Bug 1350806 - /usr/libexec/selinux/hll/pp segfaults on base.pp
Summary: /usr/libexec/selinux/hll/pp segfaults on base.pp
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: policycoreutils
Version: 7.3
Hardware: x86_64
OS: Linux
high
high
Target Milestone: rc
: ---
Assignee: Petr Lautrbach
QA Contact: Dalibor Pospíšil
URL:
Whiteboard:
Keywords:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-06-28 12:45 UTC by Milos Malik
Modified: 2017-08-01 16:16 UTC (History)
7 users (show)

(edit)
Clone Of:
: 1417200 (view as bug list)
(edit)
Last Closed: 2017-08-01 16:16:12 UTC


Attachments (Terms of Use)
first input file found by AFL that crashed hll/pp (58.19 KB, application/octet-stream)
2016-10-06 13:04 UTC, Milos Malik
no flags Details
second input file found by AFL that crashed hll/pp (58.19 KB, application/octet-stream)
2016-10-06 13:05 UTC, Milos Malik
no flags Details
first input file found by AFL that hanged hll/pp (58.19 KB, application/octet-stream)
2016-10-06 13:06 UTC, Milos Malik
no flags Details
bzip2 archive of input files causing a crash (837 bytes, application/x-bzip)
2016-10-07 16:35 UTC, Milos Malik
no flags Details


External Trackers
Tracker ID Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2017:1883 normal SHIPPED_LIVE policycoreutils bug fix update 2017-08-01 17:53:54 UTC

Description Milos Malik 2016-06-28 12:45:10 UTC
Description of problem:
* one of our automated TCs found following problem

Version-Release number of selected component (if applicable):
policycoreutils-newrole-2.5-3.el7.x86_64
policycoreutils-devel-2.5-3.el7.x86_64
policycoreutils-gui-2.5-3.el7.x86_64
policycoreutils-python-2.5-3.el7.x86_64
policycoreutils-sandbox-2.5-3.el7.x86_64
policycoreutils-2.5-3.el7.x86_64
selinux-policy-devel-3.13.1-82.el7.noarch
selinux-policy-targeted-3.13.1-82.el7.noarch
selinux-policy-3.13.1-82.el7.noarch
selinux-policy-minimum-3.13.1-82.el7.noarch
selinux-policy-doc-3.13.1-82.el7.noarch
selinux-policy-sandbox-3.13.1-82.el7.noarch
selinux-policy-mls-3.13.1-82.el7.noarch

How reproducible:
* always

Steps to Reproduce:
# rm -f input.pp*
# cp /etc/selinux/targeted/active/modules/100/base/hll input.pp.bz2
# bzip2 -d input.pp.bz2 
# /usr/libexec/selinux/hll/pp input.pp > output.cil 
# ls -l output.cil 
-rw-r--r--. 1 root root 1396764 Jun 28 14:41 output.cil
# /usr/libexec/selinux/hll/pp input.pp output.cil
Segmentation fault
# echo $?
139
# ls -l output.cil 
-rw-r--r--. 1 root root 0 Jun 28 14:42 output.cil
#

Actual results:
* segfault

Expected results:
* no segfaults

Comment 2 Milos Malik 2016-10-06 13:04 UTC
Created attachment 1207951 [details]
first input file found by AFL that crashed hll/pp

Comment 3 Milos Malik 2016-10-06 13:05 UTC
Created attachment 1207952 [details]
second input file found by AFL that crashed hll/pp

Comment 4 Milos Malik 2016-10-06 13:06 UTC
Created attachment 1207953 [details]
first input file found by AFL that hanged hll/pp

Comment 5 Milos Malik 2016-10-07 16:35 UTC
Created attachment 1208200 [details]
bzip2 archive of input files causing a crash

# rpm -qa libsepol\* libsemanage\* libselinux\* policycoreutils\* selinux-policy\* | sort
libselinux-2.5-6.el7.x86_64
libselinux-debuginfo-2.5-6.el7.x86_64
libselinux-devel-2.5-6.el7.x86_64
libselinux-python-2.5-6.el7.x86_64
libselinux-ruby-2.5-6.el7.x86_64
libselinux-utils-2.5-6.el7.x86_64
libsemanage-2.5-4.el7.x86_64
libsemanage-devel-2.5-4.el7.x86_64
libsemanage-python-2.5-4.el7.x86_64
libsemanage-static-2.5-4.el7.x86_64
libsepol-2.5-6.el7.x86_64
libsepol-debuginfo-2.5-6.el7.x86_64
libsepol-devel-2.5-6.el7.x86_64
libsepol-static-2.5-6.el7.x86_64
policycoreutils-2.5-9.el7.x86_64
policycoreutils-debuginfo-2.5-9.el7.x86_64
policycoreutils-devel-2.5-9.el7.x86_64
policycoreutils-gui-2.5-9.el7.x86_64
policycoreutils-newrole-2.5-9.el7.x86_64
policycoreutils-python-2.5-9.el7.x86_64
policycoreutils-sandbox-2.5-9.el7.x86_64
selinux-policy-3.13.1-102.el7.noarch
selinux-policy-devel-3.13.1-102.el7.noarch
selinux-policy-doc-3.13.1-102.el7.noarch
selinux-policy-minimum-3.13.1-102.el7.noarch
selinux-policy-mls-3.13.1-102.el7.noarch
selinux-policy-sandbox-3.13.1-102.el7.noarch
selinux-policy-targeted-3.13.1-102.el7.noarch
#

Comment 12 errata-xmlrpc 2017-08-01 16:16:12 UTC
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2017:1883


Note You need to log in before you can comment on or make changes to this bug.