Bug 1383808 - sefcontext_compile segfaults on certain inputs
Summary: sefcontext_compile segfaults on certain inputs
Keywords:
Status: CLOSED ERRATA
Alias: None
Product: Red Hat Enterprise Linux 7
Classification: Red Hat
Component: libsepol
Version: 7.3
Hardware: x86_64
OS: Linux
low
medium
Target Milestone: rc
: ---
Assignee: Petr Lautrbach
QA Contact: Milos Malik
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2016-10-11 19:59 UTC by Milos Malik
Modified: 2018-04-10 12:52 UTC (History)
7 users (show)

Fixed In Version: libsepol-2.5-8.el7
Doc Type: If docs needed, set a value
Doc Text:
Clone Of: 1382769
: 1383811 (view as bug list)
Environment:
Last Closed: 2018-04-10 12:51:11 UTC
Target Upstream Version:

Attachments (Terms of Use)
first input file found by AFL that crashed sefcontext_compile (815.05 KB, application/octet-stream)
2016-10-11 19:59 UTC, Milos Malik 		no flags Details
View All Add an attachment (proposed patch, testcase, etc.)


Links
System ID Private Priority Status Summary Last Updated
Red Hat Product Errata RHBA-2018:0764 0 None None None 2018-04-10 12:52:00 UTC

Description Milos Malik 2016-10-11 19:59:01 UTC 
Created attachment 1209316 [details]
first input file found by AFL that crashed sefcontext_compile

Description of problem:
* found by American Fuzzy Lop

Version-Release number of selected component (if applicable):
libselinux-2.5-6.el7.x86_64
libselinux-debuginfo-2.5-6.el7.x86_64
libselinux-devel-2.5-6.el7.x86_64
libselinux-python-2.5-6.el7.x86_64
libselinux-ruby-2.5-6.el7.x86_64
libselinux-utils-2.5-6.el7.x86_64
libsemanage-2.5-4.el7.x86_64
libsemanage-devel-2.5-4.el7.x86_64
libsemanage-python-2.5-4.el7.x86_64
libsemanage-static-2.5-4.el7.x86_64
libsepol-2.5-6.el7.x86_64
libsepol-debuginfo-2.5-6.el7.x86_64
libsepol-devel-2.5-6.el7.x86_64
libsepol-static-2.5-6.el7.x86_64
policycoreutils-2.5-9.el7.x86_64
policycoreutils-debuginfo-2.5-9.el7.x86_64
policycoreutils-devel-2.5-9.el7.x86_64
policycoreutils-gui-2.5-9.el7.x86_64
policycoreutils-newrole-2.5-9.el7.x86_64
policycoreutils-python-2.5-9.el7.x86_64
policycoreutils-sandbox-2.5-9.el7.x86_64
selinux-policy-3.13.1-102.el7.noarch
selinux-policy-devel-3.13.1-102.el7.noarch
selinux-policy-doc-3.13.1-102.el7.noarch
selinux-policy-minimum-3.13.1-102.el7.noarch
selinux-policy-mls-3.13.1-102.el7.noarch
selinux-policy-sandbox-3.13.1-102.el7.noarch
selinux-policy-targeted-3.13.1-102.el7.noarch

How reproducible:
* always

Steps to Reproduce:
# ls -l /etc/selinux/minimum/policy/policy.30 
-rw-r--r--. 1 root root 834610 Oct  3 10:45 /etc/selinux/minimum/policy/policy.30
# ls -l id000000 
-rw-------. 1 root root 834610 Oct 11 21:54 id000000
# sefcontext_compile -o output -p id000000 /etc/selinux/minimum/contexts/files/file_contexts
Segmentation fault
# dmesg | tail -n 1
[ 2535.643930] sefcontext_comp[9241]: segfault at 48 ip 00007f9b0afaa802 sp 00007ffe2ed6f948 error 4 in libsepol.so.1[7f9b0af9e000+95000]
# 

Actual results:
* segfaults

Expected results:
* some error message but no segfault
Comment 1 Vit Mojzis 2016-11-21 14:10:00 UTC 
Fix: 
https://github.com/SELinuxProject/selinux/commit/02081779f3bbae034f9b4c2450a28c519460ae9e

https://github.com/fedora-selinux/selinux/commit/1b6c474be0065f49ab9020d8ca5b9ac9c1c90cfe
Comment 6 errata-xmlrpc 2018-04-10 12:51:11 UTC 
Since the problem described in this bug report should be
resolved in a recent advisory, it has been closed with a
resolution of ERRATA.

For information on the advisory, and where to find the updated
files, follow the link below.

If the solution does not work for you, open a new bug report.

https://access.redhat.com/errata/RHBA-2018:0764
Note You need to log in before you can comment on or make changes to this bug.