[PATCH] libselinux: set free'd data to NULL

All of lore.kernel.org
 help / color / mirror / Atom feed

* [PATCH] libselinux: set free'd data to NULL
@ 2024-07-09 19:23 Petr Lautrbach
  2024-07-10 18:24 ` James Carter
  0 siblings, 1 reply; 3+ messages in thread
From: Petr Lautrbach @ 2024-07-09 19:23 UTC (permalink / raw)
  To: selinux; +Cc: Petr Lautrbach

Fixes segfault in selabel_open() on systems with SELinux disabled and without any
SELinux policy installed introduced by commit 5876aca0484f ("libselinux: free
data on selabel open failure"):

    $ sestatus
    SELinux status:                 disabled

    $ cat /etc/selinux/config
    cat: /etc/selinux/config: No such file or directory

    $ matchpathcon /abc
    [1]    907999 segmentation fault (core dumped)  matchpathcon /abc

Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
---
 libselinux/src/label_backends_android.c | 1 +
 libselinux/src/label_file.c             | 1 +
 libselinux/src/label_media.c            | 1 +
 libselinux/src/label_x.c                | 1 +
 4 files changed, 4 insertions(+)

diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
index 49a87686de4c..5bad24f20d73 100644
--- a/libselinux/src/label_backends_android.c
+++ b/libselinux/src/label_backends_android.c
@@ -260,6 +260,7 @@ static void closef(struct selabel_handle *rec)
 		free(data->spec_arr);
 
 	free(data);
+	rec->data = NULL;
 }
 
 static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 2732972e61cf..59c9f2ef3442 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -942,6 +942,7 @@ static void closef(struct selabel_handle *rec)
 		free(last_area);
 	}
 	free(data);
+	rec->data = NULL;
 }
 
 // Finds all the matches of |key| in the given context. Returns the result in
diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
index 852aeada8ff4..bae065c12a55 100644
--- a/libselinux/src/label_media.c
+++ b/libselinux/src/label_media.c
@@ -183,6 +183,7 @@ static void close(struct selabel_handle *rec)
 	    free(spec_arr);
 
 	free(data);
+	rec->data = NULL;
 }
 
 static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
index a8decc7a0093..ddae4f6c22b6 100644
--- a/libselinux/src/label_x.c
+++ b/libselinux/src/label_x.c
@@ -210,6 +210,7 @@ static void close(struct selabel_handle *rec)
 	    free(spec_arr);
 
 	free(data);
+	rec->data = NULL;
 }
 
 static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
-- 
2.45.2


^ permalink raw reply related	[flat|nested] 3+ messages in thread

* Re: [PATCH] libselinux: set free'd data to NULL
  2024-07-09 19:23 [PATCH] libselinux: set free'd data to NULL Petr Lautrbach
@ 2024-07-10 18:24 ` James Carter
  2024-07-22 10:25   ` Petr Lautrbach
  0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2024-07-10 18:24 UTC (permalink / raw)
  To: Petr Lautrbach; +Cc: selinux

On Tue, Jul 9, 2024 at 3:24 PM Petr Lautrbach <lautrbach@redhat.com> wrote:
>
> Fixes segfault in selabel_open() on systems with SELinux disabled and without any
> SELinux policy installed introduced by commit 5876aca0484f ("libselinux: free
> data on selabel open failure"):
>
>     $ sestatus
>     SELinux status:                 disabled
>
>     $ cat /etc/selinux/config
>     cat: /etc/selinux/config: No such file or directory
>
>     $ matchpathcon /abc
>     [1]    907999 segmentation fault (core dumped)  matchpathcon /abc
>

I was able to recreate the problem and verify that this fixes it.
Acked-by: James Carter <jwcart2@gmail.com>

> Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
> ---
>  libselinux/src/label_backends_android.c | 1 +
>  libselinux/src/label_file.c             | 1 +
>  libselinux/src/label_media.c            | 1 +
>  libselinux/src/label_x.c                | 1 +
>  4 files changed, 4 insertions(+)
>
> diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
> index 49a87686de4c..5bad24f20d73 100644
> --- a/libselinux/src/label_backends_android.c
> +++ b/libselinux/src/label_backends_android.c
> @@ -260,6 +260,7 @@ static void closef(struct selabel_handle *rec)
>                 free(data->spec_arr);
>
>         free(data);
> +       rec->data = NULL;
>  }
>
>  static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
> diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
> index 2732972e61cf..59c9f2ef3442 100644
> --- a/libselinux/src/label_file.c
> +++ b/libselinux/src/label_file.c
> @@ -942,6 +942,7 @@ static void closef(struct selabel_handle *rec)
>                 free(last_area);
>         }
>         free(data);
> +       rec->data = NULL;
>  }
>
>  // Finds all the matches of |key| in the given context. Returns the result in
> diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
> index 852aeada8ff4..bae065c12a55 100644
> --- a/libselinux/src/label_media.c
> +++ b/libselinux/src/label_media.c
> @@ -183,6 +183,7 @@ static void close(struct selabel_handle *rec)
>             free(spec_arr);
>
>         free(data);
> +       rec->data = NULL;
>  }
>
>  static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
> diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
> index a8decc7a0093..ddae4f6c22b6 100644
> --- a/libselinux/src/label_x.c
> +++ b/libselinux/src/label_x.c
> @@ -210,6 +210,7 @@ static void close(struct selabel_handle *rec)
>             free(spec_arr);
>
>         free(data);
> +       rec->data = NULL;
>  }
>
>  static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
> --
> 2.45.2
>
>

