Bug 177465 - Utilities that uses libsemanage package may crash on 64 bit machines
Summary: Utilities that uses libsemanage package may crash on 64 bit machines
Alias: None
Product: Fedora
Classification: Fedora
Component: libsemanage   
(Show other bugs)
Version: rawhide
Hardware: alpha
OS: Linux
Target Milestone: ---
Assignee: Daniel Walsh
QA Contact:
Depends On:
TreeView+ depends on / blocked
Reported: 2006-01-10 21:19 UTC by Sergey Tikhonov
Modified: 2007-11-30 22:11 UTC (History)
2 users (show)

Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Last Closed: 2006-01-17 02:52:30 UTC
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---

Attachments (Terms of Use)
Error stream of package building (54.84 KB, text/plain)
2006-01-11 20:32 UTC, Sergey Tikhonov
no flags Details

Description Sergey Tikhonov 2006-01-10 21:19:58 UTC
Description of problem:
During install of selinux-policy-targeted package I got the following error in
post-install script:
+ semodule -b /usr/share/selinux/targeted/base.pp -s targeted
libsemanage.dbase_policydb_list: out of memory
libsemanage.semanage_exec_prog: Child process /usr/sbin/genhomedircon did not
exit cleanly.
libsemanage.semanage_install_sandbox: genhomedircon returned error code -1.

I tracked down the problem to the "static int dbase_policydb_list"
(database_policydb.c) function. It defines "size_t tmp_count" variable and
passes it to "dbase->rptable->count(handle->sepolh, dbase->policydb,
&tmp_count)" by pointer. On Alpha size_t is 64 bits long, but the function
expects "tmp_count" to be "unsigned int" (gcc issue warning on it). The problem
is if 32 higher bits of that counter contains garbage it won't be overriden by
"dbase->rptable->count" (it work with unsigned int which is 32 bits long)
function and on return from it the "tmp_count" could hold large value.

There are two ways to fix it:
- initialize tmp_count to zero
- declare it as "unsigned int" (which is more correct).

Version-Release number of selected component (if applicable):

Thank you.

Comment 1 Ivan Gyurdiev 2006-01-11 20:03:47 UTC
Hi, I'm looking at this issue. Can you attach the full list of warnings
generated   (error stream only). There should be no unexpected warnings in
libsemanage - it does have a bunch of expected ones, but any new ones that show
should be fixed.

Comment 2 Sergey Tikhonov 2006-01-11 20:32:14 UTC
Created attachment 123069 [details]
Error stream of package building

Here it is. There are two warning "passing argument from incompatible pointer

Comment 3 Ivan Gyurdiev 2006-01-11 20:44:26 UTC
Those are bugs:

database_activedb.c: In function 'dbase_activedb_cache':
database_activedb.c:41: warning: 'i' may be used uninitialized in this function
database_policydb.c: In function 'dbase_policydb_list':
database_policydb.c:389: warning: passing argument 3 of 'dbase->rptable->count'
from incompatible pointer type

The swig ones I haven't seen before - can't comment on those, jbrindle cc-ed.

The other ones are known and expected - the incompatible types are between sepol
and semanage, since those two libraries are currently coupled, and expected to
be upgraded together (btw, we should autotool the library, and require the
proper symbols here). 

Comment 4 Ivan Gyurdiev 2006-01-11 20:54:43 UTC
Ok, it is my understanding that size_t = unsigned int or unsigned long int, and
int <= long int, is that correct ? 


So size_t is always at least as large as the result returned by count, correct?
In that case, I am inclined to change the list function to return unsigned int
as well. Since this is a smaller data type, this should not be considered an API

Comment 5 Sergey Tikhonov 2006-01-11 21:05:19 UTC
Yes, int <= long int. Which type to use in function it is up to - they just
should be the same, especially if the data accessed by pointer.

Comment 6 Ivan Gyurdiev 2006-01-13 23:00:04 UTC
Patch upstream to change almost all use of size_t -> unsigned int, which is more
correct. Patch upstream to fix uninitialized variable i in dbase_activedb_cache
error path.

Comment 7 Ivan Gyurdiev 2006-01-14 21:55:28 UTC
Please try to reconfirm bug against rawhide, it should not happen anymore.

Comment 8 Sergey Tikhonov 2006-01-16 11:33:20 UTC
Yes, it does work now. There are still warnings about passing pointers from
incompatible type. Guess they are expected. :)

Thank you.

Note You need to log in before you can comment on or make changes to this bug.