diff --git a/backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch b/backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch deleted file mode 100644 index 212dd45394df155958715d2b5ffcf9eaab91d826..0000000000000000000000000000000000000000 --- a/backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch +++ /dev/null @@ -1,32 +0,0 @@ -From 45fdf23c7b37cfc776def253c0d5bfa1b0758c24 Mon Sep 17 00:00:00 2001 -From: James Carter -Date: Wed, 22 Jan 2025 10:58:27 -0500 -Subject: [PATCH] libselinux: Close old selabel handle when setting a new one - -In selinux_restorecon_set_sehandle(), close the old selabel handle -(if it exists) before setting the new one. - -Signed-off-by: James Carter -Acked-by: Petr Lautrbach ---- - src/selinux_restorecon.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c -index bc6ed935..ab1c5216 100644 ---- a/src/selinux_restorecon.c -+++ b/src/selinux_restorecon.c -@@ -1367,6 +1367,10 @@ void selinux_restorecon_set_sehandle(struct selabel_handle *hndl) - unsigned char *fc_digest; - size_t num_specfiles, fc_digest_len; - -+ if (fc_sehandle) { -+ selabel_close(fc_sehandle); -+ } -+ - fc_sehandle = hndl; - if (!fc_sehandle) - return; --- -2.33.0 - diff --git a/backport-libselinux-Fix-ordering-of-arguments-to-calloc.patch b/backport-libselinux-Fix-ordering-of-arguments-to-calloc.patch deleted file mode 100644 index d26a5efeab3d60bddd47ff71f59060e4c9f9b3ac..0000000000000000000000000000000000000000 --- a/backport-libselinux-Fix-ordering-of-arguments-to-calloc.patch +++ /dev/null @@ -1,42 +0,0 @@ -From dfe30d9d0190ede292078d22ed45a160f331e1b6 Mon Sep 17 00:00:00 2001 -From: James Carter -Date: Fri, 5 Jan 2024 15:16:26 -0500 -Subject: [PATCH] libselinux: Fix ordering of arguments to calloc - -The number of elements should be first and the size of the elements -second. - -Signed-off-by: James Carter - -Reference:https://github.com/SELinuxProject/selinux/commit/dfe30d9d0190ede292078d22ed45a160f331e1b6 -Conflict:path adapt - ---- - src/audit2why.c | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/audit2why.c b/src/audit2why.c -index 8c4c07d5..ad846cc3 100644 ---- a/src/audit2why.c -+++ b/src/audit2why.c -@@ -148,7 +148,7 @@ static int check_booleans(struct boolean_t **bools) - sepol_bool_free(boolean); - - if (fcnt > 0) { -- *bools = calloc(sizeof(struct boolean_t), fcnt + 1); -+ *bools = calloc(fcnt + 1, sizeof(struct boolean_t)); - if (!*bools) { - PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); - free(foundlist); -@@ -226,7 +226,7 @@ static int __policy_init(const char *init_path) - return 1; - } - -- avc = calloc(sizeof(struct avc_t), 1); -+ avc = calloc(1, sizeof(struct avc_t)); - if (!avc) { - PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); - fclose(fp); --- -2.33.0 - diff --git a/backport-libselinux-add-check-for-calloc-in-check_booleans.patch b/backport-libselinux-add-check-for-calloc-in-check_booleans.patch deleted file mode 100644 index a1f6cb3389276a0a7f475ab593e0cfdf4f36fc75..0000000000000000000000000000000000000000 --- a/backport-libselinux-add-check-for-calloc-in-check_booleans.patch +++ /dev/null @@ -1,33 +0,0 @@ -From d8edd363be3184c5738438fde937fd5ebc2d4923 Mon Sep 17 00:00:00 2001 -From: Huaxin Lu -Date: Mon, 19 Jun 2023 07:17:02 +0800 -Subject: [PATCH] libselinux: add check for calloc in check_booleans - -Check the return value of calloc() to avoid null pointer reference. - -Signed-off-by: Huaxin Lu -Acked-by: Petr Lautrbach ---- - src/audit2why.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/audit2why.c b/src/audit2why.c -index ba1a66eb..8c4c07d5 100644 ---- a/src/audit2why.c -+++ b/src/audit2why.c -@@ -149,6 +149,12 @@ static int check_booleans(struct boolean_t **bools) - - if (fcnt > 0) { - *bools = calloc(sizeof(struct boolean_t), fcnt + 1); -+ if (!*bools) { -+ PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); -+ free(foundlist); -+ return 0; -+ } -+ - struct boolean_t *b = *bools; - for (i = 0; i < fcnt; i++) { - int ctr = foundlist[i]; --- -2.27.0 - diff --git a/backport-libselinux-avoid-logs-in-get_ordered_context_list-wi.patch b/backport-libselinux-avoid-logs-in-get_ordered_context_list-wi.patch deleted file mode 100644 index 03e019a3d3cc0e79507484725f3994ea35e5c990..0000000000000000000000000000000000000000 --- a/backport-libselinux-avoid-logs-in-get_ordered_context_list-wi.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 6e2f7033406aeccc1fb93e580be8120f113520a6 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Fri, 22 Mar 2024 15:50:19 +0100 -Subject: [PATCH] libselinux: avoid logs in get_ordered_context_list() without - policy -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -If no policy has been loaded yet and thus the current context is still -"kernel" avoid logging failures in get_ordered_context_list(), like: - - get_ordered_context_list: error in processing configuration file /etc/selinux/debian/contexts/users/root - get_ordered_context_list: error in processing configuration file /etc/selinux/debian/contexts/default_contexts - -Move the context parsing from get_context_user() to its caller -get_ordered_context_list(), so an invalid context is not treated as an -get_context_user() failure and not logged. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - src/get_context_list.c | 24 ++++++++++++------------ - 1 file changed, 12 insertions(+), 12 deletions(-) - -diff --git a/src/get_context_list.c b/src/get_context_list.c -index 7e23be05..0ad24654 100644 ---- a/src/get_context_list.c -+++ b/src/get_context_list.c -@@ -130,7 +130,7 @@ static int is_in_reachable(char **reachable, const char *usercon_str) - } - - static int get_context_user(FILE * fp, -- const char * fromcon, -+ context_t fromcon, - const char * user, - char ***reachable, - unsigned int *nreachable) -@@ -146,7 +146,6 @@ static int get_context_user(FILE * fp, - char **new_reachable = NULL; - char *usercon_str; - const char *usercon_str2; -- context_t con; - context_t usercon; - - int rc; -@@ -155,14 +154,10 @@ static int get_context_user(FILE * fp, - - /* Extract the role and type of the fromcon for matching. - User identity and MLS range can be variable. */ -- con = context_new(fromcon); -- if (!con) -- return -1; -- fromrole = context_role_get(con); -- fromtype = context_type_get(con); -- fromlevel = context_range_get(con); -+ fromrole = context_role_get(fromcon); -+ fromtype = context_type_get(fromcon); -+ fromlevel = context_range_get(fromcon); - if (!fromrole || !fromtype) { -- context_free(con); - return -1; - } - -@@ -296,7 +291,6 @@ static int get_context_user(FILE * fp, - rc = 0; - - out: -- context_free(con); - free(line); - return rc; - } -@@ -418,6 +412,7 @@ int get_ordered_context_list(const