Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package libselinux for openSUSE:Factory checked in at 2024-07-12 17:04:25 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/libselinux (Old) and /work/SRC/openSUSE:Factory/.libselinux.new.17339 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "libselinux" Fri Jul 12 17:04:25 2024 rev:79 rq:1186963 version:3.7 Changes: -------- --- /work/SRC/openSUSE:Factory/libselinux/libselinux-bindings.changes 2024-01-08 23:43:50.099198946 +0100 +++ /work/SRC/openSUSE:Factory/.libselinux.new.17339/libselinux-bindings.changes 2024-07-12 17:04:35.948021609 +0200 @@ -1,0 +2,22 @@ +Mon Jul 1 07:53:14 UTC 2024 - Cathy Hu <cathy.hu@suse.com> + +- Update to version 3.7 + https://github.com/SELinuxProject/selinux/releases/tag/3.7 + * User-visible changes + * libselinux/utils/selabel_digest: drop unsupported option -d + * libselinux/utils: improve compute_av output + * libselinux: fail selabel_open(3) on invalid option + * Improved man pages + * Improvements + * libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks + * libselinux: enable usage with pedantic UB sanitizers + * libselinux: support huge passwd/group entries + * Bugfixes: + * libselinux/utils/selabel_digest: avoid buffer overflow + * libselinux: avoid pointer dereference before check + * libselinux/utils/selabel_digest: pass BASEONLY only for file backend + * libselinux: free empty scandir(3) result + * libselinux: free data on selabel open failure + * libselinux: use reentrant strtok_r(3) + +------------------------------------------------------------------- --- /work/SRC/openSUSE:Factory/libselinux/libselinux.changes 2024-01-08 23:43:50.139200400 +0100 +++ /work/SRC/openSUSE:Factory/.libselinux.new.17339/libselinux.changes 2024-07-12 17:04:36.052025431 +0200 @@ -1,0 +2,29 @@ +Thu Jul 11 19:47:41 UTC 2024 - Cathy Hu <cathy.hu@suse.com> + +- Fix segfault caused by upstream changes in selabel_open(): + libselinux-set-free-d-data-to-NULL.patch + Can be removed once it is upstream. + +------------------------------------------------------------------- +Mon Jul 1 07:53:14 UTC 2024 - Cathy Hu <cathy.hu@suse.com> + +- Update to version 3.7 + https://github.com/SELinuxProject/selinux/releases/tag/3.7 + * User-visible changes + * libselinux/utils/selabel_digest: drop unsupported option -d + * libselinux/utils: improve compute_av output + * libselinux: fail selabel_open(3) on invalid option + * Improved man pages + * Improvements + * libselinux, libsepol: Add CFLAGS and LDFLAGS to Makefile checks + * libselinux: enable usage with pedantic UB sanitizers + * libselinux: support huge passwd/group entries + * Bugfixes: + * libselinux/utils/selabel_digest: avoid buffer overflow + * libselinux: avoid pointer dereference before check + * libselinux/utils/selabel_digest: pass BASEONLY only for file backend + * libselinux: free empty scandir(3) result + * libselinux: free data on selabel open failure + * libselinux: use reentrant strtok_r(3) + +------------------------------------------------------------------- Old: ---- libselinux-3.6.tar.gz libselinux-3.6.tar.gz.asc New: ---- libselinux-3.7.tar.gz libselinux-3.7.tar.gz.asc libselinux-set-free-d-data-to-NULL.patch BETA DEBUG BEGIN: New:/work/SRC/openSUSE:Factory/.libselinux.new.17339/libselinux.changes-- Fix segfault caused by upstream changes in selabel_open(): /work/SRC/openSUSE:Factory/.libselinux.new.17339/libselinux.changes: libselinux-set-free-d-data-to-NULL.patch /work/SRC/openSUSE:Factory/.libselinux.new.17339/libselinux.changes- Can be removed once it is upstream. BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ libselinux-bindings.spec ++++++ --- /var/tmp/diff_new_pack.BzdPd8/_old 2024-07-12 17:04:36.964058940 +0200 +++ /var/tmp/diff_new_pack.BzdPd8/_new 2024-07-12 17:04:36.964058940 +0200 @@ -1,7 +1,7 @@ # # spec file for package libselinux-bindings # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -18,10 +18,10 @@ %{?sle15allpythons} %define python_subpackage_only 1 -%define libsepol_ver 3.6 +%define libsepol_ver 3.7 %define upname libselinux Name: libselinux-bindings -Version: 3.6 +Version: 3.7 Release: 0 Summary: SELinux runtime library and utilities License: SUSE-Public-Domain ++++++ libselinux.spec ++++++ --- /var/tmp/diff_new_pack.BzdPd8/_old 2024-07-12 17:04:36.996060116 +0200 +++ /var/tmp/diff_new_pack.BzdPd8/_new 2024-07-12 17:04:37.000060263 +0200 @@ -1,7 +1,7 @@ # # spec file for package libselinux # -# Copyright (c) 2023 SUSE LLC +# Copyright (c) 2024 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,9 +16,9 @@ # -%define libsepol_ver 3.6 +%define libsepol_ver 3.7 Name: libselinux -Version: 3.6 +Version: 3.7 Release: 0 Summary: SELinux runtime library and utilities License: SUSE-Public-Domain @@ -36,6 +36,9 @@ # Make linking working even when default pkg-config doesn’t provide -lpython<ver> Patch6: python3.8-compat.patch Patch7: swig4_moduleimport.patch +# Fixes segfault in 3.7, please remove once this is upstream: +# https://lore.kernel.org/selinux/CAP+JOzQCu0srfss921Ew42oHxsaqRYGiTs56_h9j2Yf... +Patch8: libselinux-set-free-d-data-to-NULL.patch BuildRequires: fdupes BuildRequires: libsepol-devel >= %{libsepol_ver} BuildRequires: libsepol-devel-static >= %{libsepol_ver} ++++++ libselinux-3.6.tar.gz -> libselinux-3.7.tar.gz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/VERSION new/libselinux-3.7/VERSION --- old/libselinux-3.6/VERSION 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/VERSION 2024-06-26 17:30:41.000000000 +0200 @@ -1 +1 @@ -3.6 +3.7 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/include/selinux/avc.h new/libselinux-3.7/include/selinux/avc.h --- old/libselinux-3.6/include/selinux/avc.h 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/include/selinux/avc.h 2024-06-26 17:30:41.000000000 +0200 @@ -215,7 +215,7 @@ * is set to "avc" and any callbacks desired should be specified via * selinux_set_callback(). Available options are listed above. */ -extern int avc_open(struct selinux_opt *opts, unsigned nopts); +extern int avc_open(const struct selinux_opt *opts, unsigned nopts); /** * avc_cleanup - Remove unused SIDs and AVC entries. