copy: fix a segfault in SELinux context copying code

* src/selinux.c (restorecon_private): On ArchLinux the
`fakeroot cp -a file1 file2` command segfaulted due
to getfscreatecon() returning a NULL context.
So map this to the sometimes ignored ENODATA error,
rather than crashing.
* tests/cp/no-ctx.sh: Add a new test case.
* tests/local.mk: Reference the new test.
* NEWS: Mention the fix.
Fixes http://bugs.gnu.org/16335

1 files changed, 63 insertions, 0 deletions

diff --git a/tests/cp/no-ctx.sh b/tests/cp/no-ctx.sh
new file mode 100755
index 000000000..3b5eb829a
--- /dev/null
+++ b/tests/cp/no-ctx.sh
@@ -0,0 +1,63 @@
+#!/bin/sh
+# Ensure we handle file systems returning no SELinux context,
+# which triggered a segmentation fault in coreutils-8.22.
+# This test is skipped on systems that lack LD_PRELOAD support; that's fine.
+# Similarly, on a system that lacks lgetfilecon altogether, skipping it is fine.
+
+# Copyright (C) 2014 Free Software Foundation, Inc.
+
+# This program is free software: you can redistribute it and/or modify
+# it under the terms of the GNU General Public License as published by
+# the Free Software Foundation, either version 3 of the License, or
+# (at your option) any later version.
+
+# This program is distributed in the hope that it will be useful,
+# but WITHOUT ANY WARRANTY; without even the implied warranty of
+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE.  See the
+# GNU General Public License for more details.
+
+# You should have received a copy of the GNU General Public License
+# along with this program.  If not, see <http://www.gnu.org/licenses/>.
+
+. "${srcdir=.}/tests/init.sh"; path_prepend_ ./src
+print_ver_ cp
+require_gcc_shared_
+
+# Replace each getfilecon and lgetfilecon call with a call to these stubs.
+cat > k.c <<'EOF' || framework_failure_
+#include <stdio.h>
+#include <selinux/selinux.h>
+#include <errno.h>
+
+int getfilecon (const char *path, security_context_t *con)
+{
+  /* Leave a marker so we can identify if the function was intercepted.  */
+  fclose(fopen("preloaded", "w"));
+
+  errno=ENODATA;
+  return -1;
+}
+
+int lgetfilecon (const char *path, security_context_t *con)
+{ return getfilecon (path, con); }
+EOF
+
+# Then compile/link it:
+gcc_shared_ k.c k.so \
+  || skip_ 'failed to build SELinux shared library'
+
+touch file_src
+
+# New file with SELinux context optionally included
+LD_PRELOAD=./k.so cp -a file_src file_dst || fail=1
+
+# Existing file with SELinux context optionally included
+LD_PRELOAD=./k.so cp -a file_src file_dst || fail=1
+
+# ENODATA should give an immediate error when required to preserve ctx
+# This is debatable, and maybe we should not fail when no context available?
+LD_PRELOAD=./k.so cp --preserve=context file_src file_dst && fail=1
+
+test -e preloaded || skip_ 'LD_PRELOAD interception failed'
+
+Exit $fail