char *user, - char *fname = NULL; - size_t fname_len; - const char *user_contexts_path = selinux_user_contexts_path(); -+ context_t con = NULL; - - if (!fromcon) { - /* Get the current context and use it for the starting context */ -@@ -427,6 +422,10 @@ int get_ordered_context_list(const char *user, - fromcon = backup_fromcon; - } - -+ con = context_new(fromcon); -+ if (!con) -+ goto failsafe; -+ - /* Determine the ordering to apply from the optional per-user config - and from the global config. */ - fname_len = strlen(user_contexts_path) + strlen(user) + 2; -@@ -437,7 +436,7 @@ int get_ordered_context_list(const char *user, - fp = fopen(fname, "re"); - if (fp) { - __fsetlocking(fp, FSETLOCKING_BYCALLER); -- rc = get_context_user(fp, fromcon, user, &reachable, &nreachable); -+ rc = get_context_user(fp, con, user, &reachable, &nreachable); - - fclose(fp); - if (rc < 0 && errno != ENOENT) { -@@ -451,7 +450,7 @@ int get_ordered_context_list(const char *user, - fp = fopen(selinux_default_context_path(), "re"); - if (fp) { - __fsetlocking(fp, FSETLOCKING_BYCALLER); -- rc = get_context_user(fp, fromcon, user, &reachable, &nreachable); -+ rc = get_context_user(fp, con, user, &reachable, &nreachable); - fclose(fp); - if (rc < 0 && errno != ENOENT) { - fprintf(stderr, -@@ -472,6 +471,7 @@ int get_ordered_context_list(const char *user, - else - freeconary(reachable); - -+ context_free(con); - freecon(backup_fromcon); - - return rc; --- -2.33.0 - diff --git a/backport-libselinux-avoid-pointer-dereference-before-check.patch b/backport-libselinux-avoid-pointer-dereference-before-check.patch deleted file mode 100644 index c2b4ccfe3305b12c0deda8ba12c988417112e2d8..0000000000000000000000000000000000000000 --- a/backport-libselinux-avoid-pointer-dereference-before-check.patch +++ /dev/null @@ -1,67 +0,0 @@ -From 2b6f639a5209f70a6c065f57bfd4b2bf3e28dbe4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Mon, 29 Apr 2024 18:39:00 +0200 -Subject: [PATCH] libselinux: avoid pointer dereference before check -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Since commit 5876aca0 ("libselinux: free data on selabel open failure") -the close handler of label backends must support partial initialized -state, e.g. ->data being NULL. Thus checks for NULL were added, but in -two cases the pointers in question were already dereferenced before. - -Reorder the dereference after the NULL-checks. - -Fixes: 5876aca0 ("libselinux: free data on selabel open failure") -Reported-by: Cppcheck -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - src/label_media.c | 4 +++- - src/label_x.c | 4 +++- - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/label_media.c b/src/label_media.c -index 94a58062..852aeada 100644 ---- a/src/label_media.c -+++ b/src/label_media.c -@@ -164,12 +164,14 @@ finish: - static void close(struct selabel_handle *rec) - { - struct saved_data *data = (struct saved_data *)rec->data; -- struct spec *spec, *spec_arr = data->spec_arr; -+ struct spec *spec, *spec_arr; - unsigned int i; - - if (!data) - return; - -+ spec_arr = data->spec_arr; -+ - for (i = 0; i < data->nspec; i++) { - spec = &spec_arr[i]; - free(spec->key); -diff --git a/src/label_x.c b/src/label_x.c -index f994eefa..a8decc7a 100644 ---- a/src/label_x.c -+++ b/src/label_x.c -@@ -191,12 +191,14 @@ finish: - static void close(struct selabel_handle *rec) - { - struct saved_data *data = (struct saved_data *)rec->data; -- struct spec *spec, *spec_arr = data->spec_arr; -+ struct spec *spec, *spec_arr; - unsigned int i; - - if (!data) - return; - -+ spec_arr = data->spec_arr; -+ - for (i = 0; i < data->nspec; i++) { - spec = &spec_arr[i]; - free(spec->key); --- -2.33.0 - diff --git a/backport-libselinux-enable-usage-with-pedantic-UB-sanitizers.patch b/backport-libselinux-enable-usage-with-pedantic-UB-sanitizers.patch deleted file mode 100644 index 86c956acc172014a31a781755177fc30becbc9e7..0000000000000000000000000000000000000000 --- a/backport-libselinux-enable-usage-with-pedantic-UB-sanitizers.patch +++ /dev/null @@ -1,282 +0,0 @@ -From 454a9f248ba8f0959a85bf917a7b5b87ab71d1e7 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 19 Dec 2023 17:09:32 +0100 -Subject: [PATCH] libselinux: enable usage with pedantic UB sanitizers -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Clang's undefined behavior sanitizer supports checking for unsigned -integer overflow and underflow, and implicit conversions. While those -operations are well-defined by the C language they can signal logic -mistakes or processing of unchecked user input. - -Annotate functions deliberately making use of integer overflow and adopt -the remaining code sites. - -Example reports: - - stringrep.c:348:7: runtime error: left shift of 2147483648 by 1 places cannot be represented in type 'access_vector_t' (aka 'unsigned int') - seusers.c:98:14: runtime error: implicit conversion from type 'int' of value -1 (32-bit, signed) to type 'gid_t' (aka 'unsigned int') changed the value to 4294967295 (32-bit, unsigned) - -Signed-off-by: Christian Göttsche -Acked-by: James Carter - -Reference:https://github.com/SELinuxProject/selinux/commit/454a9f248ba8f0959a85bf917a7b5b87ab71d1e7 -Conflict:path and context adapt, label_file.c: del symhash modification - ---- - src/avc.c | 4 +++- - src/avc_sidtab.c | 1 + - src/label.c | 7 +++++-- - src/label_backends_android.c | 4 +++- - src/label_db.c | 3 ++- - src/label_file.c | 6 ++++-- - src/label_media.c | 4 +++- - src/label_x.c | 4 +++- - src/selinux_internal.h | 11 +++++++++++ - src/seusers.c | 2 +- - src/sha1.c | 3 +++ - src/stringrep.c | 4 +++- - 12 files changed, 42 insertions(+), 11 deletions(-) - -diff --git a/src/avc.c b/src/avc.c -index 5e1c036e..ce87ac16 100644 ---- a/src/avc.c -+++ b/src/avc.c -@@ -229,13 +229,15 @@ int avc_open(struct selinux_opt *opts, unsigned nopts) - { - avc_setenforce = 0; - -- while (nopts--) -+ while (nopts) { -+ nopts--; - switch(opts[nopts].type) { - case AVC_OPT_SETENFORCE: - avc_setenforce = 1; - avc_enforcing = !!opts[nopts].value; - break; - } -+ } - - return avc_init_internal("avc", NULL, NULL, NULL, NULL); - } -diff --git a/src/avc_sidtab.c b/src/avc_sidtab.c -index e396a938..3303537b 100644 ---- a/src/avc_sidtab.c -+++ b/src/avc_sidtab.c -@@ -13,6 +13,7 @@ - #include "avc_sidtab.h" - #include "avc_internal.h" - -+ignore_unsigned_overflow_ - static inline unsigned sidtab_hash(const char * key) - { - const char *p; -diff --git a/src/label.c b/src/label.c -index 4a7c6e6d..d2e703ef 100644 ---- a/src/label.c -+++ b/src/label.c -@@ -60,7 +60,8 @@ static inline struct selabel_digest *selabel_is_digest_set - { - struct selabel_digest *digest = NULL; - -- while (n--) { -+ while (n) { -+ n--; - if (opts[n].type == SELABEL_OPT_DIGEST && - opts[n].value == (char *)1) { - digest = calloc(1, sizeof(*digest)); -@@ -112,9 +113,11 @@ static void selabel_digest_fini(struct selabel_digest *ptr) - static inline int selabel_is_validate_set(const struct selinux_opt *opts, - unsigned n) - { -- while (n--) -+ while (n) { -+ n--; - if (opts[n].type == SELABEL_OPT_VALIDATE) - return !!opts[n].value; -+ } - - return 0; - } -diff --git a/src/label_backends_android.c b/src/label_backends_android.c -index 7ddacdbe..33a17236 100644 ---- a/src/label_backends_android.c -+++ b/src/label_backends_android.c -@@ -152,7 +152,8 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - struct stat sb; - - /* Process arguments */ -- while (n--) -+ while (n) { -+ n--; - switch (opts[n].type) { - case SELABEL_OPT_PATH: - path = opts[n].value; -@@ -165,6 +166,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - path = opts[n].value; - break; - } -+ } - - if (!path) - return -1; -diff --git a/src/label_db.c b/src/label_db.c -index 2daf1770..2ff10b2f 100644 ---- a/src/label_db.c -+++ b/src/label_db.c -@@ -263,7 +263,8 @@ db_init(const struct selinux_opt *opts, unsigned nopts, - * the default one. If RDBMS is not SE-PostgreSQL, it may need to - * specify an explicit specfile for database objects. - */ -- while (nopts--) { -+ while (nopts) { -+ nopts--; - switch (opts[nopts].type) { - case SELABEL_OPT_PATH: - path = opts[nopts].value; -diff --git a/src/label_file.c b/src/label_file.c -index 315298b3..3b2bda97 100644 ---- a/src/label_file.c -+++ b/src/label_file.c -@@ -801,7 +801,8 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - int status = -1, baseonly = 0; - - /* Process arguments */ -- while (n--) -+ while (n) { -+ n--; - switch(opts[n].type) { - case SELABEL_OPT_PATH: - path = opts[n].value; -@@ -820,6 +821,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - baseonly = !!opts[n].value; - break; - } -+ } - - #if !defined(BUILD_HOST) && !defined(ANDROID) - char subs_file[PATH_MAX + 1]; -diff --git a/src/label_media.c b/src/label_media.c -index 4c987988..fad5ea6d 100644 ---- a/src/label_media.c -+++ b/src/label_media.c -@@ -80,7 +80,8 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - struct stat sb; - - /* Process arguments */ -- while (n--) -+ while (n) { -+ n--; - switch(opts[n].type) { - case SELABEL_OPT_PATH: - path = opts[n].value; -@@ -93,6 +94,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - path = opts[n].value; - break; - } -+} - - /* Open the specification file. */ - if (!path) -diff --git a/src/label_x.c b/src/label_x.c -index f332dcb6..bf569ca5 100644 ---- a/src/label_x.c -+++ b/src/label_x.c -@@ -107,7 +107,8 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - struct stat sb; - - /* Process arguments */ -- while (n--) -+ while (n) { -+ n--; - switch(opts[n].type) { - case SELABEL_OPT_PATH: - path = opts[n].value; -@@ -120,6 +121,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - path = opts[n].value; - break; - } -+ } - - /* Open the specification file. */ - if (!path) -diff --git a/src/selinux_internal.h b/src/selinux_internal.h -index af69ff04..b134808e 100644 ---- a/src/selinux_internal.h -+++ b/src/selinux_internal.h -@@ -102,4 +102,15 @@ size_t strlcpy(char *dest, const char *src, size_t size); - size_t strlcpy(char *dest, const char *src, size_t size); - #endif - -+/* Use to ignore intentional unsigned under- and overflows while running under UBSAN. */ -+#if defined(__clang__) && defined(__clang_major__) && (__clang_major__ >= 4) -+#if (__clang_major__ >= 12) -+#define ignore_unsigned_overflow_ __attribute__((no_sanitize("unsigned-integer-overflow", "unsigned-shift-base"))) -+#else -+#define ignore_unsigned_overflow_ __attribute__((no_sanitize("unsigned-integer-overflow"))) -+#endif -+#else -+#define ignore_unsigned_overflow_ -+#endif -+ - #endif /* SELINUX_INTERNAL_H_ */ -diff --git a/src/seusers.c b/src/seusers.c -index 16d69347..5a521f81 100644 ---- a/src/seusers.c -+++ b/src/seusers.c -@@ -99,7 +99,7 @@ int require_seusers = 0; - - static gid_t get_default_gid(const char *name) { - struct passwd pwstorage, *pwent = NULL; -- gid_t gid = -1; -+ gid_t gid = (gid_t)-1; - /* Allocate space for the getpwnam_r buffer */ - long rbuflen = sysconf(_SC_GETPW_R_SIZE_MAX); - if (rbuflen <= 0) return -1; -diff --git a/src/sha1.c b/src/sha1.c -index 9d51e04a..452b0cc2 100644 ---- a/src/sha1.c -+++ b/src/sha1.c -@@ -26,6 +26,8 @@ - #include "sha1.h" - #include - -+#include "selinux_internal.h" -+ - /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// - // TYPES - /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -@@ -62,6 +64,7 @@ typedef union - // - // Hash a single 512-bit block. This is the core of the algorithm - /////////////////////////////////////////////////////////////////////////////////////////////////////////////////////// -+ignore_unsigned_overflow_ - static - void - TransformFunction -diff --git a/src/stringrep.c b/src/stringrep.c -index d2237d1c..1b460224 100644 ---- a/src/stringrep.c -+++ b/src/stringrep.c -@@ -337,13 +337,15 @@ void print_access_vector(security_class_t tclass, access_vector_t av) - - printf(" {"); - -- while (av) { -+ for (;;) { - if (av & bit) { - permstr = security_av_perm_to_string(tclass, bit); - if (!permstr) - break; - printf(" %s", permstr); - av &= ~bit; -+ if (!av) -+ break; - } - bit <<= 1; - } --- -2.33.0 - diff --git a/backport-libselinux-fix-swig-bindings-for-4.3.0.patch b/backport-libselinux-fix-swig-bindings-for-4.3.0.patch deleted file mode 100644 index 27f39e60544c0b29a16f59143826173edfb25409..0000000000000000000000000000000000000000 --- a/backport-libselinux-fix-swig-bindings-for-4.3.0.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 8e0e718bae53fff30831b92cd784151d475a20da Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Wed, 16 Oct 2024 20:48:11 +0200 -Subject: [PATCH] libselinux: fix swig bindings for 4.3.0 -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -https://github.com/swig/swig/blob/master/CHANGES.current - -"[Python] #2907 Fix returning null from functions with output -parameters. Ensures OUTPUT and INOUT typemaps are handled -consistently wrt return type. - -New declaration of SWIG_Python_AppendOutput is now: - - SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void); - -The 3rd parameter is new and the new $isvoid special variable -should be passed to it, indicating whether or not the wrapped -function returns void. - -Also consider replacing with: - - SWIG_AppendOutput(PyObject* result, PyObject* obj); - -which calls SWIG_Python_AppendOutput with same parameters but adding $isvoid -for final parameter." - -Fixes: https://github.com/SELinuxProject/selinux/issues/447 - - selinuxswig_python_wrap.c: In function ‘_wrap_security_compute_user’: - selinuxswig_python_wrap.c:11499:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 11499 | resultobj = SWIG_Python_AppendOutput(resultobj, plist); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c: In function ‘_wrap_security_compute_user_raw’: - selinuxswig_python_wrap.c:11570:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 11570 | resultobj = SWIG_Python_AppendOutput(resultobj, plist); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c: In function ‘_wrap_security_get_boolean_names’: - selinuxswig_python_wrap.c:12470:17: error: too few arguments to function ‘SWIG_Python_AppendOutput’ - 12470 | resultobj = SWIG_Python_AppendOutput(resultobj, list); - | ^~~~~~~~~~~~~~~~~~~~~~~~ - selinuxswig_python_wrap.c:1248:1: note: declared here - 1248 | SWIG_Python_AppendOutput(PyObject* result, PyObject* obj, int is_void) { - | ^~~~~~~~~~~~~~~~~~~~~~~~ - error: command '/usr/bin/gcc' failed with exit code 1 - -Suggested-by: Jitka Plesnikova -Signed-off-by: Petr Lautrbach -Acked-by: James Carter ---- - src/selinuxswig_python.i | 4 ++-- - 1 file changed, 2 insertions(+), 2 deletions(-) - -diff --git a/src/selinuxswig_python.i b/src/selinuxswig_python.i -index 17e03b9e36..03ed296d5b 100644 ---- a/src/selinuxswig_python.i -+++ b/src/selinuxswig_python.i -@@ -71,7 +71,7 @@ - for (i = 0; i < *$2; i++) { - PyList_SetItem(list, i, PyString_FromString((*$1)[i])); - } -- $result = SWIG_Python_AppendOutput($result, list); -+ $result = SWIG_AppendOutput($result, list); - } - - /* return a sid along with the result */ -@@ -108,7 +108,7 @@ - plist = PyList_New(0); - } - -- $result = SWIG_Python_AppendOutput($result, plist); -+ $result = SWIG_AppendOutput($result, plist); - } - - /* Makes functions in get_context_list.h return a Python list of contexts */ diff --git a/backport-libselinux-free-data-on-selabel-open-failure.patch b/backport-libselinux-free-data-on-selabel-open-failure.patch deleted file mode 100644 index bf52d8ce802032d10b83ab65a2883a9e5a3245a2..0000000000000000000000000000000000000000 --- a/backport-libselinux-free-data-on-selabel-open-failure.patch +++ /dev/null @@ -1,120 +0,0 @@ -From 5876aca0484f3b45636ef6337f06b914a8769cb4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Wed, 13 Mar 2024 12:10:24 +0100 -Subject: [PATCH] libselinux: free data on selabel open failure -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In case the init function for a selabel backend fails, free the possible -already allocated data: - - Direct leak of 16 byte(s) in 1 object(s) allocated from: - #0 0x5e7e2bf001e3 in malloc (/tmp/destdir/usr/sbin/selabel_digest+0xc71e3) - #1 0x7233764baa65 in selabel_media_init /home/christian/Coding/workspaces/selinux/libselinux/src/label_media.c:226:30 - #2 0x7233764ac1fe in selabel_open /home/christian/Coding/workspaces/selinux/libselinux/src/label.c:227:6 - #3 0x5e7e2bf3ebfc in main /home/christian/Coding/workspaces/selinux/libselinux/utils/selabel_digest.c:125:8 - #4 0x7233761856c9 in __libc_start_call_main csu/../sysdeps/nptl/libc_start_call_main.h:58:16 - - SUMMARY: AddressSanitizer: 16 byte(s) leaked in 1 allocation(s). - -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - src/label.c | 5 +---- - src/label_backends_android.c | 3 +++ - src/label_db.c | 3 +++ - src/label_file.c | 3 +++ - src/label_media.c | 3 +++ - src/label_x.c | 3 +++ - 6 files changed, 16 insertions(+), 4 deletions(-) - -diff --git a/src/label.c b/src/label.c -index d2e703ef..06d743ec 100644 ---- a/src/label.c -+++ b/src/label.c -@@ -225,10 +225,7 @@ struct selabel_handle *selabel_open(unsigned int backend, - rec->digest = selabel_is_digest_set(opts, nopts, rec->digest); - - if ((*initfuncs[backend])(rec, opts, nopts)) { -- if (rec->digest) -- selabel_digest_fini(rec->digest); -- free(rec->spec_file); -- free(rec); -+ selabel_close(rec); - rec = NULL; - } - -diff --git a/src/label_backends_android.c b/src/label_backends_android.c -index 33a17236..49a87686 100644 ---- a/src/label_backends_android.c -+++ b/src/label_backends_android.c -@@ -246,6 +246,9 @@ static void closef(struct selabel_handle *rec) - struct spec *spec; - unsigned int i; - -+ if (!data) -+ return; -+ - for (i = 0; i < data->nspec; i++) { - spec = &data->spec_arr[i]; - free(spec->property_key); -diff --git a/src/label_db.c b/src/label_db.c -index 2ff10b2f..40d5fc4a 100644 ---- a/src/label_db.c -+++ b/src/label_db.c -@@ -178,6 +178,9 @@ db_close(struct selabel_handle *rec) - spec_t *spec; - unsigned int i; - -+ if (!catalog) -+ return; -+ - for (i = 0; i < catalog->nspec; i++) { - spec = &catalog->specs[i]; - free(spec->key); -diff --git a/src/label_file.c b/src/label_file.c -index 3b2bda97..2732972e 100644 ---- a/src/label_file.c -+++ b/src/label_file.c -@@ -904,6 +904,9 @@ static void closef(struct selabel_handle *rec) - struct stem *stem; - unsigned int i; - -+ if (!data) -+ return; -+ - selabel_subs_fini(data->subs); - selabel_subs_fini(data->dist_subs); - -diff --git a/src/label_media.c b/src/label_media.c -index fad5ea6d..94a58062 100644 ---- a/src/label_media.c -+++ b/src/label_media.c -@@ -167,6 +167,9 @@ static void close(struct selabel_handle *rec) - struct spec *spec, *spec_arr = data->spec_arr; - unsigned int i; - -+ if (!data) -+ return; -+ - for (i = 0; i < data->nspec; i++) { - spec = &spec_arr[i]; - free(spec->key); -diff --git a/src/label_x.c b/src/label_x.c -index bf569ca5..f994eefa 100644 ---- a/src/label_x.c -+++ b/src/label_x.c -@@ -194,6 +194,9 @@ static void close(struct selabel_handle *rec) - struct spec *spec, *spec_arr = data->spec_arr; - unsigned int i; - -+ if (!data) -+ return; -+ - for (i = 0; i < data->nspec; i++) { - spec = &spec_arr[i]; - free(spec->key); --- -2.33.0 - diff --git a/backport-libselinux-free-empty-scandir-3-result.patch b/backport-libselinux-free-empty-scandir-3-result.patch deleted file mode 100644 index 7176f4b4f2b91e08292e16fd972e6f0a0a61dbf8..0000000000000000000000000000000000000000 --- a/backport-libselinux-free-empty-scandir-3-result.patch +++ /dev/null @@ -1,41 +0,0 @@ -From c8b1f5928236e9ed3192a4393cb563cb718ccca4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Mon, 29 Apr 2024 18:38:59 +0200 -Subject: [PATCH] libselinux: free empty scandir(3) result -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In case scandir(3) finds no entries still free the returned result to -avoid leaking it. - -Also do not override errno in case of a failure. - -Reported.by: Cppcheck - -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - src/booleans.c | 6 +++++- - 1 file changed, 5 insertions(+), 1 deletion(-) - -diff --git a/src/booleans.c b/src/booleans.c -index