- fix: segfault on --recontext if file_contexts unreadable (#117374).

- fix: /etc/security/selinux/file_contexts is default path.

CVS patchset: 7220
CVS date: 2004/04/07 23:26:00

diff --git a/CHANGES b/CHANGES
index 96b2dc8..716520a 100644 (file)
--- a/CHANGES
+++ b/CHANGES
@@ -1,12 +1,16 @@
 4.3.1 -> 4.4:
-       - use package build time as EVR comparison tie breaker.
-       - fix: don't add leading space to %* argv expansion (#119059).
-       - scareMem = 0 everywhere, document deprecation phase out.
        - pentium3/pentium4 arch support (pluto@PLD).
        - cpuid() cleanups for PIC/non-PIC and gcc 3.4 (pluto@PLD).
        - rpmGlob() is now locale independent (wiget@PLD).
 
 4.3 -> 4.3.1:
+       - fix: don't add leading space to %* argv expansion (#119059).
+       - scareMem = 0 everywhere, document deprecation phase out.
+       - fix: add u+w to FIXPERMS.
+       - add buildtime to rpmds, methods to retrieve.
+       - python: hide labelCompare() underneath ds.cmp(a,b).
+       - fix: segfault on --recontext if file_contexts unreadable (#117374).
+       - fix: /etc/security/selinux/file_contexts is default path.
 
 4.2.2 -> 4.3:
        - upgrade to zlib-1.2.beta7.

diff --git a/lib/rpmfi.c b/lib/rpmfi.c
index 70ad753..0574c1b 100644 (file)
--- a/lib/rpmfi.c
+++ b/lib/rpmfi.c
@@ -1619,7 +1619,7 @@ void rpmfiBuildREContexts(Header h,
     int scareMem = 0;
     rpmfi fi = rpmfiNew(NULL, h, RPMTAG_BASENAMES, scareMem);
     rpmsx sx = NULL;
-    const char ** av;
+    const char ** av = NULL;
     int ac;
     size_t nb;
     char * t;
@@ -1628,7 +1628,6 @@ void rpmfiBuildREContexts(Header h,
     int * fcnb;
 
     if ((ac = rpmfiFC(fi)) <= 0) {
-       av = NULL;
        ac = 0;
        goto exit;
     }

diff --git a/lib/rpmsx.c b/lib/rpmsx.c
index 3da2411..846b826 100644 (file)
--- a/lib/rpmsx.c
+++ b/lib/rpmsx.c
@@ -166,17 +166,18 @@ static int rpmsxAdd(rpmsx sx, const char ** bpp)
  * Find the stem of a file name.
  * Error iff a file in the root directory or a regex that is too complex.
  *
+ * @param sx           security context patterns
  * @retval *bpp                ptr to text after stem.
  * @return             stem index, -1 on error
  */
-static int rpmsxFind(const rpmsx sx, const char ** bpp)
+static int rpmsxFind(/*@null@*/ const rpmsx sx, const char ** bpp)
        /*@modifies *bpp @*/
 {
     size_t stem_len = rpmsxsFStem(*bpp);
     rpmsxs sxs;
     int i;
 
-    if (stem_len)
+    if (sx != NULL && stem_len > 0)
     for (i = 0; i < sx->nsxs; i++) {
        sxs = sx->sxs + i;
        if (stem_len != sxs->len)
@@ -327,7 +328,7 @@ int rpmsxParse(rpmsx sx, const char * fn)
 
 /*@-branchstate@*/
     if (fn == NULL)
-       fn = "/etc/security/selinux/src/policy/file_contexts/file_contexts";
+       fn = "/etc/security/selinux/file_contexts";
 /*@=branchstate@*/
 
     if ((fp = fopen(fn, "r")) == NULL) {

diff --git a/lib/rpmsx.h b/lib/rpmsx.h
index a74edf9..6541700 100644 (file)
--- a/lib/rpmsx.h
+++ b/lib/rpmsx.h
@@ -267,7 +267,7 @@ rpmsx rpmsxInit(/*@null@*/ rpmsx sx, int reverse)
  * @return             file security context
  */
 /*@owned@*/ /*@null@*/
-const char * rpmsxFContext(rpmsx sx, const char * fn, mode_t fmode)
+const char * rpmsxFContext(/*@null@*/ rpmsx sx, const char * fn, mode_t fmode)
        /*@modifies sx @*/;
 
 #ifdef __cplusplus