mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-27 00:12:05 +00:00
581dde735a
The Python wrapper of rpm_execcon() has several flaws:
* An invalid call like selinux.rpm_execcon() triggers a segmentation
fault.
* The size of the buffer which is allocated to copy argv and envp is
too small to hold all the values.
* This allocated memory is leaked if one argument of rpm_execon() is not
a sequence of bytes.
The Ruby wrapper has no such flaws but can not be used as it is because
it misses some glue code to convert argv and envp arguments to char
*const [] values (even though the destructor is present!).
As it is not possible to remove rpm_execcon() without changing
libselinux soname (it would be an ABI break) like
|
||
---|---|---|
.. | ||
include | ||
man | ||
src | ||
utils | ||
ChangeLog | ||
LICENSE | ||
Makefile | ||
VERSION |