diff --git a/backport-libsemanage-handle-shell-allocation-failure.patch b/backport-libsemanage-handle-shell-allocation-failure.patch new file mode 100644 index 0000000000000000000000000000000000000000..5dee717c0d63a92b0d2d7f02caa894a59d1f8a37 --- /dev/null +++ b/backport-libsemanage-handle-shell-allocation-failure.patch @@ -0,0 +1,47 @@ +From 9bde761fcb912fded145a16de767afe8a8a3977f Mon Sep 17 00:00:00 2001 +From: changhan +Date: Fri, 18 Apr 2025 11:47:37 +0800 +Subject: [PATCH] libsemanage-handle-shell-allocation-failure + +Reference:https://github.com/SELinuxProject/selinux/commit/dcd755abdde87abdbb43855b7b1bc28d56a21c51 + +--- + src/genhomedircon.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/genhomedircon.c b/src/genhomedircon.c +index b35d7ba..230015c 100644 +--- a/src/genhomedircon.c ++++ b/src/genhomedircon.c +@@ -228,7 +228,7 @@ static semanage_list_t *get_shell_list(void) + free(temp); + semanage_list_destroy(&list); + fclose(shells); +- return default_shell_list(); ++ return NULL; + } + } + } +@@ -333,14 +333,18 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s) + return homedir_list; + + shells = get_shell_list(); +- assert(shells); + ++ if (!shells) { ++ ERR(s->h_semanage, "Allocation failure!"); ++ goto fail; ++ } + path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL); + if (path && *path) { + temp = atoi(path); + minuid = temp; + minuid_set = 1; + } ++ + free(path); + path = NULL; + +-- +2.33.0 + diff --git a/libsemanage.spec b/libsemanage.spec index a906496debefa8488b79270dfe54c1c549c4ce73..72b1904524be9a883e2a9ee591fc6716552f79b0 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Name: libsemanage Version: 3.5 -Release: 2 +Release: 3 License: LGPLv2+ Summary: SELinux binary policy manipulation library URL: https://github.com/SELinuxProject/selinux/wiki @@ -21,6 +21,7 @@ Patch6007: backport-libsemanage-check-for-path-formatting-failures.patch Patch6008: backport-libsemanage-set-O_CLOEXEC-flag-for-file-descriptors.patch Patch6009: backport-libsemanage-check-closing-written-files.patch Patch6010: backport-libsemanage-handle-cil_set_handle_unknown-failure.patch +Patch6011: backport-libsemanage-handle-shell-allocation-failure.patch Patch9000: fix-test-failure-with-secilc.patch @@ -116,6 +117,9 @@ make test %changelog +* Fri Apr 18 2025 changhan - 3.5-3 +- backport libsemanage: handle shell allocation failure + * Mon Mar 17 2025 hugel - 3.5-2 - backport patches from upstream