c557df65..1ede8e2d 100644 ---- a/src/booleans.c -+++ b/src/booleans.c -@@ -53,7 +53,11 @@ int security_get_boolean_names(char ***names, int *len) - - snprintf(path, sizeof path, "%s%s", selinux_mnt, SELINUX_BOOL_DIR); - *len = scandir(path, &namelist, &filename_select, alphasort); -- if (*len <= 0) { -+ if (*len < 0) { -+ return -1; -+ } -+ if (*len == 0) { -+ free(namelist); - errno = ENOENT; - return -1; - } --- -2.33.0 - diff --git a/backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch b/backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch deleted file mode 100644 index 0b41dbf2fcef376aacee7c96da7cdad15c7eb825..0000000000000000000000000000000000000000 --- a/backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch +++ /dev/null @@ -1,86 +0,0 @@ -From f5a8e059e312a31dfcfc0fd6e8d08eabcdea535c Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Fri, 14 Mar 2025 14:17:49 +0100 -Subject: [PATCH] libselinux: initialize regex arch string in a thread safe way -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Synchronize the initialization of the regex architecture string. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter - -Conflict:NA -Reference:https://github.com/SELinuxProject/selinux/commit/f5a8e059e312a31dfcfc0fd6e8d08eabcdea535c - ---- - src/regex.c | 46 ++++++++++++++++++++++++------------------ - 1 file changed, 26 insertions(+), 20 deletions(-) - -diff --git a/src/regex.c b/src/regex.c -index 182c8c89..976f00d4 100644 ---- a/src/regex.c -+++ b/src/regex.c -@@ -30,32 +30,38 @@ - #endif - - #ifdef USE_PCRE2 --char const *regex_arch_string(void) -+static pthread_once_t once = PTHREAD_ONCE_INIT; -+static char arch_string_buffer[32]; -+ -+static void regex_arch_string_init(void) - { -- static char arch_string_buffer[32]; -- static char const *arch_string = ""; -- char const *endianness = NULL; -+ char const *endianness; - int rc; - -- if (arch_string[0] == '\0') { -- if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) -- endianness = "el"; -- else if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) -- endianness = "eb"; -+ if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) -+ endianness = "el"; -+ else if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) -+ endianness = "eb"; -+ else { -+ arch_string_buffer[0] = '\0'; -+ return; -+ } - -- if (!endianness) -- return NULL; -+ rc = snprintf(arch_string_buffer, sizeof(arch_string_buffer), -+ "%zu-%zu-%s", sizeof(void *), -+ sizeof(REGEX_ARCH_SIZE_T), -+ endianness); -+ if (rc < 0 || (size_t)rc >= sizeof(arch_string_buffer)) { -+ arch_string_buffer[0] = '\0'; -+ return; -+ } -+} - -- rc = snprintf(arch_string_buffer, sizeof(arch_string_buffer), -- "%zu-%zu-%s", sizeof(void *), -- sizeof(REGEX_ARCH_SIZE_T), -- endianness); -- if (rc < 0) -- abort(); -+const char *regex_arch_string(void) -+{ -+ __selinux_once(once, regex_arch_string_init); - -- arch_string = &arch_string_buffer[0]; -- } -- return arch_string; -+ return arch_string_buffer[0] != '\0' ? arch_string_buffer : NULL; - } - - struct regex_data { --- -2.43.0 - diff --git a/backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch b/backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch deleted file mode 100644 index 1dc94f77a05402c04a2d1bf02be5024c0ab844fb..0000000000000000000000000000000000000000 --- a/backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch +++ /dev/null @@ -1,40 +0,0 @@ -From f18f9e5ea155015b4b2ad6c9ba6ce5e0e3b30646 Mon Sep 17 00:00:00 2001 -From: Vit Mojzis -Date: Fri, 25 Oct 2024 20:30:14 +0200 -Subject: [PATCH] libselinux/matchpathcon: RESOURCE_LEAK: Variable "con" - -Fixes: - Error: RESOURCE_LEAK (CWE-772): - libselinux-3.6/src/matchpathcon.c:519: alloc_arg: "lgetfilecon_raw" allocates memory that is stored into "con". [Note: The source code implementation of the function has been overridden by a user model.] - libselinux-3.6/src/matchpathcon.c:528: leaked_storage: Variable "con" going out of scope leaks the storage it points to. - \# 526| - \# 527| if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)) - \# 528|-> return -1; - \# 529| - \# 530| if (selabel_lookup_raw(hnd, &fcontext, path, mode) != 0) { - -Signed-off-by: Vit Mojzis -Acked-by: James Carter ---- - src/matchpathcon.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/matchpathcon.c b/src/matchpathcon.c -index e44734c3..967520e4 100644 ---- a/src/matchpathcon.c -+++ b/src/matchpathcon.c -@@ -524,8 +524,10 @@ int selinux_file_context_verify(const char *path, mode_t mode) - return 0; - } - -- if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)) -+ if (!hnd && (matchpathcon_init_prefix(NULL, NULL) < 0)){ -+ freecon(con); - return -1; -+ } - - if (selabel_lookup_raw(hnd, &fcontext, path, mode) != 0) { - if (errno != ENOENT) --- -2.33.0 - diff --git a/backport-libselinux-reorder-calloc-3-arguments.patch b/backport-libselinux-reorder-calloc-3-arguments.patch deleted file mode 100644 index 9d6cf4b460eb0eb6a417274fb9b58c4773efb3e0..0000000000000000000000000000000000000000 --- a/backport-libselinux-reorder-calloc-3-arguments.patch +++ /dev/null @@ -1,43 +0,0 @@ -From b18fddef2e0aecb1cfba4cc3e495ea9ba09b49bd Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Fri, 5 Jan 2024 19:35:32 +0100 -Subject: [PATCH] libselinux: reorder calloc(3) arguments -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The canonical order of calloc(3) parameters is the number of elements -first and the size of each element second. - -Reported by GCC 14: - - is_customizable_type.c:43:45: warning: 'calloc' sizes specified with 'sizeof' in the earlier argument and not in the later argument [-Wcalloc-transposed-args] - -Signed-off-by: Christian Göttsche -Acked-by: James Carter - -Reference:https://github.com/SELinuxProject/selinux/commit/b18fddef2e0aecb1cfba4cc3e495ea9ba09b49bd -Conflict:path adapt - ---- - src/is_customizable_type.c | 4 +--- - 1 file changed, 1 insertion(+), 3 deletions(-) - -diff --git a/src/is_customizable_type.c b/src/is_customizable_type.c -index da301c60..0ae92c8d 100644 ---- a/src/is_customizable_type.c -+++ b/src/is_customizable_type.c -@@ -39,9 +39,7 @@ static int get_customizable_type_list(char *** retlist) - } - rewind(fp); - if (ctr) { -- list = -- (char **) calloc(sizeof(char *), -- ctr + 1); -+ list = calloc(ctr + 1, sizeof(char *)); - if (list) { - i = 0; - while (fgets_unlocked(buf, selinux_page_size, fp) --- -2.33.0 - diff --git a/backport-libselinux-set-free-d-data-to-NULL.patch b/backport-libselinux-set-free-d-data-to-NULL.patch deleted file mode 100644 index 8cb2fee8479478bdf38fb2394a0852abd4a8ac55..0000000000000000000000000000000000000000 --- a/backport-libselinux-set-free-d-data-to-NULL.patch +++ /dev/null @@ -1,78 +0,0 @@ -From f398662ea19d2cf6db6cb791e3b787889e5af883 Mon Sep 17 00:00:00 2001 -From: Petr Lautrbach -Date: Tue, 9 Jul 2024 21:23:46 +0200 -Subject: [PATCH] libselinux: set free'd data to NULL - -Fixes segfault in selabel_open() on systems with SELinux disabled and without any -SELinux policy installed introduced by commit 5876aca0484f ("libselinux: free -data on selabel open failure"): - - $ sestatus - SELinux status: disabled - - $ cat /etc/selinux/config - cat: /etc/selinux/config: No such file or directory - - $ matchpathcon /abc - [1] 907999 segmentation fault (core dumped) matchpathcon /abc - -Signed-off-by: Petr Lautrbach -Acked-by: James Carter ---- - src/label_backends_android.c | 1 + - src/label_file.c | 1 + - src/label_media.c | 1 + - src/label_x.c | 1 + - 4 files changed, 4 insertions(+) - -diff --git a/src/label_backends_android.c b/src/label_backends_android.c -index 49a87686..5bad24f2 100644 ---- a/src/label_backends_android.c -+++ b/src/label_backends_android.c -@@ -260,6 +260,7 @@ static void closef(struct selabel_handle *rec) - free(data->spec_arr); - - free(data); -+ rec->data = NULL; - } - - static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec, -diff --git a/src/label_file.c b/src/label_file.c -index 2732972e..59c9f2ef 100644 ---- a/src/label_file.c -+++ b/src/label_file.c -@@ -942,6 +942,7 @@ static void closef(struct selabel_handle *rec) - free(last_area); - } - free(data); -+ rec->data = NULL; - } - - // Finds all the matches of |key| in the given context. Returns the result in -diff --git a/src/label_media.c b/src/label_media.c -index 852aeada..bae065c1 100644 ---- a/src/label_media.c -+++ b/src/label_media.c -@@ -183,6 +183,7 @@ static void close(struct selabel_handle *rec) - free(spec_arr); - - free(data); -+ rec->data = NULL; - } - - static struct selabel_lookup_rec *lookup(struct selabel_handle *rec, -diff --git a/src/label_x.c b/src/label_x.c -index a8decc7a..ddae4f6c 100644 ---- a/src/label_x.c -+++ b/src/label_x.c -@@ -210,6 +210,7 @@ static void close(struct selabel_handle *rec) - free(spec_arr); - - free(data); -+ rec->data = NULL; - } - - static struct selabel_lookup_rec *lookup(struct selabel_handle *rec, --- -2.33.0 - diff --git a/backport-libselinux-use-reentrant-strtok_r-3.patch b/backport-libselinux-use-reentrant-strtok_r-3.patch deleted file mode 100644 index 10dc905e8eb479a61a2c9098e73793a41bfd6398..0000000000000000000000000000000000000000 --- a/backport-libselinux-use-reentrant-strtok_r-3.patch +++ /dev/null @@ -1,72 +0,0 @@ -From 82195e77e317d322dd9b5fc31d402462d6845357 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Mon, 15 Jan 2024 14:36:01 +0100 -Subject: [PATCH] libselinux: use reentrant strtok_r(3) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Use the reentrant version strtok_r(3) instead of strtok(3) to avoid -potential data races with concurrent threads. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter - -Reference:https://github.com/SELinuxProject/selinux/commit/82195e77e317d322dd9b5fc31d402462d6845357 -Conflict:path adapt - ---- - src/selinux_restorecon.c | 12 +++++++----- - 1 file changed, 7 insertions(+), 5 deletions(-) - -diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c -index 38f10f1c..acb729c8 100644 ---- a/src/selinux_restorecon.c -+++ b/src/selinux_restorecon.c -@@ -243,7 +243,7 @@ static uint64_t exclude_non_seclabel_mounts(void) - int index = 0, found = 0; - uint64_t nfile = 0; - char *mount_info[4]; -- char *buf = NULL, *item; -+ char *buf = NULL, *item, *saveptr; - - /* Check to see if the kernel supports seclabel */ - if (uname(&uts) == 0 && strverscmp(uts.release, "2.6.30") < 0) -@@ -258,13 +258,14 @@ static uint64_t exclude_non_seclabel_mounts(void) - while (getline(&buf, &len, fp) != -1) { - found = 0; - index = 0; -- item = strtok(buf, " "); -+ saveptr = NULL; -+ item = strtok_r(buf, " ", &saveptr); - while (item != NULL) { - mount_info[index] = item; - index++; - if (index == 4) - break; -- item = strtok(NULL, " "); -+ item = strtok_r(NULL, " ", &saveptr); - } - if (index < 4) { - selinux_log(SELINUX_ERROR, -@@ -276,14 +277,15 @@ static uint64_t exclude_non_seclabel_mounts(void) - /* Remove pre-existing entry */ - remove_exclude(mount_info[1]); - -- item = strtok(mount_info[3], ","); -+ saveptr = NULL; -+ item = strtok_r(mount_info[3], ",", &saveptr); - while (item != NULL) { - if (strcmp(item, "seclabel") == 0) { - found = 1; - nfile += file_system_count(mount_info[1]); - break; - } -- item = strtok(NULL, ","); -+ item = strtok_r(NULL, ",", &saveptr); - } - - /* Exclude mount points without the seclabel option */ --- -2.33.0 - diff --git a/backport-libselinux-utils-free-allocated-resources.patch b/backport-libselinux-utils-free-allocated-resources.patch deleted file mode 100644 index 5f1cefd934393e84e03fee78fe919bf9daaba1a8..0000000000000000000000000000000000000000 --- a/backport-libselinux-utils-free-allocated-resources.patch +++ /dev/null @@ -1,140 +0,0 @@ -From 1d5c3b7204b418710a257b80feaae04527585546 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 19 Dec 2023 17:09:25 +0100 -Subject: [PATCH] libselinux/utils: free allocated resources -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Remove noise while running with sanitizers or under valgrind. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter - -Reference:https://github.com/SELinuxProject/selinux/commit/1d5c3b7204b418710a257b80feaae04527585546 -Conflict:path and context adapt - ---- - utils/getconlist.c | 10 +++++++--- - utils/getdefaultcon.c | 20 +++++++++++++++++--- - utils/selinuxexeccon.c | 1 + - 3 files changed, 25 insertions(+), 6 deletions(-) - -diff --git a/utils/getconlist.c b/utils/getconlist.c -index 92f6a793..1ff05209 100644 ---- a/utils/getconlist.c -+++ b/utils/getconlist.c -@@ -19,8 +19,9 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d - - int main(int argc, char **argv) - { -- char **list, *cur_context = NULL; -- char *user = NULL, *level = NULL; -+ char **list; -+ const char *cur_context, *user; -+ char *cur_con = NULL, *level = NULL; - int ret, i, opt; - - while ((opt = getopt(argc, argv, "l:")) > 0) { -@@ -54,11 +55,12 @@ int main(int argc, char **argv) - - /* If a context wasn't passed, use the current context. */ - if (((argc - optind) < 2)) { -- if (getcon(&cur_context) < 0) { -+ if (getcon(&cur_con) < 0) { - fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno)); - free(level); - return 2; - } -+ cur_context = cur_con; - } else { - cur_context = argv[optind + 1]; - if (security_check_context(cur_context) != 0) { -@@ -82,10 +84,12 @@ int main(int argc, char **argv) - } else { - fprintf(stderr, "get_ordered_context_list%s failure: %d(%s)\n", - level ? "_with_level" : "", errno, strerror(errno)); -+ free(cur_con); - free(level); - return 4; - } - -+ free(cur_con); - free(level); - - return 0; -diff --git a/utils/getdefaultcon.c b/utils/getdefaultcon.c -index 50f1ea91..67c84f94 100644 ---- a/utils/getdefaultcon.c -+++ b/utils/getdefaultcon.c -@@ -19,8 +19,9 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d - - int main(int argc, char **argv) - { -- char * usercon = NULL, *cur_context = NULL; -- char *user = NULL, *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL; -+ const char *cur_context, *user; -+ char *usercon = NULL, *cur_con = NULL; -+ char *level = NULL, *role=NULL, *seuser=NULL, *dlevel=NULL; - char *service = NULL; - int ret, opt; - int verbose = 0; -@@ -54,6 +55,9 @@ int main(int argc, char **argv) - if (!is_selinux_enabled()) { - fprintf(stderr, - "%s may be used only on a SELinux kernel.