From d1a97aea17a129c43f31b0a7948b795bee633c63 Mon Sep 17 00:00:00 2001 From: changhan Date: Fri, 18 Apr 2025 06:27:17 +0000 Subject: [PATCH] libsemanage: handle shell allocation failure Signed-off-by: changhan (cherry picked from commit b4cdcb37d0ccd6656e704db69a960ec15e7d3bee) --- ...nage-handle-shell-allocation-failure.patch | 47 +++++++++++++++++++ libsemanage.spec | 6 ++- 2 files changed, 52 insertions(+), 1 deletion(-) create mode 100644 backport-libsemanage-handle-shell-allocation-failure.patch diff --git a/backport-libsemanage-handle-shell-allocation-failure.patch b/backport-libsemanage-handle-shell-allocation-failure.patch new file mode 100644 index 0000000..5dee717 --- /dev/null +++ b/backport-libsemanage-handle-shell-allocation-failure.patch @@ -0,0 +1,47 @@ +From 9bde761fcb912fded145a16de767afe8a8a3977f Mon Sep 17 00:00:00 2001 +From: changhan +Date: Fri, 18 Apr 2025 11:47:37 +0800 +Subject: [PATCH] libsemanage-handle-shell-allocation-failure + +Reference:https://github.com/SELinuxProject/selinux/commit/dcd755abdde87abdbb43855b7b1bc28d56a21c51 + +--- + src/genhomedircon.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/genhomedircon.c b/src/genhomedircon.c +index b35d7ba..230015c 100644 +--- a/src/genhomedircon.c ++++ b/src/genhomedircon.c +@@ -228,7 +228,7 @@ static semanage_list_t *get_shell_list(void) + free(temp); + semanage_list_destroy(&list); + fclose(shells); +- return default_shell_list(); ++ return NULL; + } + } + } +@@ -333,14 +333,18 @@ static semanage_list_t *get_home_dirs(genhomedircon_settings_t * s) + return homedir_list; + + shells = get_shell_list(); +- assert(shells); + ++ if (!shells) { ++ ERR(s->h_semanage, "Allocation failure!"); ++ goto fail; ++ } + path = semanage_findval(PATH_ETC_LOGIN_DEFS, "UID_MIN", NULL); + if (path && *path) { + temp = atoi(path); + minuid = temp; + minuid_set = 1; + } ++ + free(path); + path = NULL; + +-- +2.33.0 + diff --git a/libsemanage.spec b/libsemanage.spec index a906496..72b1904 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Name: libsemanage Version: 3.5 -Release: 2 +Release: 3 License: LGPLv2+ Summary: SELinux binary policy manipulation library URL: https://github.com/SELinuxProject/selinux/wiki @@ -21,6 +21,7 @@ Patch6007: backport-libsemanage-check-for-path-formatting-failures.patch Patch6008: backport-libsemanage-set-O_CLOEXEC-flag-for-file-descriptors.patch Patch6009: backport-libsemanage-check-closing-written-files.patch Patch6010: backport-libsemanage-handle-cil_set_handle_unknown-failure.patch +Patch6011: backport-libsemanage-handle-shell-allocation-failure.patch Patch9000: fix-test-failure-with-secilc.patch @@ -116,6 +117,9 @@ make test %changelog +* Fri Apr 18 2025 changhan - 3.5-3 +- backport libsemanage: handle shell allocation failure + * Mon Mar 17 2025 hugel - 3.5-2 - backport patches from upstream -- Gitee