From: Eric Paris <eparis@parisplace.org>
To: Stephen Smalley <sds@tycho.nsa.gov>
Cc: selinux@tycho.nsa.gov, Daniel J Walsh <dwalsh@redhat.com>
Subject: Re: [PATCH] libselinux: Only call regfree if regcomp was previously called on the regex
Date: Fri, 24 Aug 2012 14:21:09 -0400 [thread overview]
Message-ID: <1345832469.4436.3.camel@localhost> (raw)
In-Reply-To: <1345829597.21071.25.camel@moss-pluto.epoch.ncsc.mil>
Found the same bug moving to the PCRE implementation. Its in my devel
tree and I'll get it upstream.
-Eric
On Fri, 2012-08-24 at 13:33 -0400, Stephen Smalley wrote:
> Only call regfree if regcomp was previously called on the regex.
>
> We discovered this bug in SE Android when bionic switched to the current
> NetBSD regex implementation, which triggers an assertion on an attempt
> to call regfree() on a regex that was not initialized via regcomp().
> Apparently the prior bionic regex implementation and the glibc one are
> more forgiving, but this seems to be a legitimate bug in libselinux that
> should be fixed in general.
>
> ---
> libselinux/src/label_file.c | 3 ++-
> 1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
> index 7bc46cc..8bf9bc4 100644
> --- a/libselinux/src/label_file.c
> +++ b/libselinux/src/label_file.c
> @@ -575,7 +575,8 @@ static void closef(struct selabel_handle *rec)
> free(spec->type_str);
> free(spec->lr.ctx_raw);
> free(spec->lr.ctx_trans);
> - regfree(&spec->regex);
> + if (spec->regcomp)
> + regfree(&spec->regex);
> }
>
> for (i = 0; i < (unsigned int)data->num_stems; i++) {
> --
> 1.7.11.2
>
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@tycho.nsa.gov with
the words "unsubscribe selinux" without quotes as the message.
prev parent reply other threads:[~2012-08-24 18:21 UTC|newest]
Thread overview: 2+ messages / expand[flat|nested] mbox.gz Atom feed top
2012-08-24 17:33 [PATCH] libselinux: Only call regfree if regcomp was previously called on the regex Stephen Smalley
2012-08-24 18:21 ` Eric Paris [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=1345832469.4436.3.camel@localhost \
--to=eparis@parisplace.org \
--cc=dwalsh@redhat.com \
--cc=sds@tycho.nsa.gov \
--cc=selinux@tycho.nsa.gov \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.