-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlD+qMwACgkQrlYvE4MpobMp3ACg4O8sSfQFrdQQB2G05rkCoEv3
zJ8An1Pd9poUBbguOOYoNBlydf/XSqTk
=9X+a
-----END PGP SIGNATURE-----
>From b1dbce4549c4291c4f7be40165d73b45094600f5 Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@xxxxxxxxxx>
Date: Thu, 29 Nov 2012 09:41:38 -0500
Subject: [PATCH 71/84] libselinux: Fix errors found by coverity
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
libselinux/src/audit2why.c | 2 +-
libselinux/src/avc_internal.c | 3 +--
libselinux/src/get_context_list.c | 5 ++++-
libselinux/src/label_android_property.c | 3 +++
libselinux/src/label_file.c | 25 ++++++++++++++-----------
libselinux/src/mapping.c | 2 +-
libselinux/src/setrans_client.c | 10 +++++++---
libselinux/src/seusers.c | 13 ++++++++++---
libselinux/src/stringrep.c | 16 +++++++++++-----
libselinux/utils/avcstat.c | 2 +-
10 files changed, 53 insertions(+), 28 deletions(-)
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index 9bf7f98..df8a54c 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -251,7 +251,7 @@ static int __policy_init(const char *init_path)
return 1;
}
- boollist = calloc(cnt, sizeof(struct boolean_t));
+ boollist = calloc(cnt, sizeof(*boollist));
if (!boollist) {
PyErr_SetString( PyExc_MemoryError, "Out of memory\n");
return 1;
diff --git a/libselinux/src/avc_internal.c b/libselinux/src/avc_internal.c
index 6d508ee..f735e73 100644
--- a/libselinux/src/avc_internal.c
+++ b/libselinux/src/avc_internal.c
@@ -60,13 +60,12 @@ int avc_netlink_open(int blocking)
int len, rc = 0;
struct sockaddr_nl addr;
- fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_SELINUX);
+ fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_SELINUX);
if (fd < 0) {
rc = fd;
goto out;
}
- fcntl(fd, F_SETFD, FD_CLOEXEC);
if (!blocking && fcntl(fd, F_SETFL, O_NONBLOCK)) {
close(fd);
fd = -1;
diff --git a/libselinux/src/get_context_list.c b/libselinux/src/get_context_list.c
index e653ecc..eb72593 100644
--- a/libselinux/src/get_context_list.c
+++ b/libselinux/src/get_context_list.c
@@ -498,7 +498,10 @@ int get_ordered_context_list(const char *user,
}
out:
- *list = reachable;
+ if (rc > 0)
+ *list = reachable;
+ else
+ freeconary(reachable);
free(ordering);
if (freefrom)
diff --git a/libselinux/src/label_android_property.c b/libselinux/src/label_android_property.c
index 79bf923..e11ccf8 100644
--- a/libselinux/src/label_android_property.c
+++ b/libselinux/src/label_android_property.c
@@ -153,6 +153,9 @@ static int init(struct selabel_handle *rec, struct selinux_opt *opts,
break;
}
+ if (!path)
+ return -1;
+
/* Open the specification file. */
if ((fp = fopen(path, "r")) == NULL)
return -1;
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 8ccc59f..7f140dd 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -330,8 +330,10 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
newid = find_stem(data, buf, stem_len);
if (newid < 0) {
newid = store_stem(data, buf, stem_len);
- if (newid < 0)
- return newid;
+ if (newid < 0) {
+ rc = newid;
+ goto err;
+ }
data->stem_arr[newid].from_mmap = 1;
}
stem_map[i] = newid;
@@ -347,7 +349,7 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
rc = grow_specs(data);
if (rc < 0)
- return rc;
+ goto err;
spec = &data->spec_arr[data->nspec];
spec->from_mmap = 1;
@@ -355,9 +357,11 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
plen = (uint32_t *)addr;
addr += sizeof(uint32_t);
+ rc = -1;
spec->lr.ctx_raw = strdup((char *)addr);
if (!spec->lr.ctx_raw)
- return -1;
+ goto err;
+
addr += *plen;
plen = (uint32_t *)addr;
@@ -370,12 +374,10 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
/* map the stem id from the mmap file to the data->stem_arr */
stem_id = *(int32_t *)addr;
- if (stem_id == -1) {
