Bug 149194 - unchecked input errors, wrong EOL handling
Summary: unchecked input errors, wrong EOL handling
Keywords:
Status: CLOSED CURRENTRELEASE
Alias: None
Product: Fedora
Classification: Fedora
Component: libselinux
Version: rawhide
Hardware: All
OS: Linux
medium
medium
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
URL:
Whiteboard:
Depends On:
Blocks:
TreeView+ depends on / blocked
 
Reported: 2005-02-20 20:44 UTC by Ulrich Drepper
Modified: 2007-11-30 22:11 UTC (History)
1 user (show)

Fixed In Version: 1.21.10-3
Doc Type: Bug Fix
Doc Text:
Clone Of:
Environment:
Last Closed: 2005-09-04 23:36:58 UTC
Type: ---
Embargoed:


Attachments (Terms of Use)
patch to fix the mentioned problems (5.69 KB, patch)
2005-02-20 20:44 UTC, Ulrich Drepper
no flags Details | Diff

Description Ulrich Drepper 2005-02-20 20:44:07 UTC
Description of problem:
Some utilities in libselinux don't check the input they get correctly and might
use uninitialized data.  Also, the libselinux code cannot handle lines at the
end of the file which don't have a newline.

I attach a patch which fixes these problems and improves robustness:

~ use getline() instead of fgets().  The result is that lines can be arbitrarily
long.  The memory handling is done in libc, well proved code.  No more bogus
message about ignored lines.

~ if fgets() fails for user input, handle this.  some functions are designed so
that they cannot fail.  In this case the new code simply continues.  This is not
good, but more correct than using invalid memory.

~ in setsebool, the creation of the new file could corrupt the old file.  The
write return value wasn't checked.  While fixing this, I changed the code to
create a temporary file so that the old file is not lost in case the new file
cannot be successfully created.

Version-Release number of selected component (if applicable):
libselinux-1.21.10-1

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:

Comment 1 Ulrich Drepper 2005-02-20 20:44:07 UTC
Created attachment 111243 [details]
patch to fix the mentioned problems

Comment 2 Daniel Walsh 2005-02-21 14:23:32 UTC
libselinux-1.21.10-3 has this patch applied.




Note You need to log in before you can comment on or make changes to this bug.