[Selinux-commits] SF.net SVN: selinux: [2222] trunk/libsepol

SourceForge Headquarters 225 Broadway Suite 1600 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2222
          http://svn.sourceforge.net/selinux/?rev=2222&view=rev
Author:   kmacmillan
Date:     2007-02-06 07:03:29 -0800 (Tue, 06 Feb 2007)

Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: libsepol: check for unmet requires on sensitivities and categories (Was: Re: core dump)
Date: Tue, 06 Feb 2007 08:15:57 -0500

On Tue, 2007-02-06 at 08:06 -0500, Stephen Smalley wrote:
> On Tue, 2007-02-06 at 07:40 -0500, Stephen Smalley wrote:
> > On Tue, 2007-02-06 at 04:12 +0200, Stefanos Harhalakis wrote:
> > > I had this issue today:
> > > 
> > > # semodule -i logging.pp 
> > > Segmentation fault (core dumped)
> > > 
> > > I traced this a bit and it seems that this is because of libsepol. 
> > > The core dump is the result of lines 602:603 of link.c:
> > > 
> > > (gdb) bt
> > > #0  0xb7f732fd in sens_copy_callback (key=0x848c2a0 "s15", datum=0x848c290, data=0xbfde3854) at link.c:602
> > > #1  0xb7f6f8a1 in hashtab_map (h=0x846cbf0, apply=0xb7f731d1 <sens_copy_callback>, args=0xbfde3854) at hashtab.c:214
> > > #2  0xb7f75528 in copy_identifiers (state=0xbfde3854, src_symtab=0x843cc74, dest_decl=0x0) at link.c:1323
> > > #3  0xb7f77c72 in link_modules (handle=0x804c710, b=0x80525b8, mods=0x863ce18, len=19, verbose=0) at link.c:2178
> > > #4  0xb7f7a2c9 in sepol_link_packages (handle=0x804c710, base=0x8053060, modules=0x80543c8, num_modules=19, verbose=0) at module.c:302
> > > 
> > > Where:
> > > 
> > > (gdb) l
> > > 597                                 state->cur_mod_name);
> > > 598                             return -SEPOL_LINK_NOTSUP;
> > > 599                     }
> > > 600             }
> > > 601     
> > > 602             state->cur->map[SYM_LEVELS][level->level->sens - 1] =
> > > 603                 base_level->level->sens;
> > > 604     
> > > 605             return 0;
> > > 606     }
> > > 
> > > Because of:
> > > 
> > > (gdb) p base_level
> > > $1 = (level_datum_t *) 0x0
> > > 
> > > The last 'if' checks for !base_level, but inside the 'if' block, only 
> > > !scope and scope->scope==SCOPE_DECL are checked.
> > > 
> > > This core dump is caused by:
> > > 
> > > (gdb) p scope->scope
> > > $2 = 1
> > > 
> > > Which is noted as:
> > > 
> > > /* Required for this decl */
> > > #define SCOPE_REQ  1
> > > 
> > > in libsepol/include/sepol/policydb/policydb.h
> > > 
> > > Hope this helps...
> > 
> > Looks like your logging.pp policy module has a requires on sensitivity
> > s15 but your base module doesn't declare it.  Naturally, that should
> > show up as an unfulfilled requirement rather than a seg fault.

Second patch below for the trunk (I also stripped the extraneous \n 
characters from the first patch locally).

Signed-off-by:  Stephen Smalley <sd...@ty...>

Acked-by: Karl MacMillan <kma...@me...>

Modified Paths:
--------------
    trunk/libsepol/ChangeLog
    trunk/libsepol/src/link.c

Modified: trunk/libsepol/ChangeLog
===================================================================

--- trunk/libsepol/ChangeLog	2007-02-05 19:11:28 UTC (rev 2221)
+++ trunk/libsepol/ChangeLog	2007-02-06 15:03:29 UTC (rev 2222)
@@ -1,3 +1,7 @@
+2.0.1 2007-02-01
+	* Merged libsepol segfault fix from Stephen Smalley for when
+	  sensitivities are required but not present in the base.
+	
 2.0.0 2007-02-01
 	* Merged patch to add errcodes.h to libsepol by Karl MacMillan.
 	

Modified: trunk/libsepol/src/link.c
===================================================================
--- trunk/libsepol/src/link.c	2007-02-05 19:11:28 UTC (rev 2221)
+++ trunk/libsepol/src/link.c	2007-02-06 15:03:29 UTC (rev 2222)
@@ -598,6 +598,13 @@
 			    state->cur_mod_name);
 			return SEPOL_ENOTSUP;
 		}
+		if (scope->scope == SCOPE_REQ) {
+			/* unmet requirement */
+			ERR(state->handle,
+			    "%s: Sensitivity %s not declared by base.",
+			    state->cur_mod_name, id);
+			return SEPOL_ENOTSUP;
+		}
 	}
 
 	state->cur->map[SYM_LEVELS][level->level->sens - 1] =
@@ -629,6 +636,13 @@
 			    state->cur_mod_name);
 			return SEPOL_ENOTSUP;
 		}
+		if (scope->scope == SCOPE_REQ) {
+			/* unmet requirement */
+			ERR(state->handle,
+			    "%s: Category %s not declared by base.",
+			    state->cur_mod_name, id);
+			return SEPOL_ENOTSUP;
+		}
 	}
 
 	state->cur->map[SYM_CATS][cat->s.value - 1] = base_cat->s.value;


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


