[patch] fix selinux OOM and memory leak
David Zeuthen
david at fubar.dk
Wed Apr 13 08:20:39 PDT 2005
On Wed, 2005-04-13 at 11:00 -0400, Havoc Pennington wrote:
> It's not trivial, but it's not hard. You're right that you basically
> create a stub no-op selinux thing.
While a trivial selinux no-op stub might have caught the two memory
leaks, you really want to test the integrity too, e.g. the stub selinux
thing needs to be more than no-op: you want it to deny/allow certain
messages and then you run this with zillions of messages, force OOM on
certain random (deterministic) allocations and check whether the bus
made the right decision. You may compute an upper bound of messages to
send too.
Only then you would have found that not handling OOM in the functions
bus_selinux_allows_* is a security hole because some messages are not
denied as they should be.
All this sounds to me like real work, but I'm not really too familiar
with the dispatch.c test framework.
Cheers,
David
More information about the dbus
mailing list