[Selinux-commits] SF.net SVN: selinux: [2491] branches/stable/1_0/libselinux

SourceForge Headquarters 1320 Columbia Street Suite 310 San Diego, CA 92101 +1 (858) 422-6466

Revision: 2491
          http://svn.sourceforge.net/selinux/?rev=2491&view=rev
Author:   madmethod
Date:     2007-07-09 10:35:49 -0700 (Mon, 09 Jul 2007)

Log Message:
-----------
Author: Stephen Smalley
Email: sd...@ty...
Subject: libselinux: fix getfilecon handling of zero-length context
Date: Mon, 09 Jul 2007 12:45:53 -0400

As observed by John Ramsdell, *getfilecon() on a /proc/sys inode on
returns garbage and can lead to memory corruption upon later freecon.
This happens on 2.6.21 and later due to the proc sysctl rewrite in the
kernel.  The *getfilecon_raw() functions correctly return zero in this
case, but the non-raw functions are not handling that result properly.
Initialize *context on entry to *getfilecon() so that it has a
well-defined value even if *getfilecon_raw() returns zero.

Signed-off-by:  Stephen Smalley <sd...@ty...>

Acked-By: Joshua Brindle <me...@ma...>

Modified Paths:
--------------
    branches/stable/1_0/libselinux/ChangeLog
    branches/stable/1_0/libselinux/VERSION
    branches/stable/1_0/libselinux/src/fgetfilecon.c
    branches/stable/1_0/libselinux/src/getfilecon.c
    branches/stable/1_0/libselinux/src/lgetfilecon.c

Modified: branches/stable/1_0/libselinux/ChangeLog
===================================================================

--- branches/stable/1_0/libselinux/ChangeLog	2007-06-22 19:38:14 UTC (rev 2490)
+++ branches/stable/1_0/libselinux/ChangeLog	2007-07-09 17:35:49 UTC (rev 2491)
@@ -1,3 +1,7 @@
+1.34.11	2007-07-09
+	* Merged fix for getfilecon() handling of zero-length contexts from
+	  Stephen Smalley.
+
 1.34.10 2007-04-27
 	* Merged helpful message when selinuxfs mount fails patch from Dax Kelson.
 

Modified: branches/stable/1_0/libselinux/VERSION
===================================================================
--- branches/stable/1_0/libselinux/VERSION	2007-06-22 19:38:14 UTC (rev 2490)
+++ branches/stable/1_0/libselinux/VERSION	2007-07-09 17:35:49 UTC (rev 2491)
@@ -1 +1 @@
-1.34.10
+1.34.11

Modified: branches/stable/1_0/libselinux/src/fgetfilecon.c
===================================================================
--- branches/stable/1_0/libselinux/src/fgetfilecon.c	2007-06-22 19:38:14 UTC (rev 2490)
+++ branches/stable/1_0/libselinux/src/fgetfilecon.c	2007-07-09 17:35:49 UTC (rev 2491)
@@ -51,6 +51,8 @@
 	security_context_t rcontext;
 	int ret;
 
+	*context = NULL;
+
 	ret = fgetfilecon_raw(fd, &rcontext);
 
 	if (ret > 0) {

Modified: branches/stable/1_0/libselinux/src/getfilecon.c
===================================================================
--- branches/stable/1_0/libselinux/src/getfilecon.c	2007-06-22 19:38:14 UTC (rev 2490)
+++ branches/stable/1_0/libselinux/src/getfilecon.c	2007-07-09 17:35:49 UTC (rev 2491)
@@ -51,6 +51,8 @@
 	int ret;
 	security_context_t rcontext;
 
+	*context = NULL;
+
 	ret = getfilecon_raw(path, &rcontext);
 
 	if (ret > 0) {

Modified: branches/stable/1_0/libselinux/src/lgetfilecon.c
===================================================================
--- branches/stable/1_0/libselinux/src/lgetfilecon.c	2007-06-22 19:38:14 UTC (rev 2490)
+++ branches/stable/1_0/libselinux/src/lgetfilecon.c	2007-07-09 17:35:49 UTC (rev 2491)
@@ -51,6 +51,8 @@
 	int ret;
 	security_context_t rcontext;
 
+	*context = NULL;
+
 	ret = lgetfilecon_raw(path, &rcontext);
 
 	if (ret > 0) {


This was sent by the SourceForge.net collaborative development platform, the world's largest Open Source development site.


