mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-13 09:34:54 +00:00
libsepol: Move context_copy() after switch block in ocontext_copy_*().
If an initial SID is missing a labeling statement, the compiler will segfault on the context_copy(). Move the context copy after the switch block so that the existance of the initial SID label can be checked before trying to copy the context. This fixes both ocontext_copy_selinux() and ocontext_copy_xen(). Signed-off-by: Chris PeBenito <cpebenito@tresys.com> Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
parent
30db6f423b
commit
e26b58b08e
@ -2032,11 +2032,6 @@ static int ocontext_copy_xen(expand_state_t *state)
|
|||||||
else
|
else
|
||||||
state->out->ocontexts[i] = n;
|
state->out->ocontexts[i] = n;
|
||||||
l = n;
|
l = n;
|
||||||
if (context_copy(&n->context[0], &c->context[0],
|
|
||||||
state)) {
|
|
||||||
ERR(state->handle, "Out of memory!");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
switch (i) {
|
switch (i) {
|
||||||
case OCON_XEN_ISID:
|
case OCON_XEN_ISID:
|
||||||
n->sid[0] = c->sid[0];
|
n->sid[0] = c->sid[0];
|
||||||
@ -2061,6 +2056,11 @@ static int ocontext_copy_xen(expand_state_t *state)
|
|||||||
ERR(state->handle, "Unknown ocontext");
|
ERR(state->handle, "Unknown ocontext");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
if (context_copy(&n->context[0], &c->context[0],
|
||||||
|
state)) {
|
||||||
|
ERR(state->handle, "Out of memory!");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
@ -2085,10 +2085,6 @@ static int ocontext_copy_selinux(expand_state_t *state)
|
|||||||
else
|
else
|
||||||
state->out->ocontexts[i] = n;
|
state->out->ocontexts[i] = n;
|
||||||
l = n;
|
l = n;
|
||||||
if (context_copy(&n->context[0], &c->context[0], state)) {
|
|
||||||
ERR(state->handle, "Out of memory!");
|
|
||||||
return -1;
|
|
||||||
}
|
|
||||||
switch (i) {
|
switch (i) {
|
||||||
case OCON_ISID:
|
case OCON_ISID:
|
||||||
n->sid[0] = c->sid[0];
|
n->sid[0] = c->sid[0];
|
||||||
@ -2134,6 +2130,10 @@ static int ocontext_copy_selinux(expand_state_t *state)
|
|||||||
ERR(state->handle, "Unknown ocontext");
|
ERR(state->handle, "Unknown ocontext");
|
||||||
return -1;
|
return -1;
|
||||||
}
|
}
|
||||||
|
if (context_copy(&n->context[0], &c->context[0], state)) {
|
||||||
|
ERR(state->handle, "Out of memory!");
|
||||||
|
return -1;
|
||||||
|
}
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
return 0;
|
return 0;
|
||||||
|
Loading…
Reference in New Issue
Block a user