avoid xfree(NULL) in ssh_selinux_copy_context() (#789502)

2012-11-05 16:18:52 +01:00 · 2012-11-05 16:18:52 +01:00 · dfa0cd5146
commit dfa0cd5146
parent f7f8b483b0
1 changed files with 14 additions and 12 deletions
--- a/openssh-6.1p1-privsep-selinux.patch
+++ b/openssh-6.1p1-privsep-selinux.patch
@ -1,14 +1,14 @@
 diff -up openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.1p1/openbsd-compat/port-linux.c
--- openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux	2012-10-12 13:35:03.715980297 +0200
+--- openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux	2012-11-05 14:46:39.334809203 +0100
-+++ openssh-6.1p1/openbsd-compat/port-linux.c	2012-10-12 13:35:03.719980279 +0200
+++ openssh-6.1p1/openbsd-compat/port-linux.c	2012-11-05 14:54:32.614504884 +0100
-@@ -505,6 +505,23 @@ ssh_selinux_change_context(const char *n
+@@ -505,6 +505,25 @@ ssh_selinux_change_context(const char *n
 	xfree(newctx);
 }
 +void
 +ssh_selinux_copy_context(void)
 +{
-+	char *ctx;
+	security_context_t *ctx;
 +
 +	if (!ssh_selinux_enabled())
 +		return;
@ -17,9 +17,11 @@ diff -up openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.1p1
 +		logit("%s: getcon failed with %s", __func__, strerror (errno));
 +		return;
 +	}
 +	if (ctx != NULL) {
 +		if (setcon(ctx) != 0)
 +			logit("%s: setcon failed with %s", __func__, strerror (errno));
-+	xfree(ctx);
+		freecon(ctx);
 +	}
 +}
 +
 #endif /* WITH_SELINUX */
@ -27,7 +29,7 @@ diff -up openssh-6.1p1/openbsd-compat/port-linux.c.privsep-selinux openssh-6.1p1
 #ifdef LINUX_OOM_ADJUST
 diff -up openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux openssh-6.1p1/openbsd-compat/port-linux.h
 --- openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux	2011-01-25 02:16:18.000000000 +0100
-+++ openssh-6.1p1/openbsd-compat/port-linux.h	2012-10-12 13:35:03.719980279 +0200
+++ openssh-6.1p1/openbsd-compat/port-linux.h	2012-11-05 14:46:39.339809234 +0100
@@ -24,6 +24,7 @@ int ssh_selinux_enabled(void);
 void ssh_selinux_setup_pty(char *, const char *);
 void ssh_selinux_setup_exec_context(char *);
@ -37,8 +39,8 @@ diff -up openssh-6.1p1/openbsd-compat/port-linux.h.privsep-selinux openssh-6.1p1
 #endif
 diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
--- openssh-6.1p1/session.c.privsep-selinux	2012-10-12 13:35:03.670980503 +0200
+--- openssh-6.1p1/session.c.privsep-selinux	2012-11-05 14:46:39.314809081 +0100
-+++ openssh-6.1p1/session.c	2012-10-12 14:03:01.011305806 +0200
+++ openssh-6.1p1/session.c	2012-11-05 14:46:39.340809241 +0100
@@ -1513,6 +1513,10 @@ do_setusercontext(struct passwd *pw)
 		platform_setusercontext_post_groups(pw);
@ -61,8 +63,8 @@ diff -up openssh-6.1p1/session.c.privsep-selinux openssh-6.1p1/session.c
 	}
 diff -up openssh-6.1p1/sshd.c.privsep-selinux openssh-6.1p1/sshd.c
--- openssh-6.1p1/sshd.c.privsep-selinux	2012-10-12 13:35:03.716980292 +0200
+--- openssh-6.1p1/sshd.c.privsep-selinux	2012-11-05 14:46:39.335809209 +0100
-+++ openssh-6.1p1/sshd.c	2012-10-12 13:35:03.721980271 +0200
+++ openssh-6.1p1/sshd.c	2012-11-05 14:46:39.341809247 +0100
@@ -794,6 +794,13 @@ privsep_postauth(Authctxt *authctxt)
 	do_setusercontext(authctxt->pw);