\n", argv[0]); -+ free(level); -+ free(role); -+ free(service); - return 1; - } - -@@ -61,15 +65,23 @@ int main(int argc, char **argv) - - /* If a context wasn't passed, use the current context. */ - if (((argc - optind) < 2)) { -- if (getcon(&cur_context) < 0) { -+ if (getcon(&cur_con) < 0) { - fprintf(stderr, "Couldn't get current context: %s\n", strerror(errno)); -+ free(level); -+ free(role); -+ free(service); - return 2; - } -+ cur_context = cur_con; - } else - cur_context = argv[optind + 1]; - - if (security_check_context(cur_context)) { - fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], cur_context); -+ free(cur_con); -+ free(level); -+ free(role); -+ free(service); - return 3; - } - -@@ -101,6 +113,8 @@ out: - if (level != dlevel) free(level); - free(dlevel); - free(usercon); -+ free(cur_con); -+ free(service); - - return ret >= 0; - } -diff --git a/utils/selinuxexeccon.c b/utils/selinuxexeccon.c -index 66754b6a..463bf5aa 100644 ---- a/utils/selinuxexeccon.c -+++ b/utils/selinuxexeccon.c -@@ -45,6 +45,7 @@ int main(int argc, char **argv) - con = strdup(argv[2]); - if (security_check_context(con)) { - fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con); -+ free(con); - return -1; - } - } --- -2.33.0 - diff --git a/backport-libselinux-utils-selabel_digest-avoid-buffer-overflo.patch b/backport-libselinux-utils-selabel_digest-avoid-buffer-overflo.patch deleted file mode 100644 index 9645bc384f01282b6246182b6bcdb433dfd6edfd..0000000000000000000000000000000000000000 --- a/backport-libselinux-utils-selabel_digest-avoid-buffer-overflo.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 994b9b205e36f3cc849b75f075e057686f3f9cd8 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Wed, 13 Mar 2024 12:10:23 +0100 -Subject: [PATCH] libselinux/utils/selabel_digest: avoid buffer overflow -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In case the specfiles have very long paths or there are too many abort -instead of writing past the stack buffer. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - utils/selabel_digest.c | 45 ++++++++++++++++++++++++------- - 1 file changed, 36 insertions(+), 9 deletions(-) - -diff --git a/utils/selabel_digest.c b/utils/selabel_digest.c -index db0d443a..64051070 100644 ---- a/utils/selabel_digest.c -+++ b/utils/selabel_digest.c -@@ -66,7 +66,7 @@ int main(int argc, char **argv) - - char cmd_buf[4096]; - char *cmd_ptr; -- char *sha1_buf; -+ char *sha1_buf = NULL; - - struct selabel_handle *hnd; - struct selinux_opt selabel_option[] = { -@@ -167,23 +167,50 @@ int main(int argc, char **argv) - printf("calculated using the following specfile(s):\n"); - - if (specfiles) { -- cmd_ptr = &cmd_buf[0]; -- sprintf(cmd_ptr, "/usr/bin/cat "); -- cmd_ptr = &cmd_buf[0] + strlen(cmd_buf); -+ size_t cmd_rem = sizeof(cmd_buf); -+ int ret; -+ -+ if (validate) { -+ cmd_ptr = &cmd_buf[0]; -+ ret = snprintf(cmd_ptr, cmd_rem, "/usr/bin/cat "); -+ if (ret < 0 || (size_t)ret >= cmd_rem) { -+ fprintf(stderr, "Could not format validate command\n"); -+ rc = -1; -+ goto err; -+ } -+ cmd_ptr += ret; -+ cmd_rem -= ret; -+ } - - for (i = 0; i < num_specfiles; i++) { -- sprintf(cmd_ptr, "%s ", specfiles[i]); -- cmd_ptr += strlen(specfiles[i]) + 1; -+ if (validate) { -+ ret = snprintf(cmd_ptr, cmd_rem, "%s ", specfiles[i]); -+ if (ret < 0 || (size_t)ret >= cmd_rem) { -+ fprintf(stderr, "Could not format validate command\n"); -+ rc = -1; -+ goto err; -+ } -+ cmd_ptr += ret; -+ cmd_rem -= ret; -+ } -+ - printf("%s\n", specfiles[i]); - } -- sprintf(cmd_ptr, "| /usr/bin/openssl dgst -sha1 -hex"); - -- if (validate) -+ if (validate) { -+ ret = snprintf(cmd_ptr, cmd_rem, "| /usr/bin/openssl dgst -sha1 -hex"); -+ if (ret < 0 || (size_t)ret >= cmd_rem) { -+ fprintf(stderr, "Could not format validate command\n"); -+ rc = -1; -+ goto err; -+ } -+ - rc = run_check_digest(cmd_buf, sha1_buf); -+ } - } - -- free(sha1_buf); - err: -+ free(sha1_buf); - selabel_close(hnd); - return rc; - } --- -2.33.0 - diff --git a/backport-libselinux-utils-selabel_digest-drop-unsupported-opt.patch b/backport-libselinux-utils-selabel_digest-drop-unsupported-opt.patch deleted file mode 100644 index c16c2fd89201a6752036e0f530d379dae6cdcc6e..0000000000000000000000000000000000000000 --- a/backport-libselinux-utils-selabel_digest-drop-unsupported-opt.patch +++ /dev/null @@ -1,32 +0,0 @@ -From c774f15a4a726eb57b9815a55980eb81d09ad9c2 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Wed, 13 Mar 2024 12:10:21 +0100 -Subject: [PATCH] libselinux/utils/selabel_digest: drop unsupported option -d -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The command line option -d is not supported, drop from usage message. - -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - utils/selabel_digest.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/utils/selabel_digest.c b/utils/selabel_digest.c -index bf22b472..50f55311 100644 ---- a/utils/selabel_digest.c -+++ b/utils/selabel_digest.c -@@ -11,7 +11,7 @@ static size_t digest_len; - static __attribute__ ((__noreturn__)) void usage(const char *progname) - { - fprintf(stderr, -- "usage: %s -b backend [-d] [-v] [-B] [-i] [-f file]\n\n" -+ "usage: %s -b backend [-v] [-B] [-i] [-f file]\n\n" - "Where:\n\t" - "-b The backend - \"file\", \"media\", \"x\", \"db\" or " - "\"prop\"\n\t" --- -2.33.0 - diff --git a/backport-selinux-free-memory-in-error-branch.patch b/backport-selinux-free-memory-in-error-branch.patch deleted file mode 100644 index 52444c14dfbb76deafa4d0ed243e3d4eb8afee19..0000000000000000000000000000000000000000 --- a/backport-selinux-free-memory-in-error-branch.patch +++ /dev/null @@ -1,104 +0,0 @@ -From 48f66b6aaad256cf196754cf96fb331773a6e5d4 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Fri, 18 Oct 2024 17:12:58 +0200 -Subject: [PATCH] selinux: free memory in error branch -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Free the allocated line if it fails to parse via process_line() for the -X or media database. - -Also declare the line_buf parameter of process_line() const, so it is -more obvious it is not modified or free'd. - -Reported-by: clang-analyzer -Signed-off-by: Christian Göttsche -Acked-by: James Carter ---- - src/label_media.c | 6 +++--- - src/label_x.c | 6 +++--- - 2 files changed, 6 insertions(+), 6 deletions(-) - -diff --git a/src/label_media.c b/src/label_media.c -index df4c2b6..621f800 100644 ---- a/src/label_media.c -+++ b/src/label_media.c -@@ -30,12 +30,12 @@ struct saved_data { - spec_t *spec_arr; - }; - --static int process_line(const char *path, char *line_buf, int pass, -+static int process_line(const char *path, const char *line_buf, int pass, - unsigned lineno, struct selabel_handle *rec) - { - struct saved_data *data = (struct saved_data *)rec->data; - int items; -- char *buf_p; -+ const char *buf_p; - char *key, *context; - - buf_p = line_buf; -@@ -131,10 +131,11 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - goto finish; - memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec); - maxnspec = data->nspec; -- rewind(fp); -+ status = fseek(fp, 0L, SEEK_SET); -+ if (status == -1) -+ goto finish; - } - } -- free(line_buf); - - status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); - if (status) -@@ -143,6 +144,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - digest_gen_hash(rec->digest); - - finish: -+ free(line_buf); - fclose(fp); - return status; - } -diff --git a/src/label_x.c b/src/label_x.c -index e9b489b..85839f4 100644 ---- a/src/label_x.c -+++ b/src/label_x.c -@@ -32,12 +32,12 @@ struct saved_data { - spec_t *spec_arr; - }; - --static int process_line(const char *path, char *line_buf, int pass, -+static int process_line(const char *path, const char *line_buf, int pass, - unsigned lineno, struct selabel_handle *rec) - { - struct saved_data *data = (struct saved_data *)rec->data; - int items; -- char *buf_p; -+ const char *buf_p; - char *type, *key, *context; - - buf_p = line_buf; -@@ -158,10 +158,11 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - goto finish; - memset(data->spec_arr, 0, sizeof(spec_t)*data->nspec); - maxnspec = data->nspec; -- rewind(fp); -+ status = fseek(fp, 0L, SEEK_SET); -+ if (status == -1) -+ goto finish; - } - } -- free(line_buf); - - status = digest_add_specfile(rec->digest, fp, NULL, sb.st_size, path); - if (status) -@@ -170,6 +171,7 @@ static int init(struct selabel_handle *rec, const struct selinux_opt *opts, - digest_gen_hash(rec->digest); - - finish: -+ free(line_buf); - fclose(fp); - return status; - } diff --git a/libselinux-3.5.tar.gz b/libselinux-3.5.tar.gz deleted file mode 100644 index 2916882feaee3b67e9b8cdead4e046847b3032fa..0000000000000000000000000000000000000000 Binary files a/libselinux-3.5.tar.gz and /dev/null differ diff --git a/libselinux-3.9.tar.gz b/libselinux-3.9.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..ac25ff75256b9f8bd5e7be1a3079a1028fe26ecd Binary files /dev/null and b/libselinux-3.9.tar.gz differ diff --git a/libselinux.spec b/libselinux.spec index 0483944efd677433bfd7c6d3b4fed34360c9cce8..605ffe34614d39030da8b1bcd4ba8a5e0904aeb8 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -1,33 +1,13 @@ -%global ruby_inc %(pkg-config --cflags ruby) %global libsepol_version 3.5 Name: libselinux -Version: 3.5 -Release: 8 +Version: 3.9 +Release: 1 License: Public Domain Summary: SELinux library and simple utilities Url: https://github.com/SELinuxProject/selinux/wiki Source0: https://github.com/SELinuxProject/selinux/releases/download/%{version}/libselinux-%{version}.tar.gz -Patch0001: backport-libselinux-add-check-for-calloc-in-check_booleans.patch -Patch0002: backport-libselinux-utils-free-allocated-resources.patch -Patch0003: backport-libselinux-enable-usage-with-pedantic-UB-sanitizers.patch -Patch0004: backport-libselinux-reorder-calloc-3-arguments.patch -Patch0005: backport-libselinux-Fix-ordering-of-arguments-to-calloc.patch -Patch0006: backport-libselinux-use-reentrant-strtok_r-3.patch -Patch0007: backport-libselinux-fix-swig-bindings-for-4.3.0.patch -Patch0008: backport-libselinux-utils-selabel_digest-drop-unsupported-opt.patch -Patch0009: backport-libselinux-utils-selabel_digest-avoid-buffer-overflo.patch -Patch0010: backport-libselinux-free-data-on-selabel-open-failure.patch -Patch0011: backport-libselinux-avoid-logs-in-get_ordered_context_list-wi.patch -Patch0012: backport-libselinux-free-empty-scandir-3-result.patch -Patch0013: backport-libselinux-avoid-pointer-dereference-before-check.patch -Patch0014: backport-libselinux-set-free-d-data-to-NULL.patch -Patch0015: backport-libselinux-matchpathcon-RESOURCE_LEAK-Variable-con.patch -Patch0016: backport-libselinux-Close-old-selabel-handle-when-setting-a-n.patch -Patch0017: backport-libselinux-initialize-regex-arch-string-in-a-thread-.patch -Patch0018: backport-selinux-free-memory-in-error-branch.patch - Patch9000: do-malloc-trim-after-load-policy.patch BuildRequires: gcc python3-devel systemd swig pcre2-devel >= 10.42 xz-devel @@ -88,7 +68,7 @@ make clean %make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags} -DAGGRESSIVE_FREE_AFTER_REGEX_MATCH" swigify %make_build LIBDIR="%{_libdir}" CFLAGS="-g %{optflags} -DAGGRESSIVE_FREE_AFTER_REGEX_MATCH" all %make_build %{__python3} LIBDIR="%{_libdir}" CFLAGS="-g %{optflags} -DAGGRESSIVE_FREE_AFTER_REGEX_MATCH" pywrap -%make_build RUBYINC="%{ruby_inc}" SHLIBDIR="%{_libdir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" CFLAGS="-g %{optflags} -DAGGRESSIVE_FREE_AFTER_REGEX_MATCH" rubywrap +%make_build SHLIBDIR="%{_libdir}" LIBDIR="%{_libdir}" LIBSEPOLA="%{_libdir}/libsepol.a" CFLAGS="-g %{optflags} -DAGGRESSIVE_FREE_AFTER_REGEX_MATCH" rubywrap %install mkdir -p %{buildroot}%{_tmpfilesdir} @@ -119,6 +99,7 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist %{_sbindir}/{avcstat,getenforce,getpidprevcon,getsebool,matchpathcon,sefcontext_compile,selinuxconlist} %{_sbindir}/{selinuxdefcon,selinuxexeccon,selinuxenabled,setenforce,selabel_digest,selabel_lookup} %{_sbindir}/{selabel_get_digests_all_partial_matches,validatetrans} +%{_sbindir}/{getpolicyload,selabel_compare} %dir %{_rundir}/setrans/ %{_tmpfilesdir}/libselinux.conf @@ -140,10 +121,11 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist %{_mandir}/man3/* %{_mandir}/man5/* %{_mandir}/man8/* -%lang(ru) %{_mandir}/ru/man5/* -%lang(ru) %{_mandir}/ru/man8/* %changelog +* Tue Sep 16 2025 Funda Wang - 3.9-1 +- update to 3.9 + * Tue Sep 16 2025 yixiangzhike - 3.5-8 - enable macro AGGRESSIVE_FREE_AFTER_REGEX_MATCH to free match_data immediately