread 0x7f626746e800 (LWP 4760))]

(gdb) bt
#0  receive_fd (fd=8) at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/mount.c:285
#1  fuse_mount_fusermount
   (mountpoint=mountpoint@entry=0x55fe2d0deba0 "/run/user/42/doc", mo=mo@entry=0x7ffd655d1460, opts=<optimized out>, quiet=q
uiet@entry=1) at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/mount.c:407
#2  0x00007f62675fd256 in fuse_kern_mount (args=0x55fe2d0deba0, mountpoint=0x55fe2d0deba0 "/run/user/42/doc")
   at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/mount.c:623
#3  fuse_mount_compat25 (mountpoint=mountpoint@entry=0x55fe2d0deba0 "/run/user/42/doc", args=args@entry=0x7ffd655d17e0)
   at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/helper.c:488
#4  0x00007f62675ff7f8 in fuse_mount_common
   (mountpoint=mountpoint@entry=0x55fe2d0deba0 "/run/user/42/doc", args=args@entry=0x7ffd655d17e0)
   at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/helper.c:248
#5  0x00007f62675ff859 in fuse_mount
   (mountpoint=mountpoint@entry=0x55fe2d0deba0 "/run/user/42/doc", args=args@entry=0x7ffd655d17e0)
   at /usr/src/debug/fuse-2.9.9-17.el9.x86_64/lib/helper.c:261
#6  0x000055fe2b42284e in xdp_fuse_init (error=0x55fe2b43d2a8 <exit_error.lto_priv>)
   at document-portal/document-portal-fuse.c:3158
#7  on_name_acquired (connection=<optimized out>, name=<optimized out>, user_data=<optimized out>)
   at document-portal/document-portal.c:1460
#8  0x00007f62678bc7e4 in do_call.lto_priv () at /lib64/libgio-2.0.so.0
#9  0x00007f62678bcc68 in on_name_lost_or_acquired () at /lib64/libgio-2.0.so.0
#10 0x00007f62678b5e8f in emit_signal_instance_in_idle_cb () at /lib64/libgio-2.0.so.0
#11 0x00007f626767147b in g_idle_dispatch () at /lib64/libglib-2.0.so.0
#12 0x00007f6267674f4f in g_main_context_dispatch () at /lib64/libglib-2.0.so.0
#13 0x00007f62676ca268 in g_main_context_iterate.constprop () at /lib64/libglib-2.0.so.0
#14 0x00007f62676745a3 in g_main_loop_run () at /lib64/libglib-2.0.so.0
#15 0x000055fe2b41a190 in main (argc=<optimized out>, argv=<optimized out>) at document-portal/document-portal.c:1685
(gdb) print cmsg
$1 = (struct cmsghdr *) 0x0

(gdb) print msg
$2 =

So it appears there is a missing null value check.