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/include/selinux/selinux.h new/libselinux-3.7/include/selinux/selinux.h --- old/libselinux-3.6/include/selinux/selinux.h 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/include/selinux/selinux.h 2024-06-26 17:30:41.000000000 +0200 @@ -413,7 +413,7 @@ * starting at 1, and have one security_class_mapping structure entry * per define. */ -extern int selinux_set_mapping(struct security_class_mapping *map); +extern int selinux_set_mapping(const struct security_class_mapping *map); /* Common helpers */ @@ -443,7 +443,11 @@ /* Set the function used by matchpathcon_init when displaying errors about the file_contexts configuration. If not set, then this defaults to fprintf(stderr, fmt, ...). */ -extern void set_matchpathcon_printf(void (*f) (const char *fmt, ...)); +extern void set_matchpathcon_printf(void +#ifdef __GNUC__ + __attribute__ ((format(printf, 1, 2))) +#endif + (*f) (const char *fmt, ...)); /* Set the function used by matchpathcon_init when checking the validity of a context in the file contexts configuration. If not set, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/avc_context_to_sid.3 new/libselinux-3.7/man/man3/avc_context_to_sid.3 --- old/libselinux-3.6/man/man3/avc_context_to_sid.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/avc_context_to_sid.3 2024-06-26 17:30:41.000000000 +0200 @@ -10,7 +10,7 @@ .br .B #include <selinux/avc.h> .sp -.BI "int avc_context_to_sid(char *" ctx ", security_id_t *" sid ");" +.BI "int avc_context_to_sid(const char *" ctx ", security_id_t *" sid ");" .sp .BI "int avc_sid_to_context(security_id_t " sid ", char **" ctx ");" .sp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/avc_open.3 new/libselinux-3.7/man/man3/avc_open.3 --- old/libselinux-3.6/man/man3/avc_open.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/avc_open.3 2024-06-26 17:30:41.000000000 +0200 @@ -10,7 +10,7 @@ .br .B #include <selinux/avc.h> .sp -.BI "int avc_open(struct selinux_opt *" options ", unsigned " nopt ");" +.BI "int avc_open(const struct selinux_opt *" options ", unsigned " nopt ");" .sp .BI "void avc_destroy(void);" .sp diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/getfscreatecon.3 new/libselinux-3.7/man/man3/getfscreatecon.3 --- old/libselinux-3.6/man/man3/getfscreatecon.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/getfscreatecon.3 2024-06-26 17:30:41.000000000 +0200 @@ -9,9 +9,9 @@ .sp .BI "int getfscreatecon_raw(char **" con ); .sp -.BI "int setfscreatecon(char *" context ); +.BI "int setfscreatecon(const char *" context ); .sp -.BI "int setfscreatecon_raw(char *" context ); +.BI "int setfscreatecon_raw(const char *" context ); . .SH "DESCRIPTION" .BR getfscreatecon () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/getkeycreatecon.3 new/libselinux-3.7/man/man3/getkeycreatecon.3 --- old/libselinux-3.6/man/man3/getkeycreatecon.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/getkeycreatecon.3 2024-06-26 17:30:41.000000000 +0200 @@ -9,9 +9,9 @@ .sp .BI "int getkeycreatecon_raw(char **" con ); .sp -.BI "int setkeycreatecon(char *" context ); +.BI "int setkeycreatecon(const char *" context ); .sp -.BI "int setkeycreatecon_raw(char *" context ); +.BI "int setkeycreatecon_raw(const char *" context ); . .SH "DESCRIPTION" .BR getkeycreatecon () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/getsockcreatecon.3 new/libselinux-3.7/man/man3/getsockcreatecon.3 --- old/libselinux-3.6/man/man3/getsockcreatecon.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/getsockcreatecon.3 2024-06-26 17:30:41.000000000 +0200 @@ -9,9 +9,9 @@ .sp .BI "int getsockcreatecon_raw(char **" con ); .sp -.BI "int setsockcreatecon(char *" context ); +.BI "int setsockcreatecon(const char *" context ); .sp -.BI "int setsockcreatecon_raw(char *" context ); +.BI "int setsockcreatecon_raw(const char *" context ); . .SH "DESCRIPTION" .BR getsockcreatecon () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/init_selinuxmnt.3 new/libselinux-3.7/man/man3/init_selinuxmnt.3 --- old/libselinux-3.6/man/man3/init_selinuxmnt.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/init_selinuxmnt.3 2024-06-26 17:30:41.000000000 +0200 @@ -7,7 +7,7 @@ .sp .BI "static void fini_selinuxmnt(void);" .sp -.BI "void set_selinuxmnt(char *" mnt ");" +.BI "void set_selinuxmnt(const char *" mnt ");" . .SH "DESCRIPTION" .BR init_selinuxmnt () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/is_context_customizable.3 new/libselinux-3.7/man/man3/is_context_customizable.3 --- old/libselinux-3.6/man/man3/is_context_customizable.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/is_context_customizable.3 2024-06-26 17:30:41.000000000 +0200 @@ -5,7 +5,7 @@ .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp -.BI "int is_context_customizable(char *" scon ); +.BI "int is_context_customizable(const char *" scon ); . .SH "DESCRIPTION" This function checks whether the type of scon is in the diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/is_selinux_enabled.3 new/libselinux-3.7/man/man3/is_selinux_enabled.3 --- old/libselinux-3.6/man/man3/is_selinux_enabled.