packages/checkpolicy
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

backport patch

Browse Source 
(cherry picked from commit b054eba076308f641774edbf4dadaf34f0de7a99)
This commit is contained in:
zgzxx 2023-02-16 15:19:02 +08:00 committed by openeuler-sync-bot
parent 6c5d0bfcf8
commit 7e175c6cea
2 changed files with 41 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

34
backport-checkpolicy-avoid-passing-NULL-pointer-to-memset.patch Normal file
View File

@ -0,0 +1,34 @@
From c916f0884bd08b99ddc77b6a148a730d107a9979 Mon Sep 17 00:00:00 2001
From: Juraj Marcin <juraj@jurajmarcin.com>
Date: Mon, 29 Aug 2022 14:28:40 +0200
Subject: [PATCH] checkpolicy: avoid passing NULL pointer to memset()
Function `class_perm_node_init()` is called with `dest_perms` before it
is checked that its allocation succeeded. If the allocation fails, then
a NULL pointer is passed to `memset()` inside the
`class_perm_node_init()` function.
Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
Conflict: file path adaptation
---
checkpolicy/policy_define.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/policy_define.c b/policy_define.c
index f3b488702..54bb304b3 100644
--- a/policy_define.c
+++ b/policy_define.c
@@ -2371,11 +2371,12 @@ static int avrule_cpy(avrule_t *dest, const avrule_t *src)
src_perms = src->perms;
while (src_perms) {
dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
- class_perm_node_init(dest_perms);
if (!dest_perms) {
yyerror("out of memory");
return -1;
}
+ class_perm_node_init(dest_perms);
+
if (!dest->perms)
dest->perms = dest_perms;
else

8
checkpolicy.spec
View File

@ -1,11 +1,13 @@
Name: checkpolicy Name: checkpolicy
Version: 3.1 Version: 3.1
Release: 1 Release: 2
Summary: SELinux policy compiler Summary: SELinux policy compiler
License: GPLv2 License: GPLv2
URL: https://github.com/SELinuxProject/selinux URL: https://github.com/SELinuxProject/selinux
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/checkpolicy-3.1.tar.gz Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/checkpolicy-3.1.tar.gz
Patch0: backport-checkpolicy-avoid-passing-NULL-pointer-to-memset.patch
BuildRequires: gcc byacc bison flex flex-static libsepol-static libselinux-devel git BuildRequires: gcc byacc bison flex flex-static libsepol-static libselinux-devel git
Conflicts: selinux-policy-base < 3.13.1-138 Conflicts: selinux-policy-base < 3.13.1-138
@ -54,6 +56,10 @@ install test/dispol %{buildroot}%{_bindir}/sedispol
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Thu Feb 16 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 3.1-2
- backport patch
backport checkpolicy avoid passing NULL pointer to memset
* Tue Aug 25 2020 liquor <lirui130@huawei.com> - 3.1-1 * Tue Aug 25 2020 liquor <lirui130@huawei.com> - 3.1-1
- update to 3.1 - update to 3.1