From 48c4bfbca39f2a6cef61e25d5e08459358a61349 Mon Sep 17 00:00:00 2001 From: wjiang Date: Tue, 9 Sep 2025 10:12:20 +0800 Subject: [PATCH] backport upstream patch --- ...-selinux-free-memory-in-error-branch.patch | 104 ++++++++++++++++++ libselinux.spec | 6 +- 2 files changed, 109 insertions(+), 1 deletion(-) create mode 100644 backport-selinux-free-memory-in-error-branch.patch diff --git a/backport-selinux-free-memory-in-error-branch.patch b/backport-selinux-free-memory-in-error-branch.patch new file mode 100644 index 0000000..52444c1 --- /dev/null +++ b/backport-selinux-free-memory-in-error-branch.patch @@ -0,0 +1,104 @@ +From 48f66b6aaad256cf196754cf96fb331773a6e5d4 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Fri, 18 Oct 2024 17:12:58 +0200 +Subject: [PATCH] selinux: free memory in error branch +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Free the allocated line if it fails to parse via process_line() for the +X or media database. + +Also declare the line_buf parameter of process_line() const, so it is +more obvious it is not modified or free'd. + +Reported-by: clang-analyzer +Signed-off-by: Christian Göttsche +Acked-by: James Carter +--- + src/label_media.c | 6 +++--- + src/label_x.c | 6 +++--- + 2 files changed, 6 insertions(+), 6 deletions(-) + +diff --git a/src/label_media.c b/src/label_media.c +index df4c2b6..621f800 100644 +--- a/src/label_media.c ++++ b/src/label_media.c +@@ -30,12 +30,12 @@ struct saved_data { + spec_t *spec_arr; + }; + +-static int process_line(const char *path, char *line_buf, int pass, ++static int process_line(const char *path, const char *line_buf, int pass, + unsigned lineno, struct selabel_handle *rec) + { + struct saved_data *data = (struct saved_data *)rec->data; + int items; +- char *buf_p; ++ const char *buf_p; + char *key, *context; + + buf_p = line_buf; +@@ -131,10 +131,11 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + goto finish; + memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec); + maxnspec = data->nspec; +- rewind(fp); ++ status = fseek(fp, 0L, SEEK_SET); ++ if (status == -1) ++ goto finish; + } + } +- free(line_buf); + + status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); + if (status) +@@ -143,6 +144,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + digest_gen_hash(rec->digest); + + finish: ++ free(line_buf); + fclose(fp); + return status; + } +diff --git a/src/label_x.c b/src/label_x.c +index e9b489b..85839f4 100644 +--- a/src/label_x.c ++++ b/src/label_x.c +@@ -32,12 +32,12 @@ struct saved_data { + spec_t *spec_arr; + }; + +-static int process_line(const char *path, char *line_buf, int pass, ++static int process_line(const char *path, const char *line_buf, int pass, + unsigned lineno, struct selabel_handle *rec) + { + struct saved_data *data = (struct saved_data *)rec->data; + int items; +- char *buf_p; ++ const char *buf_p; + char *type, *key, *context; + + buf_p = line_buf; +@@ -158,10 +158,11 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + goto finish; + memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec); + maxnspec = data->nspec; +- rewind(fp); ++ status = fseek(fp, 0L, SEEK_SET); ++ if (status == -1) ++ goto finish; + } + } +- free(line_buf); + + status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); + if (status) +@@ -170,6 +171,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, + digest_gen_hash(rec->digest); + + finish: ++ free(line_buf); + fclose(fp); + return status; + } diff --git a/libselinux.spec b/libselinux.spec index 6f85195..d7bf619 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -3,7 +3,7 @@ Name: libselinux Version: 3.5 -Release: 6 +Release: 7 License: Public Domain Summary: SELinux library and simple utilities Url: https://github.com/SELinuxProject/selinux/wiki @@ -26,6 +26,7 @@ Patch0014: backport-libselinux-set-free-d-data-to-NULL.patch Patch0015: backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch Patch0016: backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch Patch0017: backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch +Patch0018: backport-selinux-free-memory-in-error-branch.patch Patch9000: do-malloc-trim-after-load-policy.patch @@ -143,6 +144,9 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist %lang(ru) %{_mandir}/ru/man8/* %changelog +* Tue Sep 09 2025 wangjiang - 3.5-7 +- backport upstream patch + * Thu Aug 14 2025 hugel - 3.5-6 - backport upstream patches -- Gitee