From 645d99d884834c1b522c3a59e2c8154386f54d97 Mon Sep 17 00:00:00 2001
From: lujie54 <lujie54@huawei.com>
Date: Fri, 1 Jul 2022 10:21:43 +0800
Subject: [PATCH] fix segfault in add_xattr_entry()

---
 ...inux-fix-segfault-in-add_xattr_entry.patch | 79 +++++++++++++++++++
 libselinux.spec                               | 14 +++-
 2 files changed, 91 insertions(+), 2 deletions(-)
 create mode 100644 backport-libselinux-fix-segfault-in-add_xattr_entry.patch

diff --git a/backport-libselinux-fix-segfault-in-add_xattr_entry.patch b/backport-libselinux-fix-segfault-in-add_xattr_entry.patch
new file mode 100644
index 0000000..771d21d
--- /dev/null
+++ b/backport-libselinux-fix-segfault-in-add_xattr_entry.patch
@@ -0,0 +1,79 @@
+From 142826a38e974b54a45022c0a0a8dce13a8225dc Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <plautrba@redhat.com>
+Date: Mon, 15 Feb 2021 14:05:53 +0100
+Reference:https://github.com/SELinuxProject/selinux/commit/142826a38e974b54a45022c0a0a8dce13a8225
+Conflict:adapter filepath
+Subject: [PATCH] libselinux: fix segfault in add_xattr_entry()
+
+When selabel_get_digests_all_partial_matches(), resp
+get_digests_all_partial_matches() doesn't find a match,
+calculated_digest is not initialized and followup memcmp() could
+segfault. Given that calculated_digest and xattr_digest are already
+compared in get_digests_all_partial_matches() and the function returns
+true or false based on this comparison, it's not necessary to compare
+these values again.
+
+Fixes:
+    # cd /root
+    # mkdir tmp
+    # restorecon -D -Rv tmp  # create security.sehash attribute
+    # restorecon_xattr -d -v tmp
+    specfiles SHA1 digest: afc752f47d489f3e82ac1da8fd247a2e1a6af5f8
+    calculated using the following specfile(s):
+    /etc/selinux/targeted/contexts/files/file_contexts.subs_dist
+    /etc/selinux/targeted/contexts/files/file_contexts.subs
+    /etc/selinux/targeted/contexts/files/file_contexts.bin
+    /etc/selinux/targeted/contexts/files/file_contexts.homedirs.bin
+    /etc/selinux/targeted/contexts/files/file_contexts.local.bin
+
+    Segmentation fault (core dumped)
+
+Signed-off-by: Petr Lautrbach <plautrba@redhat.com>
+Signed-off-by: l00564439 <luhuaxin1@huawei.com>
+---
+ libselinux/src/selinux_restorecon.c | 14 +++++++-------
+ 1 file changed, 7 insertions(+), 7 deletions(-)
+
+diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c
+index 6993be6f..63fb8dc5 100644
+--- a/src/selinux_restorecon.c
++++ b/src/selinux_restorecon.c
+@@ -297,6 +297,7 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+ 	char *sha1_buf = NULL;
+ 	size_t i, digest_len = 0;
+ 	int rc, digest_result;
++	bool match;
+ 	struct dir_xattr *new_entry;
+ 	uint8_t *xattr_digest = NULL;
+ 	uint8_t *calculated_digest = NULL;
+@@ -306,9 +307,9 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+ 		return -1;
+ 	}
+ 
+-	selabel_get_digests_all_partial_matches(fc_sehandle, directory,
+-						&calculated_digest,
+-						&xattr_digest, &digest_len);
++	match = selabel_get_digests_all_partial_matches(fc_sehandle, directory,
++								&calculated_digest, &xattr_digest,
++								&digest_len);
+ 
+ 	if (!xattr_digest || !digest_len) {
+ 		free(calculated_digest);
+@@ -326,11 +327,10 @@ static int add_xattr_entry(const char *directory, bool delete_nonmatch,
+ 	for (i = 0; i < digest_len; i++)
+ 		sprintf((&sha1_buf[i * 2]), "%02x", xattr_digest[i]);
+ 
+-	rc = memcmp(calculated_digest, xattr_digest, digest_len);
+-	digest_result = rc ? NOMATCH : MATCH;
++	digest_result = match ? MATCH : NOMATCH;
+ 
+-	if ((delete_nonmatch && rc != 0) || delete_all) {
+-		digest_result = rc ? DELETED_NOMATCH : DELETED_MATCH;
++	if ((delete_nonmatch && !match) || delete_all) {
++		digest_result = match ? DELETED_MATCH : DELETED_NOMATCH;
+ 		rc = removexattr(directory, RESTORECON_PARTIAL_MATCH_DIGEST);
+ 		if (rc) {
+ 			selinux_log(SELINUX_ERROR,
+-- 
+2.23.0
+
diff --git a/libselinux.spec b/libselinux.spec
index ebe854e..345a9b6 100644
--- a/libselinux.spec
+++ b/libselinux.spec
@@ -3,7 +3,7 @@
 
 Name:    libselinux
 Version: 3.1
-Release: 4
+Release: 5
 License: Public Domain
 Summary: SELinux library and simple utilities
 Url:     https://github.com/SELinuxProject/selinux/wiki
@@ -12,6 +12,7 @@ Patch0:  Fix-import-error-in-python2-package.patch
 Patch1: do-malloc-trim-after-load-policy.patch
 
 Patch6000: backport-libselinux-Fix-potential-undefined-shifts.patch 
+Patch6001: backport-libselinux-fix-segfault-in-add_xattr_entry.patch
 
 BuildRequires: gcc python3-devel systemd swig pcre2-devel xz-devel
 BuildRequires: python2-devel ruby-devel libsepol-static >= %{libsepol_version}
@@ -65,7 +66,13 @@ Provides: ruby(selinux)
 The libselinux-ruby package contains the ruby bindings for developing
 SELinux applications.
 
-%package_help
+%package help
+Summary:	Documents for %{name}
+Buildarch: 	noarch
+Requires:	man info
+
+%description help
+Man pages and other related documents for %{name}
 
 %prep
 %autosetup -p 1 -n libselinux-%{version}
@@ -147,6 +154,9 @@ mv %{buildroot}%{_sbindir}/getconlist %{buildroot}%{_sbindir}/selinuxconlist
 %{_mandir}/ru/man8/*
 
 %changelog
+* Fri Jul 1 2022 lujie <lujie54@huawei.com> - 3.1-5
+- fix segfault in add_xattr_entry()
+
 * Tue Nov 16 2021 lujie <lujie42@huawei.com> - 3.1-4
 - fix potential undefined shifts
 
-- 
Gitee