diff options
Diffstat (limited to 'libselinux/src')
| -rw-r--r-- | libselinux/src/audit2why.c | 2 | ||||
| -rw-r--r-- | libselinux/src/avc_internal.c | 3 | ||||
| -rw-r--r-- | libselinux/src/get_context_list.c | 5 | ||||
| -rw-r--r-- | libselinux/src/label_android_property.c | 3 | ||||
| -rw-r--r-- | libselinux/src/label_file.c | 25 | ||||
| -rw-r--r-- | libselinux/src/mapping.c | 2 | ||||
| -rw-r--r-- | libselinux/src/setrans_client.c | 10 | ||||
| -rw-r--r-- | libselinux/src/seusers.c | 13 | ||||
| -rw-r--r-- | libselinux/src/stringrep.c | 16 |
9 files changed, 52 insertions, 27 deletions
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c index 5676b7dd..ffe381be 100644 --- a/libselinux/src/audit2why.c +++ b/libselinux/src/audit2why.c @@ -275,7 +275,7 @@ static int __policy_init(const char *init_path) return 1; } - boollist = calloc(cnt, sizeof(struct boolean_t)); + boollist = calloc(cnt, sizeof(*boollist)); if (!boollist) { PyErr_SetString( PyExc_MemoryError, "Out of memory\n"); return 1; diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c index 6d508eeb..f735e73d 100644 --- a/libselinux/src/avc_internal.c +++ b/libselinux/src/avc_internal.c @@ -60,13 +60,12 @@ int avc_netlink_open(int blocking) int len, rc = 0; struct sockaddr_nl addr; - fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_SELINUX); + fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_SELINUX); if (fd < 0) { rc = fd; goto out; } - fcntl(fd, F_SETFD, FD_CLOEXEC); if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) { close(fd); fd = -1; diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c index e02157ce..b9e80028 100644 --- a/libselinux/src/get_context_list.c +++ b/libselinux/src/get_context_list.c @@ -493,7 +493,10 @@ int get_ordered_context_list(const char *user, } out: - *list = reachable; + if (rc > 0) + *list = reachable; + else + freeconary(reachable); free(ordering); if (freefrom) diff --git a/libselinux/src/label_android_property.c b/libselinux/src/label_android_property.c index 79bf9238..e11ccf89 100644 --- a/libselinux/src/label_android_property.c +++ b/libselinux/src/label_android_property.c @@ -153,6 +153,9 @@ static int init(struct selabel_handle *rec, struct selinux_opt *opts, break; } + if (!path) + return -1; + /* Open the specification file. */ if ((fp = fopen(path, "r")) == NULL) return -1; diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c index 8ccc59f3..7f140dd3 100644 --- a/libselinux/src/label_file.c +++ b/libselinux/src/label_file.c @@ -330,8 +330,10 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat * newid = find_stem(data, buf, stem_len); if (newid < 0) { newid = store_stem(data, buf, stem_len); - if (newid < 0) - return newid; + if (newid < 0) { + rc = newid; + goto err; + } data->stem_arr[newid].from_mmap = 1; } stem_map[i] = newid; @@ -347,7 +349,7 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat * rc = grow_specs(data); if (rc < 0) - return rc; + goto err; spec = &data->spec_arr[data->nspec]; spec->from_mmap = 1; @@ -355,9 +357,11 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat * plen = (uint32_t *)addr; addr += sizeof(uint32_t); + rc = -1; spec->lr.ctx_raw = strdup((char *)addr); if (!spec->lr.ctx_raw) - return -1; + goto err; + addr += *plen; plen = (uint32_t *)addr; @@ -370,12 +374,10 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat * /* map the stem id from the mmap file to