libselinux: Correctly handle an empty file_contexts file.

If you add some local file contexts via semanage fcontext -a and later delete them all via semanage fcontext -D, you get an empty file_contexts.local file. Then when you try to load it, getline() returns 0 and we fall through to the out path without having set rc. In label_file.c, rc will always be non-zero at this point because we will have failed the load_mmap() call. In sefcontext_compile, rc may contain random garbage at this point. Explicitly set rc before the loop. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
2015-06-22 09:11:33 -04:00 · 2015-06-22 09:11:33 -04:00 · aab9d90b35
parent ac78c677ab
commit aab9d90b35
2 changed files with 3 additions and 1 deletions
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@ -425,9 +425,10 @@ static int process_file(const char *path, const char *suffix,
 		goto out;

 	/*
-	 * The do detailed validation of the input and fill the spec array
+	 * Then do detailed validation of the input and fill the spec array
 	 */
 	lineno = 0;
+	rc = 0;
 	while (getline(&line_buf, &line_len, fp) > 0) {
 		rc = process_line(rec, path, prefix, line_buf, ++lineno);
 		if (rc)
--- a/libselinux/utils/sefcontext_compile.c
+++ b/libselinux/utils/sefcontext_compile.c
@ -35,6 +35,7 @@ static int process_file(struct selabel_handle *rec, const char *filename)
 	}

 	line_num = 0;
+	rc = 0;
 	while (getline(&line_buf, &line_len, context_file) > 0) {
 		rc = process_line(rec, filename, prefix, line_buf, ++line_num);
 		if (rc)