On Tue, Dec 3, 2024 at 5:01 PM James Carter <jwcart2@xxxxxxxxx> wrote: > > On Tue, Dec 3, 2024 at 11:24 AM Petr Lautrbach <lautrbach@xxxxxxxxxx> wrote: > > > > Christian Göttsche <cgoettsche@xxxxxxxxxxxxx> writes: > > > > > From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > > > > > The two asserts following qsort(3) where useful during development to > > > ensure the comparison function and the corresponding pointer handling > > > were correct. They however do not take into account an empty file > > > context definition file containing no definitions and thus `stab->nel` > > > being NULL. Drop the two asserts. > > > > > > Also return early to not depend on whether calloc(3) called with a size > > > of zero returns NULL or a special value. > > > > > > Reported-by: Petr Lautrbach <lautrbach@xxxxxxxxxx> > > > Closes: https://lore.kernel.org/selinux/87jzchqck5.fsf@xxxxxxxxxx/ > > > Fixes: 92306daf ("libselinux: rework selabel_file(5) database") > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > > > Works for me. Thanks! > > > > Tested-by: Petr Lautrbach <lautrbach@xxxxxxxxxx> > > > > Acked-by: James Carter <jwcart2@xxxxxxxxx> > Merged. Thanks, Jim > > > --- > > > v2: fix condition from not zero to equal to zero > > > Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx> > > > --- > > > libselinux/utils/sefcontext_compile.c | 5 +++-- > > > 1 file changed, 3 insertions(+), 2 deletions(-) > > > > > > diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c > > > index 23d31274..e5da51ea 100644 > > > --- a/libselinux/utils/sefcontext_compile.c > > > +++ b/libselinux/utils/sefcontext_compile.c > > > @@ -188,6 +188,9 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab) > > > if (len != 1) > > > return -1; > > > > > > + if (stab->nel == 0) > > > + return 0; > > > + > > > /* sort entries by id */ > > > sids = calloc(stab->nel, sizeof(*sids)); > > > if (!sids) > > > @@ -203,8 +206,6 @@ static int write_sidtab(FILE *bin_file, const struct sidtab *stab) > > > } > > > assert(index == stab->nel); > > > qsort(sids, stab->nel, sizeof(struct security_id), security_id_compare); > > > - assert(sids[0].id == 1); > > > - assert(sids[stab->nel - 1].id == stab->nel); > > > > > > /* write raw contexts sorted by id */ > > > for (uint32_t i = 0; i < stab->nel; i++) { > > > -- > > > 2.45.2 > > > >
