packages/libselinux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!43 add check for calloc in check_booleans

Browse Source 
From: @HuaxinLuGitee 
Reviewed-by: @zhujianwei001 
Signed-off-by: @zhujianwei001
This commit is contained in:
openeuler-ci-bot 2023-07-25 12:33:25 +00:00 committed by Gitee
commit fd647a0aef
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-libselinux-add-check-for-calloc-in-check_booleans.patch Normal file
View File

@ -0,0 +1,33 @@
From d8edd363be3184c5738438fde937fd5ebc2d4923 Mon Sep 17 00:00:00 2001
From: Huaxin Lu <luhuaxin1@huawei.com>
Date: Mon, 19 Jun 2023 07:17:02 +0800
Subject: [PATCH] libselinux: add check for calloc in check_booleans
Check the return value of calloc() to avoid null pointer reference.
Signed-off-by: Huaxin Lu <luhuaxin1@huawei.com>
Acked-by: Petr Lautrbach <lautrbach@redhat.com>
---
src/audit2why.c | 6 ++++++
1 file changed, 6 insertions(+)
diff --git a/src/audit2why.c b/src/audit2why.c
index ba1a66eb..8c4c07d5 100644
--- a/src/audit2why.c
+++ b/src/audit2why.c
@@ -149,6 +149,12 @@ static int check_booleans(struct boolean_t **bools)
if (fcnt > 0) {
*bools = calloc(sizeof(struct boolean_t), fcnt + 1);
+ if (!*bools) {
+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
+ free(foundlist);
+ return 0;
+ }
+
struct boolean_t *b = *bools;
for (i = 0; i < fcnt; i++) {
int ctr = foundlist[i];
--
2.27.0

9
libselinux.spec
View File

@ -3,16 +3,17 @@
Name: libselinux Name: libselinux
Version: 3.5 Version: 3.5
Release: 1 Release: 2
License: Public Domain License: Public Domain
Summary: SELinux library and simple utilities Summary: SELinux library and simple utilities
Url: https://github.com/SELinuxProject/selinux/wiki Url: https://github.com/SELinuxProject/selinux/wiki
Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libselinux-%{version}.tar.gz Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libselinux-%{version}.tar.gz
Patch0001: backport-libselinux-add-check-for-calloc-in-check_booleans.patch
Patch9000: do-malloc-trim-after-load-policy.patch Patch9000: do-malloc-trim-after-load-policy.patch
BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel
BuildRequires: ruby-devel libsepol-static python3-pip BuildRequires: ruby-devel libsepol-static python3-pip python3-setuptools python3-wheel
Requires: libsepol >= %{libsepol_version} pcre2 Requires: libsepol >= %{libsepol_version} pcre2
Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138 Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
@ -128,6 +129,10 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
%{_mandir}/ru/man8/* %{_mandir}/ru/man8/*
%changelog %changelog
* Tue Jul 25 2023 luhuaxin <luhuaxin1@huawei.com> - 3.5-2
- add check for calloc in check_booleans
- fix python build issue
* Mon Jul 17 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 3.5-1 * Mon Jul 17 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 3.5-1
- update version to 3.5 - update version to 3.5