mkswap: possible to crash with SELinux relabeling support
When fgetfilecon() is failed with -ENODATA, this process does not exit. However, "oldcontext" is not initialized in this case, so context_new() will be called with uninitialized "oldcontext" at the next. Finally, it makes a segmentation fault, because context_new() have to refer an incorrect memory region. The attached patch fixes this matter using matchpathcon(). If we cannot obtain actual file context due to -ENODATA, a context which is returned by matchpathcon() is applied as oldcontext. Then, the type of the context is relabeled to "swapfile_t" explicitly. Signed-off-by: KaiGai Kohei <kaigai@kaigai.gr.jp> Signed-off-by: Karel Zak <kzak@redhat.com>
This commit is contained in:
parent
294940de30
commit
71bf788444
|
@ -738,12 +738,15 @@ the -f option to force it.\n"),
|
|||
security_context_t oldcontext;
|
||||
context_t newcontext;
|
||||
|
||||
if ((fgetfilecon(DEV, &oldcontext) < 0) &&
|
||||
(errno != ENODATA)) {
|
||||
fprintf(stderr, _("%s: %s: unable to obtain selinux file label: %s\n"),
|
||||
program_name, device_name,
|
||||
strerror(errno));
|
||||
exit(1);
|
||||
if (fgetfilecon(DEV, &oldcontext) < 0) {
|
||||
if (errno != ENODATA) {
|
||||
fprintf(stderr, _("%s: %s: unable to obtain selinux file label: %s\n"),
|
||||
program_name, device_name,
|
||||
strerror(errno));
|
||||
exit(1);
|
||||
}
|
||||
if (matchpathcon(device_name, statbuf.st_mode, &oldcontext))
|
||||
die(_("unable to matchpathcon()"));
|
||||
}
|
||||
if (!(newcontext = context_new(oldcontext)))
|
||||
die(_("unable to create new selinux context"));
|
||||
|
|
Loading…
Reference in New Issue