diff options
| -rw-r--r-- | ChangeLog | 11 | ||||
| -rw-r--r-- | NEWS | 3 | ||||
| -rw-r--r-- | THANKS | 1 | ||||
| -rw-r--r-- | src/ls.c | 13 | ||||
| -rw-r--r-- | tests/ls/Makefile.am | 3 | ||||
| -rwxr-xr-x | tests/ls/proc-selinux-segfault | 33 |
6 files changed, 62 insertions, 2 deletions
@@ -1,3 +1,14 @@ +2008-01-29 Jim Meyering <meyering@redhat.com> + + ls: don't segfault on files in /proc with an old libselinux + * src/ls.c (gobble_file): Work around a bug in libselinux1-2.0.15 + whereby getfilecon returns 0 yet sets the context to NULL. + Reported by Jan Moringen via Michael Stone in + http://bugs.debian.org/463043 + * tests/ls/Makefile.am (TESTS): Add proc-selinux-segfault. + * tests/ls/proc-selinux-segfault: Test for the above fix. + * NEWS: Mention the fix. + 2008-01-26 Jim Meyering <meyering@redhat.com> Work around Darwin9's set-GID-like group ownership inheritance. @@ -4,6 +4,9 @@ GNU coreutils NEWS -*- outline -*- ** Bug fixes + ls no longer segfaults on files in /proc when linked with an older version + of libselinux. E.g., ls -l /proc/sys would dereference a NULL pointer. + Fix a non-portable use of sed in configure.ac. [bug introduced in coreutils-6.9.92] @@ -225,6 +225,7 @@ James Youngman james+usenet@free-lunch.demon.co.uk Jamie Lokier jamie@imbolc.ucc.ie Jamie McClelland jm@mayfirst.org Jan Fedak J.Fedak@sh.cvut.cz +Jan Moringen jan.moringen@uni-bielefeld.de Jan Nieuwenhuizen janneke@gnu.org Janos Farkas chexum@shadow.banki.hu Jarkko Hietaniemi jhi@epsilon.hut.fi @@ -1,5 +1,5 @@ /* `dir', `vdir' and `ls' directory listing programs for GNU. - Copyright (C) 85, 88, 90, 91, 1995-2007 Free Software Foundation, Inc. + Copyright (C) 85, 88, 90, 91, 1995-2008 Free Software Foundation, Inc. This program is free software: you can redistribute it and/or modify it under the terms of the GNU General Public License as published by @@ -2667,6 +2667,17 @@ gobble_file (char const *name, enum filetype type, ino_t inode, : lgetfilecon (absolute_name, &f->scontext)); err = (attr_len < 0); + /* Contrary to its documented API, getfilecon may return 0, + yet set f->scontext to NULL (on at least Debian's libselinux1 + 2.0.15-2+b1), so work around that bug. + FIXME: remove this work-around in 2011, or whenever affected + versions of libselinux are long gone. */ + if (attr_len == 0) + { + err = 0; + f->scontext = xstrdup ("unlabeled"); + } + if (err == 0) have_acl = ! STREQ ("unlabeled", f->scontext); else diff --git a/tests/ls/Makefile.am b/tests/ls/Makefile.am index 2aea41951..c9739c992 100644 --- a/tests/ls/Makefile.am +++ b/tests/ls/Makefile.am @@ -1,6 +1,6 @@ # Make coreutils tests for "ls". -*-Makefile-*- -# Copyright (C) 1997-2003, 2006-2007 Free Software Foundation, Inc. +# Copyright (C) 1997-2003, 2006-2008 Free Software Foundation, Inc. # This program is free software: you can redistribute it and/or modify # it under the terms of the GNU General Public License as published by @@ -16,6 +16,7 @@ # along with this program. If not, see <http://www.gnu.org/licenses/>. TESTS = \ + proc-selinux-segfault \ stat-free-symlinks \ nameless-uid \ color-dtype-dir \ diff --git a/tests/ls/proc-selinux-segfault b/tests/ls/proc-selinux-segfault new file mode 100755 index 000000000..320ba6f24 --- /dev/null +++ b/tests/ls/proc-selinux-segfault @@ -0,0 +1,33 @@ +#!/bin/sh +# ls -l /proc/sys would segfault when built against libselinux1 2.0.15-2+b1 + +# Copyright (C) 2008 Free Software Foundation, Inc. + +# This program is free software: you can redistribute it and/or modify +# it under the terms of the GNU General Public License as published by +# the Free Software Foundation, either version 3 of the License, or +# (at your option) any later version. + +# This program is distributed in the hope that it will be useful, +# but WITHOUT ANY WARRANTY; without even the implied warranty of +# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the +# GNU General Public License for more details. + +# You should have received a copy of the GNU General Public License +# along with this program. If not, see <http://www.gnu.org/licenses/>. + +if test "$VERBOSE" = yes; then + set -x + ls --version +fi + +. $srcdir/../envvar-check +. $srcdir/../test-lib.sh + +f=/proc/sys +test -r $f || f=. + +fail=0 +ls -l $f > out || fail=1 + +(exit $fail); exit $fail |