From e7c97c55596900b8f535210041dcb8b5ea887d05 Mon Sep 17 00:00:00 2001 From: Daniel J Walsh Date: Mon, 21 Feb 2005 14:25:51 +0000 Subject: [PATCH] - Fix matchpathcon on eof. --- libselinux-rhat.patch | 182 ++++++++++++++++++++++++++++++++++++++++-- libselinux.spec | 4 +- 2 files changed, 177 insertions(+), 9 deletions(-) diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 010ea66..f4fb09c 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -1,12 +1,180 @@ -diff --exclude-from=exclude -N -u -r nsalibselinux/src/matchpathcon.c libselinux-1.21.10/src/matchpathcon.c ---- nsalibselinux/src/matchpathcon.c 2005-02-17 14:22:28.000000000 -0500 -+++ libselinux-1.21.10/src/matchpathcon.c 2005-02-21 09:04:33.000000000 -0500 -@@ -401,7 +401,7 @@ +--- libselinux-1.21.10/src/query_user_context.c.ud 2005-02-17 11:22:46.000000000 -0800 ++++ libselinux-1.21.10/src/query_user_context.c 2005-02-20 12:04:50.001377520 -0800 +@@ -23,7 +23,8 @@ + { + printf ("Enter number of choice: "); + fflush (stdin); +- fgets (response, sizeof (response), stdin); ++ if (fgets (response, sizeof (response), stdin) == NULL) ++ continue; + fflush (stdin); + choice = strtol (response, NULL, 10); + } +@@ -50,7 +51,8 @@ + if (list[1]) { + printf ("Do you want to choose a different one? [n]"); + fflush (stdin); +- fgets (response, sizeof (response), stdin); ++ if (fgets (response, sizeof (response), stdin) == NULL) ++ return -1; + fflush (stdin); + + if ((response[0] == 'y') || (response[0] == 'Y')) +@@ -86,9 +88,11 @@ + { + printf ("\tEnter %s ", fieldstr); + fflush (stdin); +- fgets (newfield, newfieldlen, stdin); ++ if (fgets (newfield, newfieldlen, stdin) == NULL) ++ continue; + fflush (stdin); +- newfield[strlen(newfield)-1] = '\0'; ++ if (newfield[strlen(newfield)-1] == '\n') ++ newfield[strlen(newfield)-1] = '\0'; + + if (strlen(newfield) == 0) + { +@@ -137,8 +141,8 @@ + while (!done) + { + printf ("Would you like to enter a security context? [y]"); +- fgets (response, sizeof(response), stdin); +- if ((response[0] == 'n') || (response[0] == 'N')) { ++ if (fgets (response, sizeof(response), stdin) == NULL ++ || (response[0] == 'n') || (response[0] == 'N')) { + context_free(new_context); + return -1; + } +--- libselinux-1.21.10/src/matchpathcon.c.ud 2005-02-17 11:22:46.000000000 -0800 ++++ libselinux-1.21.10/src/matchpathcon.c 2005-02-20 12:19:39.883094936 -0800 +@@ -4,6 +4,7 @@ + #include + #include "selinux_internal.h" + #include ++#include + #include + #include + #include +@@ -401,11 +402,8 @@ char *regex, *type, *context; char *anchored_regex; len = strlen(line_buf); - if (line_buf[len - 1] != '\n') { -+ if ((line_buf[len - 1] != '\n') && (line_buf[len - 1 ] != 0)) { - myprintf("%s: line %d is too long, would be truncated, skipping\n", path, lineno); - return 0; +- myprintf("%s: line %d is too long, would be truncated, skipping\n", path, lineno); +- return 0; +- } +- line_buf[len - 1] = 0; ++ if (line_buf[len - 1] == '\n') ++ line_buf[len - 1] = 0; + buf_p = line_buf; + while (isspace(*buf_p)) + buf_p++; +@@ -522,7 +520,8 @@ + FILE *homedirfp; + char local_path[PATH_MAX + 1]; + char homedir_path[PATH_MAX + 1]; +- char line_buf[BUFSIZ + 1]; ++ char *line_buf = NULL; ++ size_t line_len = 0; + unsigned int lineno, pass, i, j, maxnspec; + spec_t *spec_copy; + int status=-1; +@@ -532,12 +531,17 @@ + path = selinux_file_context_path(); + if ((fp = fopen(path, "r")) == NULL) + return -1; ++ __fsetlocking(fp, FSETLOCKING_BYCALLER); + + snprintf(homedir_path, sizeof(homedir_path), "%s.homedirs", path); + homedirfp = fopen(homedir_path, "r"); ++ if (homedirfp != NULL) ++ __fsetlocking(homedirfp, FSETLOCKING_BYCALLER); + + snprintf(local_path, sizeof(local_path), "%s.local", path); + localfp = fopen(local_path, "r"); ++ if (localfp != NULL) ++ __fsetlocking(localfp, FSETLOCKING_BYCALLER); + + /* + * Perform two passes over the specification file. +@@ -551,19 +555,19 @@ + for (pass = 0; pass < 2; pass++) { + lineno = 0; + nspec = 0; +- while (fgets_unlocked(line_buf, sizeof line_buf, fp) && nspec < maxnspec) { ++ while (getline(&line_buf, &line_len, fp) > 0 && nspec < maxnspec) { + if (process_line(path, line_buf, pass, ++lineno) != 0) + goto finish; + } + if (homedirfp) +- while (fgets_unlocked(line_buf, sizeof line_buf, homedirfp) && nspec < maxnspec) { ++ while (getline(&line_buf, &line_len, homedirfp) > 0 && nspec < maxnspec) { + if (process_line(homedir_path, line_buf, pass, ++lineno) != 0) + goto finish; + } + + + if (localfp) +- while (fgets_unlocked(line_buf, sizeof line_buf, localfp) && nspec < maxnspec) { ++ while (getline(&line_buf, &line_len, localfp) > 0 && nspec < maxnspec) { + if (process_line(local_path, line_buf, pass, ++lineno) != 0) + goto finish; + } +@@ -583,6 +587,7 @@ + if (localfp) rewind(localfp); + } } ++ free(line_buf); + + /* Move exact pathname specifications to the end. */ + spec_copy = malloc(sizeof(spec_t) * nspec); +--- libselinux-1.21.10/utils/setsebool.c.ud 2005-02-17 11:22:47.000000000 -0800 ++++ libselinux-1.21.10/utils/setsebool.c 2005-02-20 12:04:50.001377520 -0800 +@@ -122,6 +122,7 @@ + if (permanent) { + char **names; + const char *bool_file; ++ char *tmp_bool_file; + int rc, len, fd, j; + + rc = security_get_boolean_names(&names, &len); +@@ -143,8 +144,9 @@ + + /* Open file */ + bool_file = selinux_booleans_path(); +- fd = open(bool_file, O_CREAT | O_TRUNC | O_WRONLY, +- S_IRUSR | S_IWUSR); ++ tmp_bool_file = (char *) alloca (strlen(bool_file) + 8); ++ strcpy(stpcpy(tmp_bool_file, bool_file), ".XXXXXX"); ++ fd = mkstemp(tmp_bool_file); + if (fd < 0) { + fprintf(stderr, + "Error creating boolean file %s\n", +@@ -157,13 +159,25 @@ + /* Walk the list in pending memory, writing each to the file */ + for (j=0; j 1.21.10-2 +* Mon Feb 21 2005 Dan Walsh 1.21.10-3 - Fix matchpathcon on eof. * Thu Feb 17 2005 Dan Walsh 1.21.10-1