From 5c0367cf07a14d5cfd5c92531a21ddae9ce58046 Mon Sep 17 00:00:00 2001 From: wanghuizhao Date: Thu, 1 Dec 2022 15:46:31 +0800 Subject: [PATCH 1/3] backport upsteam patches --- ...module-avoid-toctou-on-output-module.patch | 48 +++++++++++++++++++ 1 file changed, 48 insertions(+) create mode 100644 backport-semodule-avoid-toctou-on-output-module.patch diff --git a/backport-semodule-avoid-toctou-on-output-module.patch b/backport-semodule-avoid-toctou-on-output-module.patch new file mode 100644 index 0000000..ee47793 --- /dev/null +++ b/backport-semodule-avoid-toctou-on-output-module.patch @@ -0,0 +1,48 @@ +From 6d02b2fa29954e239721907e1fce238f25ea4f2f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= +Date: Fri, 20 May 2022 15:19:52 +0200 +Subject: [PATCH] semodule: avoid toctou on output module +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Do not check for file existence and open afterwards, open with the +exclusive flag (supported in Glibc and musl 0.9.6 and also standardized +in C11). + +Found by GitHub CodeQL. + +Signed-off-by: Christian Göttsche +Acked-by: Nicolas Iooss +--- + policycoreutils/semodule/semodule.c | 13 +++++-------- + 1 file changed, 5 insertions(+), 8 deletions(-) + +diff --git a/policycoreutils/semodule/semodule.c b/policycoreutils/semodule/semodule.c +index 1ed8e690..48bc28dd 100644 +--- a/policycoreutils/semodule/semodule.c ++++ b/policycoreutils/semodule/semodule.c +@@ -550,15 +550,12 @@ int main(int argc, char *argv[]) + goto cleanup_extract; + } + +- if (access(output_path, F_OK) == 0) { +- fprintf(stderr, "%s: %s is already extracted with extension %s.\n", argv[0], mode_arg, lang_ext); +- result = -1; +- goto cleanup_extract; +- } +- +- output_fd = fopen(output_path, "w"); ++ output_fd = fopen(output_path, "wx"); + if (output_fd == NULL) { +- fprintf(stderr, "%s: Unable to open %s\n", argv[0], output_path); ++ if (errno == EEXIST) ++ fprintf(stderr, "%s: %s is already extracted with extension %s.\n", argv[0], mode_arg, lang_ext); ++ else ++ fprintf(stderr, "%s: Unable to open %s: %s\n", argv[0], output_path, strerror(errno)); + result = -1; + goto cleanup_extract; + } +-- +2.12.3 + -- Gitee From 6839b64e85c1351725b58590cd6252b6b736abb3 Mon Sep 17 00:00:00 2001 From: wanghuizhao Date: Thu, 1 Dec 2022 16:08:14 +0800 Subject: [PATCH 2/3] add patch in policycoreutils.spec --- policycoreutils.spec | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/policycoreutils.spec b/policycoreutils.spec index 4126342..9eed6b3 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -21,6 +21,7 @@ Patch3: backport-newrole-ensure-password-memory-erasure.patch Patch4: backport-semodule_package-Close-leaking-fd.patch Patch5: backport-python-Split-semanage-import-into-two-transactions.patch Patch6: backport-python-audit2allow-close-file-stream-on-error.patch +Patch7: backport-semodule-avoid-toctou-on-output-module.patch BuildRequires: gcc BuildRequires: pam-devel libsepol-static >= 3.3 libsemanage-static >= 3.3 libselinux-devel >= 3.3 libcap-devel audit-libs-devel gettext @@ -261,6 +262,9 @@ find %{buildroot}%{python3_sitelib} %{buildroot}%{python3_sitearch} \ %{_mandir}/* %changelog +* Thu Dec 1 2022 wanghuizhao - 3.3-3 +- backport patches from upstream + * Tue Nov 15 2022 shenxiangwei - 3.3-3 - backport patches from upstream -- Gitee From 8051db56c47857298ed4c64a82a055c99d1ef5be Mon Sep 17 00:00:00 2001 From: wanghuizhao Date: Fri, 9 Dec 2022 10:10:02 +0800 Subject: [PATCH 3/3] update email --- policycoreutils.spec | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/policycoreutils.spec b/policycoreutils.spec index 9eed6b3..c6d8bbe 100644 --- a/policycoreutils.spec +++ b/policycoreutils.spec @@ -262,7 +262,7 @@ find %{buildroot}%{python3_sitelib} %{buildroot}%{python3_sitearch} \ %{_mandir}/* %changelog -* Thu Dec 1 2022 wanghuizhao - 3.3-3 +* Thu Dec 1 2022 wanghuizhao - 3.3-3 - backport patches from upstream * Tue Nov 15 2022 shenxiangwei - 3.3-3 -- Gitee