rpms/coreutils/devel coreutils-6.11-matchpathconinstall.patch, NONE, 1.1 coreutils.spec, 1.212, 1.213

Ondrej Vasik (ovasik) fedora-extras-commits at redhat.com
Tue May 20 15:08:29 UTC 2008 

Author: ovasik

Update of /cvs/extras/rpms/coreutils/devel
In directory cvs-int.fedora.redhat.com:/tmp/cvs-serv12846

Modified Files:
	coreutils.spec 
Added Files:
	coreutils-6.11-matchpathconinstall.patch 
Log Message:
fixed a HUGE memory leak in install binary(#447410)

coreutils-6.11-matchpathconinstall.patch:

--- NEW FILE coreutils-6.11-matchpathconinstall.patch ---
diff -urNp coreutils-6.11-orig/src/install.c coreutils-6.11/src/install.c
--- coreutils-6.11-orig/src/install.c	2008-05-20 16:08:03.000000000 +0200
+++ coreutils-6.11/src/install.c	2008-05-20 16:12:27.000000000 +0200
@@ -85,6 +85,7 @@ static bool install_file_in_dir (const c
 				 const struct cp_options *x);
 static bool install_file_in_file (const char *from, const char *to,
 				  const struct cp_options *x);
+static void set_prefix (const char* from_dir, const char* to_dir);
 static void get_ids (void);
 static void strip (char const *name);
 static void announce_mkdir (char const *dir, void *options);
@@ -200,25 +201,25 @@ cp_option_init (struct cp_options *x)
   x->src_info = NULL;
 }
 
-/* Modify file context to match the specified policy.
-   If an error occurs the file will remain with the default directory
-   context.  */
-static void
-setdefaultfilecon (char const *file)
+static void 
+set_prefix (char const *from_dir, char const *to_dir)
 {
+  const char *from_base = last_component (from_dir);
+  char *file = file_name_concat (to_dir, from_base, NULL);
   struct stat st;
-  security_context_t scontext = NULL;
+  
   if (selinux_enabled != 1)
     {
       /* Indicate no context found. */
       return;
     }
+
   if (lstat (file, &st) != 0)
     return;
 
   if (IS_ABSOLUTE_FILE_NAME (file))
     {
-      /* Calling matchpathcon_init_prefix (NULL, "/first_component/")
+         /* Calling matchpathcon_init_prefix (NULL, "/first_component/")
 	 is an optimization to minimize the expense of the following
 	 matchpathcon call.  */
       char const *p0;
@@ -248,6 +249,26 @@ setdefaultfilecon (char const *file)
 	}
     }
 
+  return;
+}
+
+/* Modify file context to match the specified policy.
+   If an error occurs the file will remain with the default directory
+   context.  */
+static void
+setdefaultfilecon (char const *file)
+{
+  struct stat st;
+  security_context_t scontext = NULL;
+  return;
+  if (selinux_enabled != 1)
+    {
+      /* Indicate no context found. */
+      return;
+    }
+  if (lstat (file, &st) != 0)
+    return;
+
   /* If there's an error determining the context, or it has none,
      return to allow default context */
   if ((matchpathcon (file, st.st_mode, &scontext) != 0) ||
@@ -526,9 +547,13 @@ main (int argc, char **argv)
 	{
 	  int i;
 	  dest_info_init (&x);
-	  for (i = 0; i < n_files; i++)
+	  set_prefix (file[0], target_directory);
+	  for (i = 0; i < n_files; i++) {
 	    if (! install_file_in_dir (file[i], target_directory, &x))
 	      exit_status = EXIT_FAILURE;
+          }
+	  if (selinux_enabled)
+	    matchpathcon_fini();
 	}
     }
 


Index: coreutils.spec
===================================================================
RCS file: /cvs/extras/rpms/coreutils/devel/coreutils.spec,v
retrieving revision 1.212
retrieving revision 1.213
diff -u -r1.212 -r1.213
--- coreutils.spec	19 May 2008 11:31:08 -0000	1.212
+++ coreutils.spec	20 May 2008 15:07:43 -0000	1.213
@@ -1,7 +1,7 @@
 Summary: The GNU core utilities: a set of tools commonly used in shell scripts
 Name:    coreutils
 Version: 6.11
-Release: 3%{?dist}
+Release: 4%{?dist}
 License: GPLv3+
 Group:   System Environment/Base
 Url:     http://www.gnu.org/software/coreutils/
@@ -51,6 +51,7 @@
 #(upstream did some SELinux implementation unlike with RedHat patch)
 Patch950: coreutils-selinux.patch
 Patch951: coreutils-selinuxmanpages.patch
+Patch952: coreutils-6.11-matchpathconinstall.patch
 
 BuildRequires: libselinux-devel >= 1.25.6-1
 BuildRequires: libacl-devel
@@ -128,6 +129,8 @@
 #SELinux
 %patch950 -p1 -b .selinux
 %patch951 -p1 -b .selinuxman
+%patch952 -p1 -b .matchcon
+
 
 chmod a+x tests/sort/sort-mb-tests
 chmod a+x tests/misc/id-context
@@ -307,6 +310,9 @@
 /sbin/runuser
 
 %changelog
+* Tue May 20 2008 Ondrej Vasik <ovasik at redhat.com> - 6.11-4
+- fixed a HUGE memory leak in install binary(#447410)
+
 * Mon May 19 2008 Ondrej Vasik <ovasik at redhat.com> - 6.11-3
 - added arch utility (from util-linux-ng)
 - do not show executable file types without executable bit

More information about the fedora-extras-commits mailing list