37 lines
1.4 KiB
Diff
37 lines
1.4 KiB
Diff
From 7118f4f4c86698ef9d14e12564c3acf6cd7da7fc Mon Sep 17 00:00:00 2001
|
|
From: James Carter <jwcart2@tycho.nsa.gov>
|
|
Date: Thu, 23 Jan 2020 15:40:04 -0500
|
|
Subject: [PATCH] libsepol/cil: Fix bug in cil_copy_avrule() in extended
|
|
permission handling
|
|
|
|
When copying an avrule with extended permissions (permx) in
|
|
cil_copy_avrule(), the check for a named permx checks the new permx
|
|
instead of the old one, so the check will always fail. This leads to a
|
|
segfault when trying to copy a named permx because there will be an
|
|
attempt to copy the nonexistent permx struct instead of the name of
|
|
the named permx.
|
|
|
|
Check whether the original is a named permx instead of the new one.
|
|
|
|
Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
|
|
---
|
|
libsepol/cil/src/cil_copy_ast.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c
|
|
index 7af00aafd67a..67dd8528f526 100644
|
|
--- a/libsepol/cil/src/cil_copy_ast.c
|
|
+++ b/libsepol/cil/src/cil_copy_ast.c
|
|
@@ -827,7 +827,7 @@ int cil_copy_avrule(struct cil_db *db, void *data, void **copy, __attribute__((u
|
|
if (!new->is_extended) {
|
|
cil_copy_classperms_list(orig->perms.classperms, &new->perms.classperms);
|
|
} else {
|
|
- if (new->perms.x.permx_str != NULL) {
|
|
+ if (orig->perms.x.permx_str != NULL) {
|
|
new->perms.x.permx_str = orig->perms.x.permx_str;
|
|
} else {
|
|
cil_permissionx_init(&new->perms.x.permx);
|
|
--
|
|
2.24.1
|
|
|