If you add some local file contexts via semanage fcontext -a and
later delete them all via semanage fcontext -D, you get an empty
file_contexts.local file. Then when you try to load it, getline()
returns 0 and we fall through to the out path without having set rc.
In label_file.c, rc will always be non-zero at this point because
we will have failed the load_mmap() call. In sefcontext_compile,
rc may contain random garbage at this point. Explicitly set rc
before the loop.
Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
---
libselinux/src/label_file.c | 3 ++-
libselinux/utils/sefcontext_compile.c | 1 +
2 files changed, 3 insertions(+), 1 deletion(-)
diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 1d6c36e..4faf808 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -425,9 +425,10 @@ static int process_file(const char *path, const char *suffix,
goto out;
/*
- * The do detailed validation of the input and fill the spec array
+ * Then do detailed validation of the input and fill the spec array
*/
lineno = 0;
+ rc = 0;
while (getline(&line_buf, &line_len, fp) > 0) {
rc = process_line(rec, path, prefix, line_buf, ++lineno);
if (rc)
diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c
index 1c46af8..a93105d 100644
--- a/libselinux/utils/sefcontext_compile.c
+++ b/libselinux/utils/sefcontext_compile.c
@@ -35,6 +35,7 @@ static int process_file(struct selabel_handle *rec, const char *filename)
}
line_num = 0;
+ rc = 0;
while (getline(&line_buf, &line_len, context_file) > 0) {
rc = process_line(rec, filename, prefix, line_buf, ++line_num);
if (rc)
--
2.1.0
_______________________________________________
Selinux mailing list
Selinux@xxxxxxxxxxxxx
To unsubscribe, send email to Selinux-leave@xxxxxxxxxxxxx.
To get help, send an email containing "help" to Selinux-request@xxxxxxxxxxxxx.
