From: Petr Lautrbach <lautrbach@redhat.com>
To: selinux@vger.kernel.org
Cc: James Carter <jwcart2@gmail.com>
Subject: Re: [PATCH] libselinux: set free'd data to NULL
Date: Mon, 22 Jul 2024 12:25:20 +0200 [thread overview]
Message-ID: <87le1tyb8v.fsf@redhat.com> (raw)
In-Reply-To: <CAP+JOzQCu0srfss921Ew42oHxsaqRYGiTs56_h9j2Yfw0cYGjg@mail.gmail.com>
James Carter <jwcart2@gmail.com> writes:
> On Tue, Jul 9, 2024 at 3:24 PM Petr Lautrbach <lautrbach@redhat.com> wrote:
>>
>> Fixes segfault in selabel_open() on systems with SELinux disabled and without any
>> SELinux policy installed introduced by commit 5876aca0484f ("libselinux: free
>> data on selabel open failure"):
>>
>> $ sestatus
>> SELinux status: disabled
>>
>> $ cat /etc/selinux/config
>> cat: /etc/selinux/config: No such file or directory
>>
>> $ matchpathcon /abc
>> [1] 907999 segmentation fault (core dumped) matchpathcon /abc
>>
>
> I was able to recreate the problem and verify that this fixes it.
> Acked-by: James Carter <jwcart2@gmail.com>
This is merged now.
>
>> Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
>> ---
>> libselinux/src/label_backends_android.c | 1 +
>> libselinux/src/label_file.c | 1 +
>> libselinux/src/label_media.c | 1 +
>> libselinux/src/label_x.c | 1 +
>> 4 files changed, 4 insertions(+)
>>
>> diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
>> index 49a87686de4c..5bad24f20d73 100644
>> --- a/libselinux/src/label_backends_android.c
>> +++ b/libselinux/src/label_backends_android.c
>> @@ -260,6 +260,7 @@ static void closef(struct selabel_handle *rec)
>> free(data->spec_arr);
>>
>> free(data);
>> + rec->data = NULL;
>> }
>>
>> static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
>> diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
>> index 2732972e61cf..59c9f2ef3442 100644
>> --- a/libselinux/src/label_file.c
>> +++ b/libselinux/src/label_file.c
>> @@ -942,6 +942,7 @@ static void closef(struct selabel_handle *rec)
>> free(last_area);
>> }
>> free(data);
>> + rec->data = NULL;
>> }
>>
>> // Finds all the matches of |key| in the given context. Returns the result in
>> diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
>> index 852aeada8ff4..bae065c12a55 100644
>> --- a/libselinux/src/label_media.c
>> +++ b/libselinux/src/label_media.c
>> @@ -183,6 +183,7 @@ static void close(struct selabel_handle *rec)
>> free(spec_arr);
>>
>> free(data);
>> + rec->data = NULL;
>> }
>>
>> static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
>> diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
>> index a8decc7a0093..ddae4f6c22b6 100644
>> --- a/libselinux/src/label_x.c
>> +++ b/libselinux/src/label_x.c
>> @@ -210,6 +210,7 @@ static void close(struct selabel_handle *rec)
>> free(spec_arr);
>>
>> free(data);
>> + rec->data = NULL;
>> }
>>
>> static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
>> --
>> 2.45.2
>>
>>
prev parent reply other threads:[~2024-07-22 10:25 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2024-07-09 19:23 [PATCH] libselinux: set free'd data to NULL Petr Lautrbach
2024-07-10 18:24 ` James Carter
2024-07-22 10:25 ` Petr Lautrbach [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87le1tyb8v.fsf@redhat.com \
--to=lautrbach@redhat.com \
--cc=jwcart2@gmail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.