[libvirt] [PATCHv2 1/2] selinux: fix segfault in virSecuritySELinuxMCSGetProcessRange
Daniel P. Berrange
berrange at redhat.com
Tue Jun 4 12:34:12 UTC 2013
On Tue, Jun 04, 2013 at 01:23:59PM +0200, Ján Tomko wrote:
> From: James Gilliland <neclimdul at gmail.com>
>
> https://bugzilla.redhat.com/show_bug.cgi?id=969878
> ---
> src/security/security_selinux.c | 9 ++++++++-
> 1 file changed, 8 insertions(+), 1 deletion(-)
>
> diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c
> index b862fbf..3c67f24 100644
> --- a/src/security/security_selinux.c
> +++ b/src/security/security_selinux.c
> @@ -189,6 +189,7 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
> context_t ourContext = NULL;
> char *cat = NULL;
> char *tmp;
> + const char *contextRange;
> int ret = -1;
>
> if (getcon_raw(&ourSecContext) < 0) {
> @@ -202,8 +203,14 @@ virSecuritySELinuxMCSGetProcessRange(char **sens,
> ourSecContext);
> goto cleanup;
> }
> + if (!(contextRange = context_range_get(ourContext))) {
> + virReportSystemError(errno,
> + _("Unable to parse current SELinux context range '%s'"),
> + ourSecContext);
> + goto cleanup;
> + }
Re-thinking this again. Raising an error here will technically be
a regression in functionality vs older libvirt. I think we need
to automatically fill in "s0" for *sens if contextRange is
NULL, instead of raising an error. Also add to the comment before
this function that 'system_u:system_r:virtd_t' is a valid
context too.
>
> - if (VIR_STRDUP(*sens, context_range_get(ourContext)) < 0)
> + if (VIR_STRDUP(*sens, contextRange) < 0)
> goto cleanup;
>
> /* Find and blank out the category part (if any) */
Daniel
--
|: http://berrange.com -o- http://www.flickr.com/photos/dberrange/ :|
|: http://libvirt.org -o- http://virt-manager.org :|
|: http://autobuild.org -o- http://search.cpan.org/~danberr/ :|
|: http://entangle-photo.org -o- http://live.gnome.org/gtk-vnc :|
More information about the libvir-list
mailing list