diff --git a/libselinux-rhat.patch b/libselinux-rhat.patch index e42b0a9..016cf1a 100644 --- a/libselinux-rhat.patch +++ b/libselinux-rhat.patch @@ -489,3 +489,50 @@ index a801ee8..b3bdca2 100644 #define RAW_TO_TRANS_CONTEXT 2 #define TRANS_TO_RAW_CONTEXT 3 +diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c +index 6f79dd6..eb88ea8 100644 +--- a/libselinux/utils/sefcontext_compile.c ++++ b/libselinux/utils/sefcontext_compile.c +@@ -6,6 +6,7 @@ + #include + + #include ++#include + + #include "../src/label_file.h" + +@@ -321,7 +322,8 @@ int main(int argc, char *argv[]) + const char *path; + char stack_path[PATH_MAX + 1]; + int rc; +- ++ char *tmp, *tmppath; ++ + if (argc != 2) { + fprintf(stderr, "usage: %s input_file\n", argv[0]); + exit(EXIT_FAILURE); +@@ -342,10 +344,21 @@ int main(int argc, char *argv[]) + rc = snprintf(stack_path, sizeof(stack_path), "%s.bin", path); + if (rc < 0 || rc >= sizeof(stack_path)) + return rc; +- rc = write_binary_file(&data, stack_path); +- if (rc < 0) +- return rc; + ++ tmppath = strdup(stack_path); ++ if (!tmppath) ++ return -1; ++ tmp = tempnam(dirname(tmppath), ".bin"); ++ free(tmppath); ++ if (!tmp) ++ return -1; ++ rc = write_binary_file(&data, tmp); ++ if (rc < 0) { ++ free(tmp); ++ return rc; ++ } ++ rename(tmp, stack_path); ++ free(tmp); + rc = free_specs(&data); + if (rc < 0) + return rc; diff --git a/libselinux.spec b/libselinux.spec index 834d874..176a4ea 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -10,7 +10,7 @@ Summary: SELinux library and simple utilities Name: libselinux Version: 2.1.13 -Release: 7%{?dist} +Release: 8%{?dist} License: Public Domain Group: System Environment/Libraries Source: %{name}-%{version}.tgz @@ -241,6 +241,9 @@ rm -rf %{buildroot} %{ruby_sitearch}/selinux.so %changelog +* Wed Mar 6 2013 Dan Walsh - 2.1.13-8 +- Make setfcontext_compile atomic + * Wed Mar 6 2013 Dan Walsh - 2.1.13-7 - Fix memory leak in set*con calls.