SECLABEL issue into udev

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Hi Team,
I send this email again because don't receive answer on previous message.

I have issue with SECLABEL into systemd udevadm 243 and I see that mainline also have this issue.
It look like Yu forgot initialize data into commit:
25de7aa7b90 (Yu Watanabe                 2019-04-25 01:21:11 +0200 924)

If I add something like:
SECLABEL{selinux}="some info"
to udev rule I got a SIGSEGV into udevadm into this rule.
On my opinion next one line patch can fix this issue:

diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index b9b350d1ef..e1e8273468 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
                         op = OP_ASSIGN;
                 }
 
-                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL);
+                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
         } else if (streq(key, "RUN")) {
                 if (is_match || op == OP_REMOVE)
                         return log_token_invalid_op(rules, key);
@@ -1945,6 +1945,7 @@ static int udev_rule_apply_token_to_event(
                 _cleanup_free_ char *name = NULL, *label = NULL;
                 char label_str[UTIL_LINE_SIZE] = {};
 
+                // NULL pointer dereference issue
                 name = strdup((const char*) token->data);
                 if (!name)
                         return log_oom();
@@ -1967,6 +1968,7 @@ static int udev_rule_apply_token_to_event(
                 r = ordered_hashmap_put(event->seclabel_list, name, label);
                 if (r < 0)
                         return log_oom();
+                //it look like name the same as attr into parse_token
                 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
                 name = label = NULL;
                 break;

Best regards,
Valerii

From 1ba3b29b4726b27b8a5290ebdac7e0fa18b21503 Mon Sep 17 00:00:00 2001
From: Valerii Chernous <vchernou@xxxxxxxxx>
Date: Thu, 5 Mar 2020 07:49:22 -0800
Subject: [PATCH] udev-rules.c: SECLABEL{selinux} SIGSEGV fix

Enable SECLABEL{selinux}="some_value" cause NULL pointer dereference
and udevadm crash by SIGSEGV. Set valid token->data attribute fix
this issue
---
 src/udev/udev-rules.c | 4 +++-
 1 file changed, 3 insertions(+), 1 deletion(-)

diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index b9b350d1ef..e1e8273468 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
                         op = OP_ASSIGN;
                 }
 
-                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL);
+                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
         } else if (streq(key, "RUN")) {
                 if (is_match || op == OP_REMOVE)
                         return log_token_invalid_op(rules, key);
@@ -1945,6 +1945,7 @@ static int udev_rule_apply_token_to_event(
                 _cleanup_free_ char *name = NULL, *label = NULL;
                 char label_str[UTIL_LINE_SIZE] = {};
 
+                // NULL pointer dereference issue
                 name = strdup((const char*) token->data);
                 if (!name)
                         return log_oom();
@@ -1967,6 +1968,7 @@ static int udev_rule_apply_token_to_event(
                 r = ordered_hashmap_put(event->seclabel_list, name, label);
                 if (r < 0)
                         return log_oom();
+                //it look like name the same as attr into parse_token
                 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
                 name = label = NULL;
                 break;
-- 
2.19.1


_______________________________________________
systemd-devel mailing list
systemd-devel@xxxxxxxxxxxxxxxxxxxxx
https://lists.freedesktop.org/mailman/listinfo/systemd-devel
[Index of Archives]     [LARTC]     [Bugtraq]     [Yosemite Forum]     [Photo]

  Powered by Linux