- fix #429454 - logrotate fails due to invalid pointer

This commit is contained in:
Tomas Smetana 2008-01-21 13:25:25 +00:00
parent fcfb46ffad
commit 5b32d9402d
2 changed files with 61 additions and 14 deletions

View File

@ -1,26 +1,64 @@
Written-by: Tomas Smetana <tsmetana@redhat.com>
diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c
--- logrotate-3.7.6/logrotate.c.selinux 2008-01-09 09:37:16.000000000 +0100 --- logrotate-3.7.6/logrotate.c.selinux 2007-08-07 09:14:35.000000000 +0200
+++ logrotate-3.7.6/logrotate.c 2008-01-09 09:39:05.000000000 +0100 +++ logrotate-3.7.6/logrotate.c 2008-01-21 09:32:56.000000000 +0100
@@ -899,6 +899,9 @@ int rotateSingleLog(logInfo * log, int l @@ -409,15 +409,17 @@ static int copyTruncate(char *currLog, c
}
#ifdef WITH_SELINUX
if (selinux_enabled) {
- security_context_t oldContext;
+ security_context_t oldContext = NULL;
if (fgetfilecon_raw(fdcurr, &oldContext) >= 0) {
if (getfscreatecon_raw(&prev_context) < 0) {
message(MESS_ERROR,
"getting default context: %s\n",
strerror(errno));
if (selinux_enforce) {
- freecon(oldContext);
- return 1;
+ if (oldContext != NULL) {
+ freecon(oldContext);
+ }
+ return 1;
}
}
if (setfscreatecon_raw(oldContext) < 0) {
@@ -425,11 +427,15 @@ static int copyTruncate(char *currLog, c
"setting file context %s to %s: %s\n",
saveLog, oldContext, strerror(errno));
if (selinux_enforce) {
- freecon(oldContext);
- return 1;
+ if (oldContext != NULL) {
+ freecon(oldContext);
+ }
+ return 1;
}
}
- freecon(oldContext);
+ if (oldContext != NULL) {
+ freecon(oldContext);
+ }
} else {
if (errno != ENOTSUP) {
message(MESS_ERROR, "getting file context %s: %s\n",
@@ -899,6 +905,9 @@ int rotateSingleLog(logInfo * log, int l
int hasErrors = 0; int hasErrors = 0;
struct stat sb; struct stat sb;
int fd; int fd;
+#ifdef WITH_SELINUX +#ifdef WITH_SELINUX
+ security_context_t savedContext; + security_context_t savedContext = NULL;
+#endif +#endif
if (!state->doRotate) if (!state->doRotate)
return 0; return 0;
@@ -906,7 +909,51 @@ int rotateSingleLog(logInfo * log, int l @@ -906,7 +915,57 @@ int rotateSingleLog(logInfo * log, int l
if (!hasErrors) { if (!hasErrors) {
if (!(log->flags & (LOG_FLAG_COPYTRUNCATE | LOG_FLAG_COPY))) { if (!(log->flags & (LOG_FLAG_COPYTRUNCATE | LOG_FLAG_COPY))) {
- message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum], - message(MESS_DEBUG, "renaming %s to %s\n", log->files[logNum],
+#ifdef WITH_SELINUX +#ifdef WITH_SELINUX
+ if (selinux_enabled) { + if (selinux_enabled) {
+ security_context_t oldContext; + security_context_t oldContext = NULL;
+ int fdcurr = -1; + int fdcurr = -1;
+ +
+ if ((fdcurr = open(log->files[logNum], O_RDWR)) < 0) { + if ((fdcurr = open(log->files[logNum], O_RDWR)) < 0) {
@ -35,7 +73,9 @@ diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c
+ "getting default context: %s\n", + "getting default context: %s\n",
+ strerror(errno)); + strerror(errno));
+ if (selinux_enforce) { + if (selinux_enforce) {
+ if (oldContext != NULL) {
+ freecon(oldContext); + freecon(oldContext);
+ }
+ return 1; + return 1;
+ } + }
+ } + }
@ -44,13 +84,17 @@ diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c
+ "setting file context %s to %s: %s\n", + "setting file context %s to %s: %s\n",
+ log->files[logNum], oldContext, strerror(errno)); + log->files[logNum], oldContext, strerror(errno));
+ if (selinux_enforce) { + if (selinux_enforce) {
+ if (oldContext != NULL) {
+ freecon(oldContext); + freecon(oldContext);
+ }
+ return 1; + return 1;
+ } + }
+ } + }
+ message(MESS_DEBUG, "fscreate context set to %s\n", + message(MESS_DEBUG, "fscreate context set to %s\n",
+ oldContext); + oldContext);
+ if (oldContext != NULL) {
+ freecon(oldContext); + freecon(oldContext);
+ }
+ } else { + } else {
+ if (errno != ENOTSUP) { + if (errno != ENOTSUP) {
+ message(MESS_ERROR, "getting file context %s: %s\n", + message(MESS_ERROR, "getting file context %s: %s\n",
@ -66,7 +110,7 @@ diff -up logrotate-3.7.6/logrotate.c.selinux logrotate-3.7.6/logrotate.c
rotNames->finalName); rotNames->finalName);
if (!debug && !hasErrors && if (!debug && !hasErrors &&
@@ -961,6 +1008,15 @@ int rotateSingleLog(logInfo * log, int l @@ -961,6 +1020,15 @@ int rotateSingleLog(logInfo * log, int l
close(fd); close(fd);
} }
} }

View File

@ -1,7 +1,7 @@
Summary: Rotates, compresses, removes and mails system log files Summary: Rotates, compresses, removes and mails system log files
Name: logrotate Name: logrotate
Version: 3.7.6 Version: 3.7.6
Release: 2.1%{?dist} Release: 2.2%{?dist}
License: GPL+ License: GPL+
Group: System Environment/Base Group: System Environment/Base
# The source for this package was pulled from cvs. # The source for this package was pulled from cvs.
@ -60,6 +60,9 @@ rm -rf $RPM_BUILD_ROOT
%attr(0644, root, root) %verify(not size md5 mtime) %config(noreplace) %{_localstatedir}/lib/logrotate.status %attr(0644, root, root) %verify(not size md5 mtime) %config(noreplace) %{_localstatedir}/lib/logrotate.status
%changelog %changelog
* Mon Jan 21 2008 Tomas Smetana <tsmetana@redhat.com> 3.7.6-2.2
- fix #429454 - logrotate fails due to invalid pointer
* Wed Jan 09 2008 Tomas Smetana <tsmetana@redhat.com> 3.7.6-2.1 * Wed Jan 09 2008 Tomas Smetana <tsmetana@redhat.com> 3.7.6-2.1
- fix the selinux patch - fix the selinux patch