From Bugzilla Helper: User-Agent: Mozilla/5.0 (X11; U; Linux i586; en-US; rv:1.4.2) Gecko/20040308 Description of problem: sestatus has a couple of programming bugs. The first is that the comparison is too short between command and buf. The author appeared to be concerned about going past the end of the buffer for command, but shouldn't be. The problem is that what if command is "doo" and entry is "doodoo"? It will think they are the same because the comparison is too short. atoi is a deprecated function and should not be used in application that are important. And most importantly, buf_len was not being decremented leading to an out of bounds access later at the memcpy. I do not know who the upstream author(s) is. Please feel free to coordinate this patch with them. I see NSA, Gentoo, etc. but no address of where to report bugs. Version-Release number of selected component (if applicable): policycoreutils-1.15.5-1 How reproducible: Didn't try Steps to Reproduce: 1. Found during code review Additional info:
Created attachment 102884 [details] Patch that fixes the problems listed.
Modified your patch a little and applied to policycoreutils-1.17.3-4
Thanks Dan. Have you passed the patch to the upstream author?
I passed it on to Smalley, whose package contains it. Not sure if the original author is doing anything with it now. Dan
OK. Thanks.