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/is_selinux_enabled.3 2024-06-26 17:30:41.000000000 +0200 @@ -8,9 +8,9 @@ .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp -.B int is_selinux_enabled(); +.B int is_selinux_enabled(void); .sp -.B int is_selinux_mls_enabled(); +.B int is_selinux_mls_enabled(void); . .SH "DESCRIPTION" .BR is_selinux_enabled () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/security_policyvers.3 new/libselinux-3.7/man/man3/security_policyvers.3 --- old/libselinux-3.6/man/man3/security_policyvers.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/security_policyvers.3 2024-06-26 17:30:41.000000000 +0200 @@ -4,7 +4,7 @@ .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp -.B int security_policyvers(); +.B int security_policyvers(void); . .SH "DESCRIPTION" .BR security_policyvers () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/security_validatetrans.3 new/libselinux-3.7/man/man3/security_validatetrans.3 --- old/libselinux-3.6/man/man3/security_validatetrans.3 1970-01-01 01:00:00.000000000 +0100 +++ new/libselinux-3.7/man/man3/security_validatetrans.3 2024-06-26 17:30:41.000000000 +0200 @@ -0,0 +1 @@ +.so man3/security_compute_av.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/security_validatetrans.c new/libselinux-3.7/man/man3/security_validatetrans.c --- old/libselinux-3.6/man/man3/security_validatetrans.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/security_validatetrans.c 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -.so man3/security_compute_av.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/security_validatetrans_raw.3 new/libselinux-3.7/man/man3/security_validatetrans_raw.3 --- old/libselinux-3.6/man/man3/security_validatetrans_raw.3 1970-01-01 01:00:00.000000000 +0100 +++ new/libselinux-3.7/man/man3/security_validatetrans_raw.3 2024-06-26 17:30:41.000000000 +0200 @@ -0,0 +1 @@ +.so man3/security_compute_av.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/security_validatetrans_raw.c new/libselinux-3.7/man/man3/security_validatetrans_raw.c --- old/libselinux-3.6/man/man3/security_validatetrans_raw.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/security_validatetrans_raw.c 1970-01-01 01:00:00.000000000 +0100 @@ -1 +0,0 @@ -.so man3/security_compute_av.3 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/selabel_lookup.3 new/libselinux-3.7/man/man3/selabel_lookup.3 --- old/libselinux-3.6/man/man3/selabel_lookup.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/selabel_lookup.3 2024-06-26 17:30:41.000000000 +0200 @@ -64,7 +64,8 @@ .I key and/or .I type -inputs are invalid, or the context being returned failed validation. +inputs are invalid, or the context being returned failed validation, or a +regular expression in the database failed to compile. .TP .B ENOMEM An attempt to allocate memory failed. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/selabel_lookup_best_match.3 new/libselinux-3.7/man/man3/selabel_lookup_best_match.3 --- old/libselinux-3.6/man/man3/selabel_lookup_best_match.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/selabel_lookup_best_match.3 2024-06-26 17:30:41.000000000 +0200 @@ -78,7 +78,8 @@ .I key and/or .I type -inputs are invalid, or the context being returned failed validation. +inputs are invalid, or the context being returned failed validation, or a +regular expression in the database failed to compile. .TP .B ENOMEM An attempt to allocate memory failed. diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/selinux_check_securetty_context.3 new/libselinux-3.7/man/man3/selinux_check_securetty_context.3 --- old/libselinux-3.6/man/man3/selinux_check_securetty_context.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/selinux_check_securetty_context.3 2024-06-26 17:30:41.000000000 +0200 @@ -5,12 +5,12 @@ .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp -.BI "int selinux_check_securetty_context(char *" tty_context ); +.BI "int selinux_check_securetty_context(const char *" tty_context ); . .SH "DESCRIPTION" .BR selinux_check_securetty_context () returns 0 if tty_context is a securetty context, -returns < 0 otherwise. +returns < 0 otherwise. . .SH "SEE ALSO" .BR selinux "(8)" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/selinux_raw_context_to_color.3 new/libselinux-3.7/man/man3/selinux_raw_context_to_color.3 --- old/libselinux-3.6/man/man3/selinux_raw_context_to_color.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/selinux_raw_context_to_color.3 2024-06-26 17:30:41.000000000 +0200 @@ -5,7 +5,7 @@ .SH "SYNOPSIS" .B #include <selinux/selinux.h> .sp -.BI "int selinux_raw_context_to_color(char *" raw ", " +.BI "int selinux_raw_context_to_color(const char *" raw ", " .RS .BI "char **" color_str ");" .RE diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/man/man3/selinux_set_mapping.3 new/libselinux-3.7/man/man3/selinux_set_mapping.3 --- old/libselinux-3.6/man/man3/selinux_set_mapping.3 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/man/man3/selinux_set_mapping.3 2024-06-26 17:30:41.000000000 +0200 @@ -15,7 +15,7 @@ }; .fi .sp -.BI "int selinux_set_mapping(struct security_class_mapping *" map ");" +.BI "int selinux_set_mapping(const struct security_class_mapping *" map ");" . .SH "DESCRIPTION" .BR selinux_set_mapping () diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/Makefile new/libselinux-3.7/src/Makefile --- old/libselinux-3.6/src/Makefile 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/Makefile 2024-06-26 17:30:41.000000000 +0200 @@ -104,13 +104,13 @@ # check for strlcpy(3) availability H := \# -ifeq (yes,$(shell printf '${H}include <string.h>\nint