policycoreutils-3.6-3

- restorecond: always add '\0' to ut_user Resolves: RHEL-29175
2025-04-28 14:30:22 +02:00 · 2025-04-28 14:30:22 +02:00 · b04c04698f
commit b04c04698f
parent 39fb3636a4
2 changed files with 54 additions and 1 deletions
--- a/0021-restorecond-always-add-0-to-ut_user.patch
+++ b/0021-restorecond-always-add-0-to-ut_user.patch
@ -0,0 +1,49 @@
+From 98fd27a995442f413ea606619bca6ffa3ddbbf53 Mon Sep 17 00:00:00 2001
+From: Petr Lautrbach <lautrbach@redhat.com>
+Date: Mon, 28 Apr 2025 11:07:31 +0200
+Subject: [PATCH] restorecond: always add '\0' to ut_user
+Content-type: text/plain
+
+Fixes:
+    Error: STRING_NULL (CWE-170): [#def5]
+    selinux-3.6/restorecond/utmpwatcher.c:62: string_null_source: Function "fread" does not terminate string "u". [Note: The source code implementation of the function has been overridden by a builtin model.]
+    selinux-3.6/restorecond/utmpwatcher.c:64: string_null: Passing unterminated string "u.ut_user" to "strings_list_add", which expects a null-terminated string.
+    #   62|   	while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) {
+    #   63|   		if (u.ut_type == USER_PROCESS)
+    #   64|-> 			strings_list_add(&utmp_ptr, u.ut_user);
+    #   65|   	}
+    #   66|   	fclose(cfg);
+---
+ restorecond/utmpwatcher.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+
+diff --git a/restorecond/utmpwatcher.c b/restorecond/utmpwatcher.c
+index 8660520370de..c9d666862c11 100644
+--- a/restorecond/utmpwatcher.c
+++ b/restorecond/utmpwatcher.c
+@@ -50,6 +50,8 @@ unsigned int utmpwatcher_handle(int inotify_fd, int wd)
+ 	int changed = 0;
+ 	struct utmp u;
+ 	const char *utmp_path = "/run/utmp";
+	char utmp_user[UT_NAMESIZE + 1];
+
+ 	struct stringsList *prev_utmp_ptr = utmp_ptr;
+ 	if (wd != utmp_wd)
+ 		return -1;
+@@ -60,8 +62,11 @@ unsigned int utmpwatcher_handle(int inotify_fd, int wd)
+ 		exitApp("Error reading utmp file.");
+ 
+ 	while (fread(&u, sizeof(struct utmp), 1, cfg) > 0) {
+-		if (u.ut_type == USER_PROCESS)
+-			strings_list_add(&utmp_ptr, u.ut_user);
+		if (u.ut_type == USER_PROCESS) {
+			strncpy(utmp_user, u.ut_user, UT_NAMESIZE);
+			utmp_user[UT_NAMESIZE] = '\0';
+			strings_list_add(&utmp_ptr, utmp_user);
+		}
+ 	}
+ 	fclose(cfg);
+ 	if (utmp_wd >= 0)
+-- 
+2.49.0
+
--- a/policycoreutils.spec
+++ b/policycoreutils.spec
@ -11,7 +11,7 @@
 Summary: SELinux policy core utilities
 Name:    policycoreutils
 Version: 3.6
-Release: 2.1%{?dist}
+Release: 3%{?dist}
 License: GPL-2.0-or-later
 # https://github.com/SELinuxProject/selinux/wiki/Releases
 Source0: https://github.com/SELinuxProject/selinux/releases/download/3.6/selinux-3.6.tar.gz
@ -56,6 +56,7 @@ Patch0017: 0017-Revert-gui-Remove-the-Russian-translations.patch
 Patch0018: 0018-python-semanage-Allow-modifying-records-on-add.patch
 Patch0019: 0019-python-semanage-Do-not-sort-local-fcontext-definitio.patch
 Patch0020: 0020-fixfiles-drop-unnecessary-line-endings.patch
+Patch0021: 0021-restorecond-always-add-0-to-ut_user.patch
 # Patch list end
 Obsoletes: policycoreutils < 2.0.61-2
 Conflicts: filesystem < 3, selinux-policy-base < 3.13.1-138
@ -465,6 +466,9 @@ The policycoreutils-restorecond package contains the restorecond service.
 %systemd_postun_with_restart restorecond.service

 %changelog
+* Mon Apr 28 2025 Petr Lautrbach <lautrbach@redhat.com> - 3.6-3
+- restorecond: always add '\0' to ut_user
+
 * Mon Feb 19 2024 Petr Lautrbach <lautrbach@redhat.com> - 3.6-2.1
 - semanage: Allow modifying records on "add"
 - semanage: Do not sort local fcontext definitions