diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index 5643f9a..042f1d6 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -6205,20 +6205,71 @@ index 825f295..d11c8dc 100644 - S_(BOOLEAN_SUBS, "/booleans.subs") + S_(BOOLEAN_SUBS, "/booleans.subs_dist") diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c -index e02157c..eb72593 100644 +index e02157c..355730a 100644 --- a/libselinux/src/get_context_list.c +++ b/libselinux/src/get_context_list.c -@@ -489,11 +489,19 @@ int get_ordered_context_list(const char *user, +@@ -426,7 +426,7 @@ int get_ordered_context_list(const char *user, + /* Initialize ordering array. */ + ordering = malloc(nreach * sizeof(unsigned int)); + if (!ordering) +- goto oom_order; ++ goto failsafe; + for (i = 0; i < nreach; i++) + ordering[i] = nreach; + +@@ -435,7 +435,7 @@ int get_ordered_context_list(const char *user, + fname_len = strlen(user_contexts_path) + strlen(user) + 2; + fname = malloc(fname_len); + if (!fname) +- goto oom_order; ++ goto failsafe; + snprintf(fname, fname_len, "%s%s", user_contexts_path, user); + fp = fopen(fname, "r"); + if (fp) { +@@ -465,35 +465,35 @@ int get_ordered_context_list(const char *user, + } + } + ++ if (!nordered) ++ goto failsafe; ++ + /* Apply the ordering. */ +- if (nordered) { +- co = malloc(nreach * sizeof(struct context_order)); +- if (!co) +- goto oom_order; +- for (i = 0; i < nreach; i++) { +- co[i].con = reachable[i]; +- co[i].order = ordering[i]; +- } +- qsort(co, nreach, sizeof(struct context_order), order_compare); +- for (i = 0; i < nreach; i++) +- reachable[i] = co[i].con; +- free(co); ++ co = malloc(nreach * sizeof(struct context_order)); ++ if (!co) ++ goto failsafe; ++ for (i = 0; i < nreach; i++) { ++ co[i].con = reachable[i]; ++ co[i].order = ordering[i]; + } ++ qsort(co, nreach, sizeof(struct context_order), order_compare); ++ for (i = 0; i < nreach; i++) ++ reachable[i] = co[i].con; ++ free(co); + +- /* Return the ordered list. +- If we successfully ordered it, then only report the ordered entries +- to the caller. Otherwise, fall back to the entire reachable list. */ +- if (nordered && nordered < nreach) { ++ /* Only report the ordered entries to the caller. */ ++ if (nordered < nreach) { + for (i = nordered; i < nreach; i++) + free(reachable[i]); reachable[nordered] = NULL; rc = nordered; - } else { +- } else { - rc = nreach; -+ if (security_getenforce()) { -+ errno = EPERM; -+ rc = -1; -+ } else { -+ rc = nreach; -+ } } out: @@ -6230,6 +6281,21 @@ index e02157c..eb72593 100644 free(ordering); if (freefrom) +@@ -520,14 +520,6 @@ int get_ordered_context_list(const char *user, + } + rc = 1; /* one context in the list */ + goto out; +- +- oom_order: +- /* Unable to order context list due to OOM condition. +- Fall back to unordered reachable context list. */ +- fprintf(stderr, "%s: out of memory, unable to order list\n", +- __FUNCTION__); +- rc = nreach; +- goto out; + } + + hidden_def(get_ordered_context_list) diff --git a/libselinux/src/getfilecon.c b/libselinux/src/getfilecon.c index 67e4463..eb2ce8a 100644 --- a/libselinux/src/getfilecon.c diff --git a/libselinux.spec b/libselinux.spec index ffca062..a3fac3b 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -10,7 +10,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.1.12 -Release: 19%{?dist} +Release: 20%{?dist} License: Public Domain Group: System Environment/Libraries Source: %{name}-%{version}.tgz @@ -241,7 +241,10 @@ rm -rf %{buildroot} %{ruby_sitearch}/selinux.so %changelog -* Fri Jan 25 2013 Dan Walsh - 2.1.12-18 +* Sun Jan 27 2013 Dan Walsh - 2.1.12-20 +- Update to latest patches from eparis/Upstream + +* Fri Jan 25 2013 Dan Walsh - 2.1.12-19 - Update to latest patches from eparis/Upstream * Wed Jan 23 2013 Dan Walsh - 2.1.12-18