Bug 149194 - unchecked input errors, wrong EOL handling
unchecked input errors, wrong EOL handling
Status: CLOSED CURRENTRELEASE
Product: Fedora
Classification: Fedora
Component: libselinux (Show other bugs)
rawhide
All Linux
medium Severity medium
: ---
: ---
Assigned To: Daniel Walsh
:
Depends On:
Blocks:
  Show dependency treegraph
 
Reported: 2005-02-20 15:44 EST by Ulrich Drepper
Modified: 2007-11-30 17:11 EST (History)
1 user (show)

See Also:
Fixed In Version: 1.21.10-3
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-09-04 19:36:58 EDT
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)
patch to fix the mentioned problems (5.69 KB, patch)
2005-02-20 15:44 EST, Ulrich Drepper
no flags Details | Diff

  None (edit)
Description Ulrich Drepper 2005-02-20 15:44:07 EST
Description of problem:
Some utilities in libselinux don't check the input they get correctly and might
use uninitialized data.  Also, the libselinux code cannot handle lines at the
end of the file which don't have a newline.

I attach a patch which fixes these problems and improves robustness:

~ use getline() instead of fgets().  The result is that lines can be arbitrarily
long.  The memory handling is done in libc, well proved code.  No more bogus
message about ignored lines.

~ if fgets() fails for user input, handle this.  some functions are designed so
that they cannot fail.  In this case the new code simply continues.  This is not
good, but more correct than using invalid memory.

~ in setsebool, the creation of the new file could corrupt the old file.  The
write return value wasn't checked.  While fixing this, I changed the code to
create a temporary file so that the old file is not lost in case the new file
cannot be successfully created.

Version-Release number of selected component (if applicable):
libselinux-1.21.10-1

How reproducible:


Steps to Reproduce:
1.
2.
3.
  
Actual results:


Expected results:


Additional info:
Comment 1 Ulrich Drepper 2005-02-20 15:44:07 EST
Created attachment 111243 [details]
patch to fix the mentioned problems
Comment 2 Daniel Walsh 2005-02-21 09:23:32 EST
libselinux-1.21.10-3 has this patch applied.


Note You need to log in before you can comment on or make changes to this bug.