From 984e3188e2dd4f4623eb60179d93af34c48f31dfc83e871ced43abde302781d7 Mon Sep 17 00:00:00 2001 From: Hu Date: Thu, 11 Jul 2024 19:59:25 +0000 Subject: [PATCH] Accepting request 1186962 from home:cahu:security:SELinux:userspace37 - Fix segfault caused by upstream changes in selabel_open(): libselinux-set-free-d-data-to-NULL.patch Can be removed once it is upstream. OBS-URL: https://build.opensuse.org/request/show/1186962 OBS-URL: https://build.opensuse.org/package/show/security:SELinux/libselinux?expand=0&rev=172 --- libselinux-set-free-d-data-to-NULL.patch | 48 ++++++++++++++++++++++++ libselinux.changes | 7 ++++ libselinux.spec | 3 ++ 3 files changed, 58 insertions(+) create mode 100644 libselinux-set-free-d-data-to-NULL.patch diff --git a/libselinux-set-free-d-data-to-NULL.patch b/libselinux-set-free-d-data-to-NULL.patch new file mode 100644 index 0000000..8c08500 --- /dev/null +++ b/libselinux-set-free-d-data-to-NULL.patch @@ -0,0 +1,48 @@ +Index: libselinux-3.7/src/label_backends_android.c +=================================================================== +--- libselinux-3.7.orig/src/label_backends_android.c ++++ libselinux-3.7/src/label_backends_android.c +@@ -260,6 +260,7 @@ static void closef(struct selabel_handle + free(data->spec_arr); + + free(data); ++ rec->data = NULL; + } + + static struct selabel_lookup_rec *property_lookup(struct selabel_handle *rec, +Index: libselinux-3.7/src/label_file.c +=================================================================== +--- libselinux-3.7.orig/src/label_file.c ++++ libselinux-3.7/src/label_file.c +@@ -942,6 +942,7 @@ static void closef(struct selabel_handle + free(last_area); + } + free(data); ++ rec->data = NULL; + } + + // Finds all the matches of |key| in the given context. Returns the result in +Index: libselinux-3.7/src/label_media.c +=================================================================== +--- libselinux-3.7.orig/src/label_media.c ++++ libselinux-3.7/src/label_media.c +@@ -183,6 +183,7 @@ static void close(struct selabel_handle + free(spec_arr); + + free(data); ++ rec->data = NULL; + } + + static struct selabel_lookup_rec *lookup(struct selabel_handle *rec, +Index: libselinux-3.7/src/label_x.c +=================================================================== +--- libselinux-3.7.orig/src/label_x.c ++++ libselinux-3.7/src/label_x.c +@@ -210,6 +210,7 @@ static void close(struct selabel_handle + free(spec_arr); + + free(data); ++ rec->data = NULL; + } + + static struct selabel_lookup_rec *lookup(struct selabel_handle *rec, diff --git a/libselinux.changes b/libselinux.changes index 1c0f41b..f1de0c5 100644 --- a/libselinux.changes +++ b/libselinux.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Thu Jul 11 19:47:41 UTC 2024 - Cathy Hu + +- Fix segfault caused by upstream changes in selabel_open(): + libselinux-set-free-d-data-to-NULL.patch + Can be removed once it is upstream. + ------------------------------------------------------------------- Mon Jul 1 07:53:14 UTC 2024 - Cathy Hu diff --git a/libselinux.spec b/libselinux.spec index 761aa85..2162bd8 100644 --- a/libselinux.spec +++ b/libselinux.spec @@ -36,6 +36,9 @@ Patch5: skip_cycles.patch # Make linking working even when default pkg-config doesn’t provide -lpython Patch6: python3.8-compat.patch Patch7: swig4_moduleimport.patch +# Fixes segfault in 3.7, please remove once this is upstream: +# https://lore.kernel.org/selinux/CAP+JOzQCu0srfss921Ew42oHxsaqRYGiTs56_h9j2Yfw0cYGjg@mail.gmail.com/T/#t +Patch8: libselinux-set-free-d-data-to-NULL.patch BuildRequires: fdupes BuildRequires: libsepol-devel >= %{libsepol_ver} BuildRequires: libsepol-devel-static >= %{libsepol_ver}