+ if (stem_id == -1 || stem_id >= stem_map_len)
spec->stem_id = -1;
- } else {
- assert(stem_id <= stem_map_len);
+ else
spec->stem_id = stem_map[stem_id];
- }
addr += sizeof(int32_t);
/* retrieve the hasMetaChars bit */
@@ -395,11 +397,12 @@ static int load_mmap(struct selabel_handle *rec, const char *path, struct stat *
data->nspec++;
}
-
+ /* win */
+ rc = 0;
+err:
free(stem_map);
- /* win */
- return 0;
+ return rc;
}
static int process_file(const char *path, const char *suffix, struct selabel_handle *rec, const char *prefix)
diff --git a/libselinux/src/mapping.c b/libselinux/src/mapping.c
index b0264e7..f205804 100644
--- a/libselinux/src/mapping.c
+++ b/libselinux/src/mapping.c
@@ -66,7 +66,7 @@ selinux_set_mapping(struct security_class_mapping *map)
goto err2;
k = 0;
- while (p_in->perms && p_in->perms[k]) {
+ while (p_in->perms[k]) {
/* An empty permission string skips ahead */
if (!*p_in->perms[k]) {
k++;
diff --git a/libselinux/src/setrans_client.c b/libselinux/src/setrans_client.c
index 502e9db..f9065bd 100644
--- a/libselinux/src/setrans_client.c
+++ b/libselinux/src/setrans_client.c
@@ -56,7 +56,10 @@ static int setransd_open(void)
{
fd = socket(PF_UNIX, SOCK_STREAM, 0);
if (fd >= 0)
- fcntl(fd, F_SETFD, FD_CLOEXEC);
+ if (fcntl(fd, F_SETFD, FD_CLOEXEC)) {
+ close(fd);
+ return -1;
+ }
}
if (fd < 0)
return -1;
@@ -151,9 +154,10 @@ receive_response(int fd, uint32_t function, char **outdata, int32_t * ret_val)
}
data = malloc(data_size);
- if (!data) {
+ if (!data)
return -1;
- }
+ /* coveriety doesn't realize that data will be initialized in readv */
+ memset(data, 0, data_size);
resp_data.iov_base = data;
resp_data.iov_len = data_size;
diff --git a/libselinux/src/seusers.c b/libselinux/src/seusers.c
index cfea186..09e704b 100644
--- a/libselinux/src/seusers.c
+++ b/libselinux/src/seusers.c
@@ -141,9 +141,16 @@ static int check_group(const char *group, const char *name, const gid_t gid) {
}
if (getgrouplist(name, gid, NULL, &ng) < 0) {
- groups = (gid_t *) malloc(sizeof (gid_t) * ng);
- if (!groups) goto done;
- if (getgrouplist(name, gid, groups, &ng) < 0) goto done;
+ if (ng == 0)
+ goto done;
+ groups = calloc(ng, sizeof(*groups));
+ if (!groups)
+ goto done;
+ if (getgrouplist(name, gid, groups, &ng) < 0)
+ goto done;
+ } else {
+ /* WTF? ng was 0 and we didn't fail? Are we in 0 groups? */
+ goto done;
}
for (i = 0; i < ng; i++) {
diff --git a/libselinux/src/stringrep.c b/libselinux/src/stringrep.c
index 082778e..ba75ccd 100644
--- a/libselinux/src/stringrep.c
+++ b/libselinux/src/stringrep.c
@@ -258,18 +258,21 @@ static struct discover_class_node * discover_class(const char *s)
struct stat m;
snprintf(path, sizeof path, "%s/class/%s/perms/%s", selinux_mnt,s,dentry->d_name);
- if (stat(path,&m) < 0)
+ fd = open(path, O_RDONLY | O_CLOEXEC);
+ if (fd < 0)
goto err4;
+ if (fstat(fd, &m) < 0) {
+ close(fd);
+ goto err4;
+ }
+
if (m.st_mode & S_IFDIR) {
+ close(fd);
dentry = readdir(dir);
continue;
}
- fd = open(path, O_RDONLY);
- if (fd < 0)
- goto err4;
-
memset(buf, 0, sizeof(buf));
ret = read(fd, buf, sizeof(buf) - 1);
close(fd);
@@ -279,6 +282,9 @@ static struct discover_class_node * discover_class(const char *s)
if (sscanf(buf, "%u", &value) != 1)
goto err4;
+ if (value == 0 || value > NVECTORS)
+ goto err4;
+
node->perms[value-1] = strdup(dentry->d_name);
if (node->perms[value-1] == NULL)
goto err4;
diff --git a/libselinux/utils/avcstat.c b/libselinux/utils/avcstat.c
index 73432f2..1d4d5c8 100644
--- a/libselinux/utils/avcstat.c
+++ b/libselinux/utils/avcstat.c
@@ -155,7 +155,7 @@ int main(int argc, char **argv)
ssize_t ret, parsed = 0;
memset(buf, 0, DEF_BUF_SIZE);
- ret = read(fd, buf, DEF_BUF_SIZE);
+ ret = read(fd, buf, DEF_BUF_SIZE-1);
if (ret < 0)
die("read");
--
1.8.1