main(void){char*d,*s;strlcpy(d, s, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes)) +ifeq (yes,$(shell printf '${H}include <string.h>\nint main(void){char d[2];const char *s="a";return (size_t)strlcpy(d,s,sizeof(d))>=sizeof(d);}' | $(CC) $(CFLAGS) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes)) override CFLAGS += -DHAVE_STRLCPY endif # check for reallocarray(3) availability H := \# -ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){reallocarray(NULL, 0, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes)) +ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){return reallocarray(NULL,0,0)==NULL;}' | $(CC) $(CFLAGS) $(LDFLAGS) -x c -o /dev/null - >/dev/null 2>&1 && echo yes)) override CFLAGS += -DHAVE_REALLOCARRAY endif diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/audit2why.c new/libselinux-3.7/src/audit2why.c --- old/libselinux-3.6/src/audit2why.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/audit2why.c 2024-06-26 17:30:41.000000000 +0200 @@ -148,7 +148,7 @@ sepol_bool_free(boolean); if (fcnt > 0) { - *bools = calloc(sizeof(struct boolean_t), fcnt + 1); + *bools = calloc(fcnt + 1, sizeof(struct boolean_t)); if (!*bools) { PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); free(foundlist); @@ -226,7 +226,7 @@ return 1; } - avc = calloc(sizeof(struct avc_t), 1); + avc = calloc(1, sizeof(struct avc_t)); if (!avc) { PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); fclose(fp); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/avc.c new/libselinux-3.7/src/avc.c --- old/libselinux-3.6/src/avc.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/avc.c 2024-06-26 17:30:41.000000000 +0200 @@ -225,17 +225,19 @@ return rc; } -int avc_open(struct selinux_opt *opts, unsigned nopts) +int avc_open(const struct selinux_opt *opts, unsigned nopts) { avc_setenforce = 0; - while (nopts--) + while (nopts) { + nopts--; switch(opts[nopts].type) { case AVC_OPT_SETENFORCE: avc_setenforce = 1; avc_enforcing = !!opts[nopts].value; break; } + } return avc_init_internal("avc", NULL, NULL, NULL, NULL); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/avc_sidtab.c new/libselinux-3.7/src/avc_sidtab.c --- old/libselinux-3.6/src/avc_sidtab.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/avc_sidtab.c 2024-06-26 17:30:41.000000000 +0200 @@ -13,6 +13,7 @@ #include "avc_sidtab.h" #include "avc_internal.h" +ignore_unsigned_overflow_ static inline unsigned sidtab_hash(const char * key) { unsigned int hash = 5381; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/booleans.c new/libselinux-3.7/src/booleans.c --- old/libselinux-3.6/src/booleans.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/booleans.c 2024-06-26 17:30:41.000000000 +0200 @@ -53,7 +53,11 @@ snprintf(path, sizeof path, "%s%s", selinux_mnt, SELINUX_BOOL_DIR); *len = scandir(path, &namelist, &filename_select, alphasort); - if (*len <= 0) { + if (*len < 0) { + return -1; + } + if (*len == 0) { + free(namelist); errno = ENOENT; return -1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/get_context_list.c new/libselinux-3.7/src/get_context_list.c --- old/libselinux-3.6/src/get_context_list.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/get_context_list.c 2024-06-26 17:30:41.000000000 +0200 @@ -7,7 +7,9 @@ #include <string.h> #include <ctype.h> #include <pwd.h> + #include "selinux_internal.h" +#include "callbacks.h" #include "context_internal.h" #include "get_context_list_internal.h" @@ -128,7 +130,7 @@ } static int get_context_user(FILE * fp, - const char * fromcon, + context_t fromcon, const char * user, char ***reachable, unsigned int *nreachable) @@ -144,7 +146,6 @@ char **new_reachable = NULL; char *usercon_str; const char *usercon_str2; - context_t con; context_t usercon; int rc; @@ -153,14 +154,10 @@ /* Extract the role and type of the fromcon for matching. User identity and MLS range can be variable. */ - con = context_new(fromcon); - if (!con) - return -1; - fromrole = context_role_get(con); - fromtype = context_type_get(con); - fromlevel = context_range_get(con); + fromrole = context_role_get(fromcon); + fromtype = context_type_get(fromcon); + fromlevel = context_range_get(fromcon); if (!fromrole || !fromtype) { - context_free(con); return -1; } @@ -224,7 +221,7 @@ /* Check whether a new context is valid */ if (SIZE_MAX - user_len < strlen(start) + 2) { - fprintf(stderr, "%s: one of partial contexts is too big\n", __FUNCTION__); + selinux_log(SELINUX_ERROR, "%s: one of partial contexts is too big\n", __FUNCTION__); errno = EINVAL; rc = -1; goto out; @@ -245,7 +242,7 @@ rc = -1; goto out; } - fprintf(stderr, + selinux_log(SELINUX_ERROR, "%s: can't create a context from %s, skipping\n", __FUNCTION__, usercon_str); free(usercon_str); @@ -294,7 +291,6 @@ rc = 0; out: - context_free(con); free(line); return rc; } @@ -416,6 +412,7 @@ char *fname = NULL; size_t fname_len; const char *user_contexts_path = selinux_user_contexts_path(); + context_t con = NULL; if (!fromcon) { /* Get the current context and use it for the starting context */ @@ -425,6 +422,10 @@ fromcon = backup_fromcon; } + con = context_new(fromcon); + if (!con) + goto failsafe; + /* Determine the ordering to apply from the optional per-user config and from the global config. */ fname_len = strlen(user_contexts_path) + strlen(user) + 2; @@ -435,11 +436,11 @@ fp = fopen(fname, "re"); if (fp) { __fsetlocking(fp, FSETLOCKING_BYCALLER); - rc = get_context_user(fp, fromcon, user, &reachable, &nreachable); + rc = get_context_user(fp, con, user, &reachable, &nreachable); fclose(fp); if (rc < 0 && errno != ENOENT) { - fprintf(stderr, + selinux_log(SELINUX_ERROR, "%s: