From 114463ed84e6bd33463611c57d4c18e06168061f Mon Sep 17 00:00:00 2001 From: Dan Walsh Date: Jul 04 2012 11:34:56 +0000 Subject: Update to upstream * remove build warning when build swig c files * additional makefile support for rubywrap * ignore 80 column limit for readability * semanage_store: fix snprintf length argument by using asprintf * Use default semanage.conf as a fallback * use after free in python bindings --- diff --git a/.gitignore b/.gitignore index 469e3aa..7e0ae2b 100644 --- a/.gitignore +++ b/.gitignore @@ -126,3 +126,4 @@ libsemanage-2.0.45.tgz /libsemanage-2.1.5.tgz /libsemanage-2.1.6.tgz /libsemanage-2.1.7.tgz +/libsemanage-2.1.8.tgz diff --git a/libsemanage-rhat.patch b/libsemanage-rhat.patch index 0d8356f..6c5a31e 100644 --- a/libsemanage-rhat.patch +++ b/libsemanage-rhat.patch @@ -1,39 +1,58 @@ -diff --git a/libsemanage/src/fcontext_record.c b/libsemanage/src/fcontext_record.c -index ec02a89..3f9d893 100644 ---- a/libsemanage/src/fcontext_record.c -+++ b/libsemanage/src/fcontext_record.c -@@ -45,7 +45,11 @@ int semanage_fcontext_key_create(semanage_handle_t * handle, - "create file context key"); - return STATUS_ERR; - } -- tmp_key->expr = expr; -+ tmp_key->expr = strdup(expr); -+ if (!tmp_key->expr) { -+ ERR(handle, "out of memory, could not create file context key."); -+ return STATUS_ERR; -+ } - tmp_key->type = type; +diff --git a/libsemanage/src/Makefile b/libsemanage/src/Makefile +index fc64919..c63bb22 100644 +--- a/libsemanage/src/Makefile ++++ b/libsemanage/src/Makefile +@@ -13,12 +13,10 @@ SHLIBDIR ?= $(PREFIX)/lib + INCLUDEDIR ?= $(PREFIX)/include + PYLIBVER ?= $(shell $(PYTHON) -c 'import sys;print("python%d.%d" % sys.version_info[0:2])') + PYINC ?= $(shell pkg-config --cflags $(PYPREFIX)) +-PYTHONLIBDIR ?= $(shell pkg-config --libs $(PYPREFIX)) + PYLIBDIR ?= $(LIBDIR)/$(PYLIBVER) + RUBYLIBVER ?= $(shell $(RUBY) -e 'print RUBY_VERSION.split(".")[0..1].join(".")') + RUBYPLATFORM ?= $(shell $(RUBY) -e 'print RUBY_PLATFORM') + RUBYINC ?= $(shell pkg-config --cflags ruby-$(RUBYLIBVER)) +-RUBYLIBDIR ?= $(shell pkg-config --libs ruby-$(RUBYLIBVER)) + RUBYINSTALL ?= $(LIBDIR)/ruby/site_ruby/$(RUBYLIBVER)/$(RUBYPLATFORM) - *key_ptr = tmp_key; -@@ -74,6 +78,7 @@ hidden_def(semanage_fcontext_key_extract) + LIBBASE=$(shell basename $(LIBDIR)) +@@ -84,10 +82,10 @@ $(SWIGRUBYLOBJ): $(SWIGRUBYCOUT) + $(CC) $(CFLAGS) $(SWIG_CFLAGS) $(RUBYINC) -fPIC -DSHARED -c -o $@ $< - void semanage_fcontext_key_free(semanage_fcontext_key_t * key) - { -+ free(key->expr); - free(key); - } + $(SWIGSO): $(SWIGLOBJ) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $< -L. -lsemanage -L$(LIBDIR) + + $(SWIGRUBYSO): $(SWIGRUBYLOBJ) +- $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) -Wl,-soname,$@ ++ $(CC) $(CFLAGS) $(LDFLAGS) -shared -o $@ $^ -L. -lsemanage -L$(LIBDIR) + $(LIBA): $(OBJS) + $(AR) rcs $@ $^ diff --git a/libsemanage/src/handle.c b/libsemanage/src/handle.c -index 4b43ba7..7fcd2b4 100644 +index 7fcd2b4..f5cd4d0 100644 --- a/libsemanage/src/handle.c +++ b/libsemanage/src/handle.c -@@ -186,7 +186,8 @@ const char *semanage_selinux_path(void) { +@@ -147,7 +147,8 @@ const char *semanage_binary_policy_path() { + // printf("private_binary_policy_path %s\n", private_binary_policy_path); + if (private_binary_policy_path) + return private_binary_policy_path; +- return selinux_binary_policy_path(); ++ private_binary_policy_path = selinux_binary_policy_path(); ++ return private_binary_policy_path; + } - const char *semanage_conf_path(void) - { -- if (private_semanage_conf_path) -+ if (private_semanage_conf_path && -+ access(private_semanage_conf_path, R_OK) == 0) - return private_semanage_conf_path; + const char *semanage_usersconf_path() { +diff --git a/libsemanage/src/semanage_store.c b/libsemanage/src/semanage_store.c +index cd7ce68..9c4b1fe 100644 +--- a/libsemanage/src/semanage_store.c ++++ b/libsemanage/src/semanage_store.c +@@ -1145,8 +1145,7 @@ static int semanage_install_active(semanage_handle_t * sh) + if (asprintf(&storepath, "%s%s", semanage_selinux_path(), sh->conf->store_path) < 0) + return retval; - return SEMANAGE_CONF_PATH; +- snprintf(store_pol, PATH_MAX, "%s%s.%d", storepath, +- running_policy, sh->conf->policyvers); ++ snprintf(store_pol, PATH_MAX, "%s%s", storepath, running_policy); + if (semanage_copy_file(active_kernel, store_pol, sh->conf->file_mode) == + -1) { + ERR(sh, "Could not copy %s to %s.", active_kernel, store_pol); diff --git a/libsemanage.spec b/libsemanage.spec index af3b793..650e488 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -9,8 +9,8 @@ Summary: SELinux binary policy manipulation library Name: libsemanage -Version: 2.1.7 -Release: 2%{?dist} +Version: 2.1.8 +Release: 1%{?dist} License: LGPLv2+ Group: System Environment/Libraries Source: libsemanage-%{version}.tgz @@ -180,6 +180,15 @@ rm -rf ${RPM_BUILD_ROOT} %endif # if with_python3 %changelog +* Wed Jul 4 2012 Dan Walsh - 2.1.8-1 +- Update to upstream + * remove build warning when build swig c files + * additional makefile support for rubywrap + * ignore 80 column limit for readability + * semanage_store: fix snprintf length argument by using asprintf + * Use default semanage.conf as a fallback + * use after free in python bindings + * Tue May 29 2012 Dan Walsh - 2.1.7-2 - Apply patch from Sven Vermeulen to fix problem with python3 bindings. diff --git a/sources b/sources index eb1a59a..0ed77db 100644 --- a/sources +++ b/sources @@ -1 +1 @@ -33560ce60822bb7e1e0b83087c1e044f libsemanage-2.1.7.tgz +acb5c0f40f70ff32c4c39cee8432be26 libsemanage-2.1.8.tgz