backport patch
(cherry picked from commit b054eba076308f641774edbf4dadaf34f0de7a99)
This commit is contained in:
zgzxx
openeuler-sync-bot
parent
6c5d0bfcf8
commit
7e175c6cea
@ -0,0 +1,34 @@
|
||||
From c916f0884bd08b99ddc77b6a148a730d107a9979 Mon Sep 17 00:00:00 2001
|
||||
From: Juraj Marcin <juraj@jurajmarcin.com>
|
||||
Date: Mon, 29 Aug 2022 14:28:40 +0200
|
||||
Subject: [PATCH] checkpolicy: avoid passing NULL pointer to memset()
|
||||
|
||||
Function `class_perm_node_init()` is called with `dest_perms` before it
|
||||
is checked that its allocation succeeded. If the allocation fails, then
|
||||
a NULL pointer is passed to `memset()` inside the
|
||||
`class_perm_node_init()` function.
|
||||
|
||||
Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
|
||||
Conflict: file path adaptation
|
||||
---
|
||||
checkpolicy/policy_define.c | 3 ++-
|
||||
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||
|
||||
diff --git a/policy_define.c b/policy_define.c
|
||||
index f3b488702..54bb304b3 100644
|
||||
--- a/policy_define.c
|
||||
+++ b/policy_define.c
|
||||
@@ -2371,11 +2371,12 @@ static int avrule_cpy(avrule_t *dest, const avrule_t *src)
|
||||
src_perms = src->perms;
|
||||
while (src_perms) {
|
||||
dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
|
||||
- class_perm_node_init(dest_perms);
|
||||
if (!dest_perms) {
|
||||
yyerror("out of memory");
|
||||
return -1;
|
||||
}
|
||||
+ class_perm_node_init(dest_perms);
|
||||
+
|
||||
if (!dest->perms)
|
||||
dest->perms = dest_perms;
|
||||
else
|
||||
@ -1,11 +1,13 @@
|
||||
Name: checkpolicy
|
||||
Version: 3.1
|
||||
Release: 1
|
||||
Release: 2
|
||||
Summary: SELinux policy compiler
|
||||
License: GPLv2
|
||||
URL: https://github.com/SELinuxProject/selinux
|
||||
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/checkpolicy-3.1.tar.gz
|
||||
|
||||
Patch0: backport-checkpolicy-avoid-passing-NULL-pointer-to-memset.patch
|
||||
|
||||
BuildRequires: gcc byacc bison flex flex-static libsepol-static libselinux-devel git
|
||||
|
||||
Conflicts: selinux-policy-base < 3.13.1-138
|
||||
@ -54,6 +56,10 @@ install test/dispol %{buildroot}%{_bindir}/sedispol
|
||||
%{_mandir}/*/*
|
||||
|
||||
%changelog
|
||||
* Thu Feb 16 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 3.1-2
|
||||
- backport patch
|
||||
backport checkpolicy avoid passing NULL pointer to memset
|
||||
|
||||
* Tue Aug 25 2020 liquor <lirui130@huawei.com> - 3.1-1
|
||||
- update to 3.1
|
||||
|
||||
|
||||
Loading…
x
Reference in New Issue
Block a user