error in processing configuration file %s\n", __FUNCTION__, fname); /* Fall through, try global config */ @@ -449,10 +450,10 @@ fp = fopen(selinux_default_context_path(), "re"); if (fp) { __fsetlocking(fp, FSETLOCKING_BYCALLER); - rc = get_context_user(fp, fromcon, user, &reachable, &nreachable); + rc = get_context_user(fp, con, user, &reachable, &nreachable); fclose(fp); if (rc < 0 && errno != ENOENT) { - fprintf(stderr, + selinux_log(SELINUX_ERROR, "%s: error in processing configuration file %s\n", __FUNCTION__, selinux_default_context_path()); /* Fall through */ @@ -470,6 +471,7 @@ else freeconary(reachable); + context_free(con); freecon(backup_fromcon); return rc; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/is_customizable_type.c new/libselinux-3.7/src/is_customizable_type.c --- old/libselinux-3.6/src/is_customizable_type.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/is_customizable_type.c 2024-06-26 17:30:41.000000000 +0200 @@ -39,9 +39,7 @@ } if (ctr) { - list = - (char **) calloc(sizeof(char *), - ctr + 1); + list = calloc(ctr + 1, sizeof(char *)); if (list) { i = 0; while (fgets_unlocked(buf, selinux_page_size, fp) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label.c new/libselinux-3.7/src/label.c --- old/libselinux-3.6/src/label.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label.c 2024-06-26 17:30:41.000000000 +0200 @@ -60,9 +60,10 @@ { struct selabel_digest *digest = NULL; - while (n--) { + while (n) { + n--; if (opts[n].type == SELABEL_OPT_DIGEST && - opts[n].value == (char *)1) { + !!opts[n].value) { digest = calloc(1, sizeof(*digest)); if (!digest) goto err; @@ -112,9 +113,11 @@ static inline int selabel_is_validate_set(const struct selinux_opt *opts, unsigned n) { - while (n--) + while (n) { + n--; if (opts[n].type == SELABEL_OPT_VALIDATE) return !!opts[n].value; + } return 0; } @@ -222,10 +225,7 @@ rec->digest = selabel_is_digest_set(opts, nopts); if ((*initfuncs[backend])(rec, opts, nopts)) { - if (rec->digest) - selabel_digest_fini(rec->digest); - free(rec->spec_file); - free(rec); + selabel_close(rec); rec = NULL; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label_backends_android.c new/libselinux-3.7/src/label_backends_android.c --- old/libselinux-3.6/src/label_backends_android.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label_backends_android.c 2024-06-26 17:30:41.000000000 +0200 @@ -152,12 +152,21 @@ struct stat sb; /* Process arguments */ - while (n--) + while (n) { + n--; switch (opts[n].type) { case SELABEL_OPT_PATH: path = opts[n].value; break; + case SELABEL_OPT_UNUSED: + case SELABEL_OPT_VALIDATE: + case SELABEL_OPT_DIGEST: + break; + default: + errno = EINVAL; + return -1; } + } if (!path) return -1; @@ -237,6 +246,9 @@ struct spec *spec; unsigned int i; + if (!data) + return; + for (i = 0; i < data->nspec; i++) { spec = &data->spec_arr[i]; free(spec->property_key); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label_db.c new/libselinux-3.7/src/label_db.c --- old/libselinux-3.6/src/label_db.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label_db.c 2024-06-26 17:30:41.000000000 +0200 @@ -178,6 +178,9 @@ spec_t *spec; unsigned int i; + if (!catalog) + return; + for (i = 0; i < catalog->nspec; i++) { spec = &catalog->specs[i]; free(spec->key); @@ -263,11 +266,20 @@ * the default one. If RDBMS is not SE-PostgreSQL, it may need to * specify an explicit specfile for database objects. */ - while (nopts--) { + while (nopts) { + nopts--; switch (opts[nopts].type) { case SELABEL_OPT_PATH: path = opts[nopts].value; break; + case SELABEL_OPT_UNUSED: + case SELABEL_OPT_VALIDATE: + case SELABEL_OPT_DIGEST: + break; + default: + free(catalog); + errno = EINVAL; + return NULL; } } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label_file.c new/libselinux-3.7/src/label_file.c --- old/libselinux-3.6/src/label_file.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label_file.c 2024-06-26 17:30:41.000000000 +0200 @@ -68,7 +68,7 @@ /* * hash calculation and key comparison of hash table */ - +ignore_unsigned_overflow_ static unsigned int symhash(hashtab_t h, const_hashtab_key_t key) { const struct chkdups_key *k = (const struct chkdups_key *)key; @@ -801,7 +801,8 @@ int status = -1, baseonly = 0; /* Process arguments */ - while (n--) + while (n) { + n--; switch(opts[n].type) { case SELABEL_OPT_PATH: path = opts[n].value; @@ -812,7 +813,15 @@ case SELABEL_OPT_BASEONLY: baseonly = !!opts[n].value; break; + case SELABEL_OPT_UNUSED: + case SELABEL_OPT_VALIDATE: + case SELABEL_OPT_DIGEST: + break; + default: + errno = EINVAL; + return -1; } + } #if !defined(BUILD_HOST) && !defined(ANDROID) char subs_file[PATH_MAX + 1]; @@ -895,6 +904,9 @@ struct stem *stem; unsigned int i; + if (!data) + return; + selabel_subs_fini(data->subs); selabel_subs_fini(data->dist_subs); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label_media.c new/libselinux-3.7/src/label_media.c --- old/libselinux-3.6/src/label_media.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label_media.c 2024-06-26 17:30:41.000000000 +0200 @@ -80,12 +80,21 @@ struct stat sb; /* Process arguments */ - while (n--) + while (n) { + n--; switch(opts[n].type) { case SELABEL_OPT_PATH: path = opts[n].value; break; + case SELABEL_OPT_UNUSED: + case SELABEL_OPT_VALIDATE: + case SELABEL_OPT_DIGEST: + break; + default: + errno = EINVAL; + return -1; } +} /* Open the specification file. */ if (!path) @@ -155,9 +164,14 @@ static void close(struct selabel_handle *rec) { struct saved_data *data = (struct saved_data *)rec->data; - struct spec *spec, *spec_arr = data->spec_arr; + struct spec *spec, *spec_arr; unsigned int i; + if (!data) + return; + + spec_arr = data->spec_arr; + for (i = 0; i < data->nspec; i++) { spec = &spec_arr[i]; free(spec->key); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/label_x.c new/libselinux-3.7/src/label_x.c --- old/libselinux-3.6/src/label_x.