[systemd-devel] SECLABEL issue into udev

Valerii Chernous -X (vchernou - GLOBALLOGIC INC at Cisco) vchernou at cisco.com
Tue Mar 10 09:59:56 UTC 2020 

Hi Team,
I send this email again because don't receive answer on previous message.

I have issue with SECLABEL into systemd udevadm 243 and I see that mainline also have this issue.
It look like Yu forgot initialize data into commit:
25de7aa7b90 (Yu Watanabe                 2019-04-25 01:21:11 +0200 924)

If I add something like:
SECLABEL{selinux}="some info"
to udev rule I got a SIGSEGV into udevadm into this rule.
On my opinion next one line patch can fix this issue:

diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
index b9b350d1ef..e1e8273468 100644
--- a/src/udev/udev-rules.c
+++ b/src/udev/udev-rules.c
@@ -921,7 +921,7 @@ static int parse_token(UdevRules *rules, const char *key, char *attr, UdevRuleOp
                         op = OP_ASSIGN;
                 }

-                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, NULL);
+                r = rule_line_add_token(rule_line, TK_A_SECLABEL, op, value, attr);
         } else if (streq(key, "RUN")) {
                 if (is_match || op == OP_REMOVE)
                         return log_token_invalid_op(rules, key);
@@ -1945,6 +1945,7 @@ static int udev_rule_apply_token_to_event(
                 _cleanup_free_ char *name = NULL, *label = NULL;
                 char label_str[UTIL_LINE_SIZE] = {};

+                // NULL pointer dereference issue
                 name = strdup((const char*) token->data);
                 if (!name)
                         return log_oom();
@@ -1967,6 +1968,7 @@ static int udev_rule_apply_token_to_event(
                 r = ordered_hashmap_put(event->seclabel_list, name, label);
                 if (r < 0)
                         return log_oom();
+                //it look like name the same as attr into parse_token
                 log_rule_debug(dev, rules, "SECLABEL{%s}='%s'", name, label);
                 name = label = NULL;
                 break;

Best regards,
Valerii

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20200310/87072ae0/attachment.htm>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: 0001-udev-rules.c-SECLABEL-selinux-SIGSEGV-fix.patch
Type: text/x-patch
Size: 1891 bytes
Desc: 0001-udev-rules.c-SECLABEL-selinux-SIGSEGV-fix.patch
URL: <https://lists.freedesktop.org/archives/systemd-devel/attachments/20200310/87072ae0/attachment.bin>

More information about the systemd-devel mailing list