80 lines
3.1 KiB
Diff
80 lines
3.1 KiB
Diff
From 142826a38e974b54a45022c0a0a8dce13a8225dc Mon Sep 17 00:00:00 2001
|
|
From: Petr Lautrbach <plautrba@redhat.com>
|
|
Date: Mon, 15 Feb 2021 14:05:53 +0100
|
|
Reference:https://github.com/SELinuxProject/selinux/commit/142826a38e974b54a45022c0a0a8dce13a8225
|
|
Conflict:adapter filepath
|
|
Subject: [PATCH] libselinux: fix segfault in add_xattr_entry()
|
|
|
|
When selabel_get_digests_all_partial_matches(), resp
|
|
get_digests_all_partial_matches() doesn't find a match,
|
|
calculated_digest is not initialized and followup memcmp() could
|
|
segfault. Given that calculated_digest and xattr_digest are already
|
|
compared in get_digests_all_partial_matches() and the function returns
|
|
true or false based on this comparison, it's not necessary to compare
|
|
these values again.
|
|
|
|
Fixes:
|
|
# cd /root
|
|
# mkdir tmp
|
|
# restorecon -D -Rv tmp # create security.sehash attribute
|
|
# restorecon_xattr -d -v tmp
|
|
specfiles SHA1 digest: afc752f47d489f3e82ac1da8fd247a2e1a6af5f8
|
|
calculated using the following specfile(s):
|
|
/etc/selinux/targeted/contexts/files/file_contexts.subs_dist
|
|
/etc/selinux/targeted/contexts/files/file_contexts.subs
|
|
/etc/selinux/targeted/contexts/files/file_contexts.bin
|
|
/etc/selinux/targeted/contexts/files/file_contexts.homedirs.bin
|
|
/etc/selinux/targeted/contexts/files/file_contexts.local.bin
|
|
|
|
Segmentation fault (core dumped)
|
|
|
|
Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
|
|
Signed-off-by: luhuaxin <1539327763@qq.com>
|
|
---
|
|
libselinux/src/selinux_restorecon.c | 14 +++++++-------
|
|
1 file changed, 7 insertions(+), 7 deletions(-)
|
|
|
|
diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c
|
|
index 6993be6..63fb8dc 100644
|
|
--- a/src/selinux_restorecon.c
|
|
+++ b/src/selinux_restorecon.c
|
|
@@ -297,6 +297,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
|
|
char *sha1_buf = NULL;
|
|
size_t i, digest_len = 0;
|
|
int rc, digest_result;
|
|
+ bool match;
|
|
struct dir_xattr *new_entry;
|
|
uint8_t *xattr_digest = NULL;
|
|
uint8_t *calculated_digest = NULL;
|
|
@@ -306,9 +307,9 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
|
|
return -1;
|
|
}
|
|
|
|
- selabel_get_digests_all_partial_matches(fc_sehandle, directory,
|
|
- &calculated_digest,
|
|
- &xattr_digest, &digest_len);
|
|
+ match = selabel_get_digests_all_partial_matches(fc_sehandle, directory,
|
|
+ &calculated_digest, &xattr_digest,
|
|
+ &digest_len);
|
|
|
|
if (!xattr_digest || !digest_len) {
|
|
free(calculated_digest);
|
|
@@ -326,11 +327,10 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
|
|
for (i = 0; i < digest_len; i++)
|
|
sprintf((&sha1_buf[i * 2]), "%02x", xattr_digest[i]);
|
|
|
|
- rc = memcmp(calculated_digest, xattr_digest, digest_len);
|
|
- digest_result = rc ? NOMATCH : MATCH;
|
|
+ digest_result = match ? MATCH : NOMATCH;
|
|
|
|
- if ((delete_nonmatch && rc != 0) || delete_all) {
|
|
- digest_result = rc ? DELETED_NOMATCH : DELETED_MATCH;
|
|
+ if ((delete_nonmatch && !match) || delete_all) {
|
|
+ digest_result = match ? DELETED_MATCH : DELETED_NOMATCH;
|
|
rc = removexattr(directory, RESTORECON_PARTIAL_MATCH_DIGEST);
|
|
if (rc) {
|
|
selinux_log(SELINUX_ERROR,
|
|
--
|
|
1.8.3.1
|
|
|