^ permalink raw reply	[flat|nested] 3+ messages in thread

* Re: [PATCH] libselinux: set free'd data to NULL
  2024-07-10 18:24 ` James Carter
@ 2024-07-22 10:25   ` Petr Lautrbach
  0 siblings, 0 replies; 3+ messages in thread
From: Petr Lautrbach @ 2024-07-22 10:25 UTC (permalink / raw)
  To: selinux; +Cc: James Carter

James Carter <jwcart2@gmail.com> writes:

> On Tue, Jul 9, 2024 at 3:24 PM Petr Lautrbach <lautrbach@redhat.com> wrote:
>>
>> Fixes segfault in selabel_open() on systems with SELinux disabled and without any
>> SELinux policy installed introduced by commit 5876aca0484f ("libselinux: free
>> data on selabel open failure"):
>>
>>     $ sestatus
>>     SELinux status:                 disabled
>>
>>     $ cat /etc/selinux/config
>>     cat: /etc/selinux/config: No such file or directory
>>
>>     $ matchpathcon /abc
>>     [1]    907999 segmentation fault (core dumped)  matchpathcon /abc
>>
>
> I was able to recreate the problem and verify that this fixes it.
> Acked-by: James Carter <jwcart2@gmail.com>

This is merged now.


>
>> Signed-off-by: Petr Lautrbach <lautrbach@redhat.com>
>> ---
>>  libselinux/src/label_backends_android.c | 1 +
>>  libselinux/src/label_file.c             | 1 +
>>  libselinux/src/label_media.c            | 1 +
>>  libselinux/src/label_x.c                | 1 +
>>  4 files changed, 4 insertions(+)
>>
>> diff --git a/libselinux/src/label_backends_android.c b/libselinux/src/label_backends_android.c
>> index 49a87686de4c..5bad24f20d73 100644
>> --- a/libselinux/src/label_backends_android.c
>> +++ b/libselinux/src/label_backends_android.c
>> @@ -260,6 +260,7 @@ static void closef(struct selabel_handle *rec)
>>                 free(data->spec_arr);
>>
>>         free(data);
>> +       rec->data = NULL;
>>  }
>>
>>  static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec,
>> diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
>> index 2732972e61cf..59c9f2ef3442 100644
>> --- a/libselinux/src/label_file.c
>> +++ b/libselinux/src/label_file.c
>> @@ -942,6 +942,7 @@ static void closef(struct selabel_handle *rec)
>>                 free(last_area);
>>         }
>>         free(data);
>> +       rec->data = NULL;
>>  }
>>
>>  // Finds all the matches of |key| in the given context. Returns the result in
>> diff --git a/libselinux/src/label_media.c b/libselinux/src/label_media.c
>> index 852aeada8ff4..bae065c12a55 100644
>> --- a/libselinux/src/label_media.c
>> +++ b/libselinux/src/label_media.c
>> @@ -183,6 +183,7 @@ static void close(struct selabel_handle *rec)
>>             free(spec_arr);
>>
>>         free(data);
>> +       rec->data = NULL;
>>  }
>>
>>  static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
>> diff --git a/libselinux/src/label_x.c b/libselinux/src/label_x.c
>> index a8decc7a0093..ddae4f6c22b6 100644
>> --- a/libselinux/src/label_x.c
>> +++ b/libselinux/src/label_x.c
>> @@ -210,6 +210,7 @@ static void close(struct selabel_handle *rec)
>>             free(spec_arr);
>>
>>         free(data);
>> +       rec->data = NULL;
>>  }
>>
>>  static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,
>> --
>> 2.45.2
>>
>>


^ permalink raw reply	[flat|nested] 3+ messages in thread

end of thread, other threads:[~2024-07-22 10:25 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-07-09 19:23 [PATCH] libselinux: set free'd data to NULL Petr Lautrbach
2024-07-10 18:24 ` James Carter
2024-07-22 10:25   ` Petr Lautrbach

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.