All of lore.kernel.org
 help / color / mirror / Atom feed
From: Petr Lautrbach <lautrbach@redhat.com>
To: selinux@vger.kernel.org
Subject: Regression in 5876aca0484f ("libselinux: free data on selabel open failure")
Date: Tue, 09 Jul 2024 12:15:28 +0200	[thread overview]
Message-ID: <875xte98hr.fsf@redhat.com> (raw)

Hello,

Katerina Koukiou https://bugzilla.redhat.com/show_bug.cgi?id=2295428
discovered a regression in libselinux [1] which can be demonstrated by
running `matchpathcon` on a system with SELinux disabled and without any
SELinux policy installed.

Fedora reproducer:

$ toolbox create
$ toolbox enter
toolbox$ matchpatchcon /abc

Before 5876aca0484f:

$ matchpathcon /abc
  Error while opening file contexts database: No such file or directory

After 5876aca0484f:

$ matchpathcon /abc
[1]    761709 segmentation fault (core dumped)  matchpathcon /abc

Program received signal SIGSEGV, Segmentation fault.
0x00007ffff7f9a7b8 in closef (rec=0x405a10) at label_file.c:915
warning: Source file is more recent than executable.
915                     free(spec->lr.ctx_trans);
(gdb) bt full
#0  0x00007ffff7f9a7b8 in closef (rec=0x405a10) at label_file.c:915
        data = 0x405a80
        area = 0x6ffffdf48
        last_area = 0x7fffffffdc90
        spec = 0x405
        stem = 0x2
        i = 0
#1  0x00007ffff7f968b7 in selabel_close (rec=0x405a10) at label.c:364
No locals.
#2  0x00007ffff7f9648d in selabel_open (backend=0, opts=0x7fffffffdd80, nopts=6) at label.c:228
        rec = 0x405a10
#3  0x00000000004015e7 in main (argc=2, argv=0x7fffffffdf48) at matchpathcon.c:131
        i = 32767
        force_mode = 0
        header = 1
        opt = -1
        verify = 0
        notrans = 0
        error = 0
        quiet = 0
        hnd = 0x7fffffffde20
        options = {{type = 0, value = 0x0}, {type = 0, value = 0x0}, {type = 0, value = 0x0}, {type = 0, 
            value = 0x0}, {type = 0, value = 0x0}, {type = 0, value = 0x0}}


As a workaround, it's necessary to install SElinux policy

toolbox$ sudo dnf install selinux-policy-targeted
toolbox$ $ matchpathcon /abc                       
/abc    system_u:object_r:etc_runtime_t:s0


[1] https://bugzilla.redhat.com/show_bug.cgi?id=2295428


             reply	other threads:[~2024-07-09 10:15 UTC|newest]

Thread overview: 2+ messages / expand[flat|nested]  mbox.gz  Atom feed  top
2024-07-09 10:15 Petr Lautrbach [this message]
2024-07-09 14:37 ` Regression in 5876aca0484f ("libselinux: free data on selabel open failure") Petr Lautrbach

Reply instructions:

You may reply publicly to this message via plain-text email
using any one of the following methods:

* Save the following mbox file, import it into your mail client,
  and reply-to-all from there: mbox

  Avoid top-posting and favor interleaved quoting:
  https://en.wikipedia.org/wiki/Posting_style#Interleaved_style

* Reply using the --to, --cc, and --in-reply-to
  switches of git-send-email(1):

  git send-email \
    --in-reply-to=875xte98hr.fsf@redhat.com \
    --to=lautrbach@redhat.com \
    --cc=selinux@vger.kernel.org \
    /path/to/YOUR_REPLY

  https://kernel.org/pub/software/scm/git/docs/git-send-email.html

* If your mail client supports setting the In-Reply-To header
  via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line before the message body. 
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.