No description
d10725649e
When scope_index_read() fails while attempting to allocate memory for
scope_index->class_perms_map, scope_index_destroy() gets called with
scope->class_perms_len != 0 and scope->class_perms_map == NULL. This
triggers the following segmentation fault (in semodule_package):
Program received signal SIGSEGV, Segmentation fault.
ebitmap_destroy (e=0x10) at ebitmap.c:362
362 n = e->node;
=> 0x00007ffff79ff7f6 <ebitmap_destroy+134>: 48 8b 3f mov
(%rdi),%rdi
(gdb) bt
#0 ebitmap_destroy (e=0x10) at ebitmap.c:362
#1 0x00007ffff79e2c37 in scope_index_destroy (scope=0x608860) at
avrule_block.c:87
#2 avrule_decl_destroy (x=0x608830) at avrule_block.c:103
#3 0x00007ffff7aae99c in avrule_block_read (fp=0x605090,
num_scope_syms=8, block=0x6054e8, p=0x605360) at policydb.c:3598
#4 policydb_read (p=0x605360, fp=fp@entry=0x605090,
verbose=verbose@entry=0) at policydb.c:3946
#5 0x00007ffff7ab4ab4 in sepol_policydb_read (p=<optimized out>,
pf=pf@entry=0x605090) at policydb_public.c:174
#6 0x0000000000401d33 in main (argc=<optimized out>,
argv=0x7fffffffdc88) at semodule_package.c:220
(gdb) f 1
(gdb) p *scope
$1 = {scope = {{node = 0x0, highbit = 0}, {node = 0x0, highbit = 0},
{node = 0x0, highbit = 0}, {node = 0x0, highbit = 0}, {node = 0x0,
highbit = 0}, {node = 0x0, highbit = 0}, {node = 0x0, highbit = 0},
{node = 0x0, highbit = 0}}, class_perms_map = 0x0, class_perms_len =
4294934272}
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
|
||
|---|---|---|
| checkpolicy | ||
| dbus | ||
| gui | ||
| libselinux | ||
| libsemanage | ||
| libsepol | ||
| mcstrans | ||
| policycoreutils | ||
| python | ||
| restorecond | ||
| sandbox | ||
| scripts | ||
| secilc | ||
| semodule-utils | ||
| .gitignore | ||
| CleanSpec.mk | ||
| Makefile | ||
| README | ||
Please submit all bug reports and patches to selinux@tycho.nsa.gov. Subscribe via selinux-join@tycho.nsa.gov. Build dependencies on Fedora: yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python-devel setools-devel swig ustr-devel xmlto redhat-rpm-config To build and install everything under a private directory, run: make DESTDIR=~/obj install install-pywrap To install as the default system libraries and binaries (overwriting any previously installed ones - dangerous!), on x86_64, run: make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel or on x86 (32-bit), run: make install install-pywrap relabel This may render your system unusable if the upstream SELinux userspace lacks library functions or other dependencies relied upon by your distribution. If it breaks, you get to keep both pieces.