From 12e2a0f9fceffca224a2fbe80d144afe237907df Mon Sep 17 00:00:00 2001 From: Eric Paris Date: Wed, 20 Jun 2012 17:44:17 -0400 Subject: [PATCH] libselinux: matchpathcon: bad handling of symlinks in / The realpath_not_final() function did not properly handle symlinks in the / directory. The reason is because when it determined the symlink was in the root directory it would set the resolved portion of the path to /, it would then add a / to the end of the resolved portion, and then append the symlink name. The fix is to instead set the resolved portion to "". Thus when the '/' at the end of the resolved portion is added it will be correct. While I am at it, strip extraneous leading / so that //tmp returns /tmp. Signed-off-by: Eric Paris --- libselinux/src/matchpathcon.c | 8 +++++++- 1 file changed, 7 insertions(+), 1 deletion(-) diff --git a/libselinux/src/matchpathcon.c b/libselinux/src/matchpathcon.c index 8f200d49..2d7369e5 100644 --- a/libselinux/src/matchpathcon.c +++ b/libselinux/src/matchpathcon.c @@ -361,11 +361,17 @@ int realpath_not_final(const char *name, char *resolved_path) goto out; } + /* strip leading // */ + while (tmp_path[len] && tmp_path[len] == '/' && + tmp_path[len+1] && tmp_path[len+1] == '/') { + tmp_path++; + len++; + } last_component = strrchr(tmp_path, '/'); if (last_component == tmp_path) { last_component++; - p = strcpy(resolved_path, "/"); + p = strcpy(resolved_path, ""); } else if (last_component) { *last_component = '\0'; last_component++;