Return more detailed error messages when the supplied contexts are
invalid.
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
v2:
check new context in validatetrans
---
libselinux/utils/compute_av.c | 10 ++++++++++
libselinux/utils/compute_create.c | 12 +++++++++++-
libselinux/utils/compute_member.c | 12 +++++++++++-
libselinux/utils/compute_relabel.c | 10 ++++++++++
libselinux/utils/getdefaultcon.c | 5 +++++
libselinux/utils/selinuxexeccon.c | 6 +++++-
libselinux/utils/validatetrans.c | 15 +++++++++++++++
7 files changed, 67 insertions(+), 3 deletions(-)
diff --git a/libselinux/utils/compute_av.c b/libselinux/utils/compute_av.c
index df4a77e8..ef08338f 100644
--- a/libselinux/utils/compute_av.c
+++ b/libselinux/utils/compute_av.c
@@ -17,6 +17,16 @@ int main(int argc, char **argv)
exit(1);
}
+ if (security_check_context(argv[1])) {
+ fprintf(stderr, "%s: invalid source context '%s'\n", argv[0], argv[1]);
+ exit(4);
+ }
+
+ if (security_check_context(argv[2])) {
+ fprintf(stderr, "%s: invalid target context '%s'\n", argv[0], argv[2]);
+ exit(5);
+ }
+
tclass = string_to_security_class(argv[3]);
if (!tclass) {
fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]);
diff --git a/libselinux/utils/compute_create.c b/libselinux/utils/compute_create.c
index 449ccd90..63029c19 100644
--- a/libselinux/utils/compute_create.c
+++ b/libselinux/utils/compute_create.c
@@ -17,9 +17,19 @@ int main(int argc, char **argv)
exit(1);
}
+ if (security_check_context(argv[1])) {
+ fprintf(stderr, "%s: invalid source context '%s'\n", argv[0], argv[1]);
+ exit(4);
+ }
+
+ if (security_check_context(argv[2])) {
+ fprintf(stderr, "%s: invalid target context '%s'\n", argv[0], argv[2]);
+ exit(5);
+ }
+
tclass = string_to_security_class(argv[3]);
if (!tclass) {
- fprintf(stderr, "Invalid class '%s'\n", argv[3]);
+ fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]);
exit(2);
}
diff --git a/libselinux/utils/compute_member.c b/libselinux/utils/compute_member.c
index c6dad19e..1ef47c25 100644
--- a/libselinux/utils/compute_member.c
+++ b/libselinux/utils/compute_member.c
@@ -17,9 +17,19 @@ int main(int argc, char **argv)
exit(1);
}
+ if (security_check_context(argv[1])) {
+ fprintf(stderr, "%s: invalid source context '%s'\n", argv[0], argv[1]);
+ exit(4);
+ }
+
+ if (security_check_context(argv[2])) {
+ fprintf(stderr, "%s: invalid target context '%s'\n", argv[0], argv[2]);
+ exit(5);
+ }
+
tclass = string_to_security_class(argv[3]);
if (!tclass) {
- fprintf(stderr, "Invalid class '%s'\n", argv[3]);
+ fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]);
exit(2);
}
diff --git a/libselinux/utils/compute_relabel.c b/libselinux/utils/compute_relabel.c
index 85c760bc..f6a957da 100644
--- a/libselinux/utils/compute_relabel.c
+++ b/libselinux/utils/compute_relabel.c
@@ -17,6 +17,16 @@ int main(int argc, char **argv)
exit(1);
}
+ if (security_check_context(argv[1])) {
+ fprintf(stderr, "%s: invalid source context '%s'\n", argv[0], argv[1]);
+ exit(4);
+ }
+
+ if (security_check_context(argv[2])) {
+ fprintf(stderr, "%s: invalid target context '%s'\n", argv[0], argv[2]);
+ exit(5);
+ }
+
tclass = string_to_security_class(argv[3]);
if (!tclass) {
fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]);
diff --git a/libselinux/utils/getdefaultcon.c b/libselinux/utils/getdefaultcon.c
index 957c1cb2..590e98d9 100644
--- a/libselinux/utils/getdefaultcon.c
+++ b/libselinux/utils/getdefaultcon.c
@@ -68,6 +68,11 @@ int main(int argc, char **argv)
} else
cur_context = argv[optind + 1];
+ if (security_check_context(cur_context)) {
+ fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], cur_context);
+ return 3;
+ }
+
if ((ret = getseuser(user, service, &seuser, &dlevel)) == 0) {
if (! level) level=dlevel;
if (role != NULL && role[0])
diff --git a/libselinux/utils/selinuxexeccon.c b/libselinux/utils/selinuxexeccon.c
index b50e7886..66754b6a 100644
--- a/libselinux/utils/selinuxexeccon.c
+++ b/libselinux/utils/selinuxexeccon.c
@@ -16,7 +16,7 @@ static __attribute__ ((__noreturn__)) void usage(const char *name, const char *d
exit(rc);
}
-static char * get_selinux_proc_context(const char *command, char * execcon) {
+static char * get_selinux_proc_context(const char *command, const char * execcon) {
char * fcon = NULL, *newcon = NULL;
int ret = getfilecon(command, &fcon);
@@ -43,6 +43,10 @@ int main(int argc, char **argv)
}
} else {
con = strdup(argv[2]);
+ if (security_check_context(con)) {
+ fprintf(stderr, "%s: invalid from context '%s'\n", argv[0], con);
+ return -1;
+ }
}
proccon = get_selinux_proc_context(argv[1], con);
diff --git a/libselinux/utils/validatetrans.c b/libselinux/utils/validatetrans.c
index 1db33e66..9d642a93 100644
--- a/libselinux/utils/validatetrans.c
+++ b/libselinux/utils/validatetrans.c
@@ -17,12 +17,27 @@ int main(int argc, char **argv)
exit(1);
}
+ if (security_check_context(argv[1])) {
+ fprintf(stderr, "%s: invalid source context '%s'\n", argv[0], argv[1]);
+ exit(4);
+ }
+
+ if (security_check_context(argv[2])) {
+ fprintf(stderr, "%s: invalid target context '%s'\n", argv[0], argv[2]);
+ exit(5);
+ }
+
tclass = string_to_security_class(argv[3]);
if (!tclass) {
fprintf(stderr, "%s: invalid class '%s'\n", argv[0], argv[3]);
exit(2);
}
+ if (security_check_context(argv[4])) {
+ fprintf(stderr, "%s: invalid new context '%s'\n", argv[0], argv[4]);
+ exit(6);
+ }
+
ret = security_validatetrans(argv[1], argv[2], tclass, argv[4]);
printf("security_validatetrans returned %d errno: %s\n", ret, strerror(errno));
--
2.35.1
