diff --git a/C1.patch b/C1.patch new file mode 100644 index 0000000000000000000000000000000000000000..6e47e70c2967cad58668c78735af4773a3df1a37 --- /dev/null +++ b/C1.patch @@ -0,0 +1,43 @@ +From 9b4eff9222b24d4b5f2784db281f4f53019263b0 Mon Sep 17 00:00:00 2001 +From: Vit Mojzis +Date: Fri, 25 Oct 2024 20:32:07 +0200 +Subject: [PATCH] libsemanage/direct_api: INTEGER_OVERFLOW read_len = read() + +The following statement is always true if read_len is unsigned: +(read_len = read(fd, data_read + data_read_len, max_len - data_read_len)) > 0 + +Fixes: + Error: INTEGER_OVERFLOW (CWE-190): [#def19] [important] + libsemanage-3.7/src/direct_api.c:598:2: tainted_data_return: Called function "read(fd, data_read + data_read_len, max_len - data_read_len)", and a possible return value may be less than zero. + libsemanage-3.7/src/direct_api.c:598:2: cast_underflow: An assign of a possibly negative number to an unsigned type, which might trigger an underflow. + libsemanage-3.7/src/direct_api.c:599:3: overflow: The expression "data_read_len += read_len" is deemed underflowed because at least one of its arguments has underflowed. + libsemanage-3.7/src/direct_api.c:598:2: overflow: The expression "max_len - data_read_len" is deemed underflowed because at least one of its arguments has underflowed. + libsemanage-3.7/src/direct_api.c:598:2: overflow_sink: "max_len - data_read_len", which might have underflowed, is passed to "read(fd, data_read + data_read_len, max_len - data_read_len)". [Note: The source code implementation of the function has been overridden by a builtin model.] + \# 596| } + \# 597| + \# 598|-> while ((read_len = read(fd, data_read + data_read_len, max_len - data_read_len)) > 0) { + \# 599| data_read_len += read_len; + \# 600| if (data_read_len == max_len) { + +Signed-off-by: Vit Mojzis +Acked-by: James Carter +--- + libsemanage/src/direct_api.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/libsemanage/src/direct_api.c b/libsemanage/src/direct_api.c +index d740070d..7631c7bf 100644 +--- a/libsemanage/src/direct_api.c ++++ b/libsemanage/src/direct_api.c +@@ -582,7 +582,7 @@ cleanup: + static int read_from_pipe_to_data(semanage_handle_t *sh, size_t initial_len, int fd, char **out_data_read, size_t *out_read_len) + { + size_t max_len = initial_len; +- size_t read_len = 0; ++ ssize_t read_len = 0; + size_t data_read_len = 0; + char *data_read = NULL; + +-- +2.20.1 + diff --git a/libsemanage.spec b/libsemanage.spec index 338dfc7a534a0dc78418a0e7cf3f1112208c169f..cb192052a1fa21db484041529534891d1f9cdc93 100644 --- a/libsemanage.spec +++ b/libsemanage.spec @@ -3,7 +3,7 @@ Name: libsemanage Version: 3.5 -Release: 8 +Release: 9 License: LGPL-2.1-or-later Summary: SELinux binary policy manipulation library URL: https://github.com/SELinuxProject/selinux/wiki @@ -26,9 +26,11 @@ Patch6013: backport-libsemanage-handle-shell-allocation-failure.patch Patch6014: backport-libsemanage-drop-duplicate-newlines-and-error-descriptions-in-error-messages.patch Patch6015: backport-libsemanage-simplify-file-deletion.patch Patch6016: backport-libsemanage-optimize-policy-by-default.patch +Patch6017: C1.patch Patch9000: fix-test-failure-with-secilc.patch + BuildRequires: gcc python3-devel bison flex bzip2-devel audit-libs-devel BuildRequires: libselinux-devel >= %{libselinux_version} swig libsepol-devel >= %{libsepol_version} BuildRequires: CUnit-devel gdb-headless @@ -118,6 +120,9 @@ make test %lang(ru) %{_mandir}/ru/man5/* %changelog +* Fri Aug 29 2025 Yu Peng - 3.5-8 +- TEST + * Wed May 7 2025 yixiangzhike - 3.5-8 - Change the author's mailbox