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/label_x.c 2024-06-26 17:30:41.000000000 +0200 @@ -107,12 +107,21 @@ struct stat sb; /* Process arguments */ - while (n--) + while (n) { + n--; switch(opts[n].type) { case SELABEL_OPT_PATH: path = opts[n].value; break; + case SELABEL_OPT_UNUSED: + case SELABEL_OPT_VALIDATE: + case SELABEL_OPT_DIGEST: + break; + default: + errno = EINVAL; + return -1; } + } /* Open the specification file. */ if (!path) @@ -182,9 +191,14 @@ static void close(struct selabel_handle *rec) { struct saved_data *data = (struct saved_data *)rec->data; - struct spec *spec, *spec_arr = data->spec_arr; + struct spec *spec, *spec_arr; unsigned int i; + if (!data) + return; + + spec_arr = data->spec_arr; + for (i = 0; i < data->nspec; i++) { spec = &spec_arr[i]; free(spec->key); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/mapping.c new/libselinux-3.7/src/mapping.c --- old/libselinux-3.6/src/mapping.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/mapping.c 2024-06-26 17:30:41.000000000 +0200 @@ -31,7 +31,7 @@ */ int -selinux_set_mapping(struct security_class_mapping *map) +selinux_set_mapping(const struct security_class_mapping *map) { size_t size = sizeof(struct selinux_mapping); security_class_t i, j; @@ -64,7 +64,7 @@ /* Store the raw class and permission values */ j = 0; while (map[j].name) { - struct security_class_mapping *p_in = map + (j++); + const struct security_class_mapping *p_in = map + (j++); struct selinux_mapping *p_out = current_mapping + j; p_out->value = string_to_security_class(p_in->name); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/selinux_internal.h new/libselinux-3.7/src/selinux_internal.h --- old/libselinux-3.6/src/selinux_internal.h 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/selinux_internal.h 2024-06-26 17:30:41.000000000 +0200 @@ -102,4 +102,15 @@ void *reallocarray(void *ptr, size_t nmemb, size_t size); #endif +/* Use to ignore intentional unsigned under- and overflows while running under UBSAN. */ +#if defined(__clang__) && defined(__clang_major__) && (__clang_major__ >= 4) +#if (__clang_major__ >= 12) +#define ignore_unsigned_overflow_ __attribute__((no_sanitize("unsigned-integer-overflow", "unsigned-shift-base"))) +#else +#define ignore_unsigned_overflow_ __attribute__((no_sanitize("unsigned-integer-overflow"))) +#endif +#else +#define ignore_unsigned_overflow_ +#endif + #endif /* SELINUX_INTERNAL_H_ */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/selinux_restorecon.c new/libselinux-3.7/src/selinux_restorecon.c --- old/libselinux-3.6/src/selinux_restorecon.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/selinux_restorecon.c 2024-06-26 17:30:41.000000000 +0200 @@ -243,7 +243,7 @@ int index = 0, found = 0; uint64_t nfile = 0; char *mount_info[4]; - char *buf = NULL, *item; + char *buf = NULL, *item, *saveptr; /* Check to see if the kernel supports seclabel */ if (uname(&uts) == 0 && strverscmp(uts.release, "2.6.30") < 0) @@ -258,13 +258,14 @@ while (getline(&buf, &len, fp) != -1) { found = 0; index = 0; - item = strtok(buf, " "); + saveptr = NULL; + item = strtok_r(buf, " ", &saveptr); while (item != NULL) { mount_info[index] = item; index++; if (index == 4) break; - item = strtok(NULL, " "); + item = strtok_r(NULL, " ", &saveptr); } if (index < 4) { selinux_log(SELINUX_ERROR, @@ -276,14 +277,15 @@ /* Remove pre-existing entry */ remove_exclude(mount_info[1]); - item = strtok(mount_info[3], ","); + saveptr = NULL; + item = strtok_r(mount_info[3], ",", &saveptr); while (item != NULL) { if (strcmp(item, "seclabel") == 0) { found = 1; nfile += file_system_count(mount_info[1]); break; } - item = strtok(NULL, ","); + item = strtok_r(NULL, ",", &saveptr); } /* Exclude mount points without the seclabel option */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/setup.py new/libselinux-3.7/src/setup.py --- old/libselinux-3.6/src/setup.py 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/setup.py 2024-06-26 17:30:41.000000000 +0200 @@ -4,7 +4,7 @@ setup( name="selinux", - version="3.6", + version="3.7", description="SELinux python 3 bindings", author="SELinux Project", author_email="selinux@vger.kernel.org", diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/seusers.c new/libselinux-3.7/src/seusers.c --- old/libselinux-3.6/src/seusers.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/seusers.c 2024-06-26 17:30:41.000000000 +0200 @@ -6,9 +6,13 @@ #include <stdio_ext.h> #include <ctype.h> #include <errno.h> +#include <limits.h> + #include <selinux/selinux.h> #include <selinux/context.h> + #include "selinux_internal.h" +#include "callbacks.h" /* Process line from seusers.conf and split into its fields. Returns 0 on success, -1 on comments, and -2 on error. */ @@ -95,17 +99,32 @@ static gid_t get_default_gid(const char *name) { struct passwd pwstorage, *pwent = NULL; - gid_t gid = -1; + gid_t gid = (gid_t)-1; /* Allocate space for the getpwnam_r buffer */ + char *rbuf = NULL; long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - if (rbuflen <= 0) return -1; - char *rbuf = malloc(rbuflen); - if (rbuf == NULL) return -1; - - int retval = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent); - if (retval == 0 && pwent) { - gid = pwent->pw_gid; + if (rbuflen <= 0) + rbuflen = 1024; + + for (;;) { + int rc; + + rbuf = malloc(rbuflen); + if (rbuf == NULL) + break; + + rc = getpwnam_r(name, &pwstorage, rbuf, rbuflen, &pwent); + if (rc == ERANGE && rbuflen < LONG_MAX / 2) { + free(rbuf); + rbuflen *= 2; + continue; + } + if (rc == 0 && pwent) + gid = pwent->pw_gid; + + break; } + free(rbuf); return gid; } @@ -118,7 +137,7 @@ long rbuflen = sysconf(_SC_GETGR_R_SIZE_MAX); if (rbuflen <= 0) - return 0; + rbuflen = 1024; char *rbuf; while(1) { @@ -127,7 +146,7 @@ return 0; int retval = getgrnam_r(group, &gbuf, rbuf, rbuflen, &grent); - if ( retval == ERANGE ) + if (retval == ERANGE && rbuflen < LONG_MAX / 2) { free(rbuf); rbuflen = rbuflen * 2; @@ -197,8 +216,8 @@ if (rc == -1) continue; /* comment, skip */ if (rc == -2) { - fprintf(stderr, "%s: error on line %lu, skipping...