avoid segfaulting when the kernel is ahead of libcap

2021-08-11 16:53:08 +08:00 · 2021-08-11 16:53:08 +08:00 · 1e7ceb9476
commit 1e7ceb9476
parent 06bac6d455
2 changed files with 67 additions and 2 deletions
--- a/backport-Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch
+++ b/backport-Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch
@ -0,0 +1,58 @@
+From d10409db4cda0ab56d500de5658b9c6851301c2a Mon Sep 17 00:00:00 2001
+From: "Andrew G. Morgan" <morgan@kernel.org>
+Date: Sat, 2 May 2020 17:10:25 -0700
+Subject: [PATCH] Avoid segfaulting when the kernel is ahead of libcap.
+
+Fixes bug report from Heiner Kallweit:
+
+  https://bugzilla.kernel.org/show_bug.cgi?id=207549
+
+This bug was triggered when the kernel being run knows about
+more capabilities than the running build of libcap does. The
+issue is that in two places libcap assumed that _cap_names[]
+was long enough to name cap_max_bits() worth of capabilities.
+
+Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
+---
+ libcap/cap_text.c | 14 +++++++++-----
+ 1 file changed, 9 insertions(+), 5 deletions(-)
+
+diff --git a/libcap/cap_text.c b/libcap/cap_text.c
+index 650a02c..b11ff6b 100644
+--- a/libcap/cap_text.c
+++ b/libcap/cap_text.c
+@@ -57,8 +57,9 @@ static char const *namcmp(char const *str, char const *nam)
+ }
+ 
+ /*
+- * forceall forces all of the named capabilities to be assigned the
+- * masked value, and zeroed otherwise.
+ * forceall forces all of the kernel named capabilities to be assigned
+ * the masked value, and zeroed otherwise. Note, if the kernel is ahead
+ * of libcap, the upper bits will be referred to by number.
+  */
+ static void forceall(__u32 *flat, __u32 value, unsigned blks)
+ {
+@@ -112,13 +113,16 @@ static int lookupname(char const **strp)
+ 	}
+ #else /* ie., ndef GPERF_DOWNCASE */
+ 	char const *s;
+-	unsigned n;
+-
+-	for (n = cap_max_bits(); n--; )
+	unsigned n = cap_max_bits();
+	if (n > __CAP_BITS) {
+	    n = __CAP_BITS;
+	}
+	while (n--) {
+ 	    if (_cap_names[n] && (s = namcmp(str.constp, _cap_names[n]))) {
+ 		*strp = s;
+ 		return n;
+ 	    }
+	}
+ #endif /* def GPERF_DOWNCASE */
+ 
+ 	return -1;   	/* No definition available */
+-- 
+1.8.3.1
+
--- a/libcap.spec
+++ b/libcap.spec
@ -1,12 +1,13 @@
 Name:     libcap
 Version:  2.32
-Release:  1
+Release:  2
 Summary:  A library for getting and setting POSIX.1e draft 15 capabilities        
 License:  GPLv2
 URL:      https://sites.google.com/site/fullycapable
 Source0:  https://www.kernel.org/pub/linux/libs/security/linux-privs/libcap2/%{name}-%{version}.tar.gz

-Patch6000:   libcap-buildflags.patch
+Patch0:   libcap-buildflags.patch
+Patch1:   backport-Avoid-segfaulting-when-the-kernel-is-ahead-of-libcap.patch

 BuildRequires: libattr-devel pam-devel perl-interpreter gcc

@ -67,6 +68,12 @@ chmod +x %{buildroot}/%{_libdir}/*.so.*
 %{_mandir}/man8/*.gz

 %changelog
+* Wed Aug 11 2021 panxiaohe<panxiaohe@huawei.com> - 2.32-2
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: avoid segfaulting when the kernel is ahead of libcap
+
 * Thu Apr 16 2020 zhangchenfeng<zhangchenfeng1@huawei.com> - 2.32-1
 - Type:enhancement
 - ID:NA