the data->stem_arr */ stem_id = *(int32_t *)addr; - if (stem_id == -1) { + if (stem_id == -1 || stem_id >= stem_map_len) spec->stem_id = -1; - } else { - assert(stem_id <= stem_map_len); + else spec->stem_id = stem_map[stem_id]; - } addr += sizeof(int32_t); /* retrieve the hasMetaChars bit */ @@ -395,11 +397,12 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat * data->nspec++; } - + /* win */ + rc = 0; +err: free(stem_map); - /* win */ - return 0; + return rc; } static int process_file(const char *path, const char *suffix, struct selabel_handle *rec, const char *prefix) diff --git a/libselinux/src/mapping.c b/libselinux/src/mapping.c index b0264e77..f205804b 100644 --- a/libselinux/src/mapping.c +++ b/libselinux/src/mapping.c @@ -66,7 +66,7 @@ selinux_set_mapping(struct security_class_mapping *map) goto err2; k = 0; - while (p_in->perms && p_in->perms[k]) { + while (p_in->perms[k]) { /* An empty permission string skips ahead */ if (!*p_in->perms[k]) { k++; diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c index 502e9db4..f9065bda 100644 --- a/libselinux/src/setrans_client.c +++ b/libselinux/src/setrans_client.c @@ -56,7 +56,10 @@ static int setransd_open(void) { fd = socket(PF_UNIX, SOCK_STREAM, 0); if (fd >= 0) - fcntl(fd, F_SETFD, FD_CLOEXEC); + if (fcntl(fd, F_SETFD, FD_CLOEXEC)) { + close(fd); + return -1; + } } if (fd < 0) return -1; @@ -151,9 +154,10 @@ receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val) } data = malloc(data_size); - if (!data) { + if (!data) return -1; - } + /* coveriety doesn't realize that data will be initialized in readv */ + memset(data, 0, data_size); resp_data.iov_base = data; resp_data.iov_len = data_size; diff --git a/libselinux/src/seusers.c b/libselinux/src/seusers.c index cfea186a..09e704be 100644 --- a/libselinux/src/seusers.c +++ b/libselinux/src/seusers.c @@ -141,9 +141,16 @@ static int check_group(const char *group, const char *name, const gid_t gid) { } if (getgrouplist(name, gid, NULL, &ng) < 0) { - groups = (gid_t *) malloc(sizeof (gid_t) * ng); - if (!groups) goto done; - if (getgrouplist(name, gid, groups, &ng) < 0) goto done; + if (ng == 0) + goto done; + groups = calloc(ng, sizeof(*groups)); + if (!groups) + goto done; + if (getgrouplist(name, gid, groups, &ng) < 0) + goto done; + } else { + /* WTF? ng was 0 and we didn't fail? Are we in 0 groups? */ + goto done; } for (i = 0; i < ng; i++) { diff --git a/libselinux/src/stringrep.c b/libselinux/src/stringrep.c index 082778e5..ba75ccd5 100644 --- a/libselinux/src/stringrep.c +++ b/libselinux/src/stringrep.c @@ -258,18 +258,21 @@ static struct discover_class_node * discover_class(const char *s) struct stat m; snprintf(path, sizeof path, "%s/class/%s/perms/%s", selinux_mnt,s,dentry->d_name); - if (stat(path,&m) < 0) + fd = open(path, O_RDONLY | O_CLOEXEC); + if (fd < 0) goto err4; + if (fstat(fd, &m) < 0) { + close(fd); + goto err4; + } + if (m.st_mode & S_IFDIR) { + close(fd); dentry = readdir(dir); continue; } - fd = open(path, O_RDONLY); - if (fd < 0) - goto err4; - memset(buf, 0, sizeof(buf)); ret = read(fd, buf, sizeof(buf) - 1); close(fd); @@ -279,6 +282,9 @@ static struct discover_class_node * discover_class(const char *s) if (sscanf(buf, "%u", &value) != 1) goto err4; + if (value == 0 || value > NVECTORS) + goto err4; + node->perms[value-1] = strdup(dentry->d_name); if (node->perms[value-1] == NULL) goto err4; |