\n", - selinux_usersconf_path(), lineno); + selinux_log(SELINUX_ERROR, "%s: error on line %lu, skipping...\n", + selinux_usersconf_path(), lineno); continue; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/sha1.c new/libselinux-3.7/src/sha1.c --- old/libselinux-3.6/src/sha1.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/sha1.c 2024-06-26 17:30:41.000000000 +0200 @@ -26,6 +26,8 @@ #include "sha1.h" #include <memory.h> +#include "selinux_internal.h" + /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// // TYPES /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// @@ -62,6 +64,7 @@ // // Hash a single 512-bit block. This is the core of the algorithm /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// +ignore_unsigned_overflow_ static void TransformFunction diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/src/stringrep.c new/libselinux-3.7/src/stringrep.c --- old/libselinux-3.6/src/stringrep.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/src/stringrep.c 2024-06-26 17:30:41.000000000 +0200 @@ -337,13 +337,15 @@ printf(" {"); - while (av) { + for (;;) { if (av & bit) { permstr = security_av_perm_to_string(tclass, bit); if (!permstr) break; printf(" %s", permstr); av &= ~bit; + if (!av) + break; } bit <<= 1; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/compute_av.c new/libselinux-3.7/utils/compute_av.c --- old/libselinux-3.6/utils/compute_av.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/compute_av.c 2024-06-26 17:30:41.000000000 +0200 @@ -44,10 +44,14 @@ print_access_vector(tclass, avd.allowed); printf("\n"); - if (avd.decided != ~0U) { + if (~avd.decided) { printf("decided="); print_access_vector(tclass, avd.decided); printf("\n"); + + printf("undecided="); + print_access_vector(tclass, ~avd.decided); + printf("\n"); } if (avd.auditallow) { @@ -56,10 +60,14 @@ printf("\n"); } - if (avd.auditdeny != ~0U) { - printf("auditdeny"); + if (~avd.auditdeny) { + printf("auditdeny="); print_access_vector(tclass, avd.auditdeny); printf("\n"); + + printf("dontaudit="); + print_access_vector(tclass, ~avd.auditdeny); + printf("\n"); } exit(EXIT_SUCCESS); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/getconlist.c new/libselinux-3.7/utils/getconlist.c --- old/libselinux-3.6/utils/getconlist.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/getconlist.c 2024-06-26 17:30:41.000000000 +0200 @@ -19,8 +19,9 @@ int main(int argc, char **argv) { - char **list, *cur_context = NULL; - char *user = NULL, *level = NULL; + char **list; + const char *cur_context, *user; + char *cur_con = NULL, *level = NULL; int ret, i, opt; while ((opt = getopt(argc, argv, "l:")) > 0) { @@ -54,11 +55,12 @@ /* If a context wasn't passed, use the current context. */ if (((argc - optind) < 2)) { - if (getcon(&cur_context) < 0) { + if (getcon(&cur_con) < 0) { fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno)); free(level); return 2; } + cur_context = cur_con; } else { cur_context = argv[optind + 1]; if (security_check_context(cur_context) != 0) { @@ -82,10 +84,12 @@ } else { fprintf(stderr, "get_ordered_context_list%s failure: %d(%s)\n", level ? "_with_level" : "", errno, strerror(errno)); + free(cur_con); free(level); return 4; } + free(cur_con); free(level); return 0; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/getdefaultcon.c new/libselinux-3.7/utils/getdefaultcon.c --- old/libselinux-3.6/utils/getdefaultcon.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/getdefaultcon.c 2024-06-26 17:30:41.000000000 +0200 @@ -19,8 +19,9 @@ int main(int argc, char **argv) { - char * usercon = NULL, *cur_context = NULL; - char *user = NULL, *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL; + const char *cur_context, *user; + char *usercon = NULL, *cur_con = NULL; + char *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL; char *service = NULL; int ret, opt; int verbose = 0; @@ -54,6 +55,9 @@ if (!is_selinux_enabled()) { fprintf(stderr, "%s may be used only on a SELinux kernel.\n", argv[0]); + free(level); + free(role); + free(service); return 1; } @@ -61,15 +65,23 @@ /* If a context wasn't passed, use the current context. */ if ((argc - optind) < 2) { - if (getcon(&cur_context) < 0) { + if (getcon(&cur_con) < 0) { fprintf(stderr, "%s: couldn't get current context: %s\n", argv[0], strerror(errno)); + free(level); + free(role); + free(service); return 2; } + cur_context = cur_con; } else cur_context = argv[optind + 1]; if (security_check_context(cur_context)) { fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], cur_context); + free(cur_con); + free(level); + free(role); + free(service); return 3; } @@ -101,6 +113,8 @@ if (level != dlevel) free(level); free(dlevel); free(usercon); + free(cur_con); + free(service); return ret >= 0; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/sefcontext_compile.c new/libselinux-3.7/utils/sefcontext_compile.c --- old/libselinux-3.6/utils/sefcontext_compile.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/sefcontext_compile.c 2024-06-26 17:30:41.000000000 +0200 @@ -189,7 +189,7 @@ if (len != 1) goto err; - /* original context strin (including nul) */ + /* original context string (including nul) */ len = fwrite(context, sizeof(char), to_write, bin_file); if (len != to_write) goto err; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/selabel_digest.c new/libselinux-3.7/utils/selabel_digest.c --- old/libselinux-3.6/utils/selabel_digest.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/selabel_digest.c 2024-06-26 17:30:41.000000000 +0200 @@ -6,12 +6,10 @@ #include <selinux/selinux.h> #include <selinux/label.h> -static size_t digest_len; - static __attribute__ ((__noreturn__)) void usage(const char *progname) { fprintf(stderr, - "usage: %s -b backend [-d] [-v] [-B] [-i] [-f file]\n\n" + "usage: %s -b backend [-v] [-B] [-i] [-f file]\n\n" "Where:\n\t" "-b The backend - \"file\", \"media\", \"x\", \"db\" or " "\"prop\"\n\t" @@ -25,11 +23,11 @@ exit(1); } -static int run_check_digest(char *cmd, char *selabel_digest) +static int run_check_digest(const char *cmd, const char *selabel_digest, size_t digest_len) { FILE *fp; char files_digest[128]; - char *files_ptr; + const char *files_ptr; int rc = 0; fp = popen(cmd, "r"); @@ -64,17 +62,17 @@ char *baseonly = NULL, *file = NULL, *digest = (char *)1; char **specfiles = NULL; unsigned char *sha1_digest = NULL; - size_t i, num_specfiles; + size_t digest_len, i, num_specfiles; char cmd_buf[4096]; char *cmd_ptr; - char *sha1_buf; + char *sha1_buf = NULL; struct selabel_handle *hnd; struct selinux_opt selabel_option[] = { { SELABEL_OPT_PATH, file }, - { SELABEL_OPT_BASEONLY, baseonly }, - { SELABEL_OPT_DIGEST, digest } + { SELABEL_OPT_DIGEST, digest }, + { SELABEL_OPT_BASEONLY, baseonly } }; if (argc < 3) @@ -121,10 +119,10 @@ memset(cmd_buf, 0, sizeof(cmd_buf)); selabel_option[0].value = file; - selabel_option[1].value = baseonly; - selabel_option[2].value = digest; + selabel_option[1].value = digest; + selabel_option[2].value = baseonly; - hnd = selabel_open(backend, selabel_option, 3); + hnd = selabel_open(backend, selabel_option, backend == SELABEL_CTX_FILE ? 3 : 2); if (!hnd) { switch (errno) { case EOVERFLOW: @@ -169,23 +167,50 @@ printf("calculated using the following specfile(s):\n"); if (specfiles) { - cmd_ptr = &cmd_buf[0]; - sprintf(cmd_ptr, "/usr/bin/cat "); - cmd_ptr = &cmd_buf[0] + strlen(cmd_buf); + size_t cmd_rem = sizeof(cmd_buf); + int ret; + + if (validate) { + cmd_ptr = &cmd_buf[0]; + ret = snprintf(cmd_ptr, cmd_rem, "/usr/bin/cat "); + if (ret < 0 || (size_t)ret >= cmd_rem) { + fprintf(stderr, "Could not format validate command\n"); + rc = -1; + goto err; + } + cmd_ptr += ret; + cmd_rem -= ret; + } for (i = 0; i < num_specfiles; i++) { - sprintf(cmd_ptr, "%s ", specfiles[i]); - cmd_ptr += strlen(specfiles[i]) + 1; + if (validate) { + ret = snprintf(cmd_ptr, cmd_rem, "%s ", specfiles[i]); + if (ret < 0 || (size_t)ret >= cmd_rem) { + fprintf(stderr, "Could not format validate command\n"); + rc = -1; + goto err; + } + cmd_ptr += ret; + cmd_rem -= ret; + } + printf("%s\n", specfiles[i]); } - sprintf(cmd_ptr, "| /usr/bin/openssl dgst -sha1 -hex"); - if (validate) - rc = run_check_digest(cmd_buf, sha1_buf); + if (validate) { + ret = snprintf(cmd_ptr, cmd_rem, "| /usr/bin/openssl dgst -sha1 -hex"); + if (ret < 0 || (size_t)ret >= cmd_rem) { + fprintf(stderr, "Could not format validate command\n"); + rc = -1; + goto err; + } + + rc = run_check_digest(cmd_buf, sha1_buf, digest_len); + } } - free(sha1_buf); err: + free(sha1_buf); selabel_close(hnd); return rc; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/libselinux-3.6/utils/selinuxexeccon.c new/libselinux-3.7/utils/selinuxexeccon.c --- old/libselinux-3.6/utils/selinuxexeccon.c 2023-12-13 15:46:22.000000000 +0100 +++ new/libselinux-3.7/utils/selinuxexeccon.c 2024-06-26 17:30:41.000000000 +0200 @@ -45,6 +45,7 @@ con = strdup(argv[2]); if (security_check_context(con)) { fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con); + free(con); return -1; } } ++++++ libselinux-set-free-d-data-to-NULL.patch ++++++ Index: libselinux-3.7/src/label_backends_android.c =================================================================== --- libselinux-3.7.orig/src/label_backends_android.c +++ libselinux-3.7/src/label_backends_android.c @@ -260,6 +260,7 @@ static void closef(struct selabel_handle free(data->spec_arr); free(data); + rec->data = NULL; } static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec, Index: libselinux-3.7/src/label_file.c =================================================================== --- libselinux-3.7.orig/src/label_file.c +++ libselinux-3.7/src/label_file.c @@ -942,6 +942,7 @@ static void closef(struct selabel_handle free(last_area); } free(data); + rec->data = NULL; } // Finds all the matches of |key| in the given context. Returns the result in Index: libselinux-3.7/src/label_media.c =================================================================== --- libselinux-3.7.orig/src/label_media.c +++ libselinux-3.7/src/label_media.c @@ -183,6 +183,7 @@ static void close(struct selabel_handle free(spec_arr); free(data); + rec->data = NULL; } static struct selabel_lookup_rec *lookup(struct selabel_handle *rec, Index: libselinux-3.7/src/label_x.c =================================================================== --- libselinux-3.7.orig/src/label_x.c +++ libselinux-3.7/src/label_x.c @@ -210,6 +210,7 @@ static void close(struct selabel_handle free(spec_arr); free(data); + rec->data = NULL; } static struct selabel_lookup_rec *lookup(struct selabel_handle *rec,