f8883a97a0
- Rebase to 1.9.5p2 - CVE-2023-28486 sudo: Sudo does not escape control characters in log messages Resolves: RHEL-21825 - CVE-2023-28487 sudo: Sudo does not escape control characters in sudoreplay output Resolves: RHEL-21831 - CVE-2023-42465 sudo: Targeted Corruption of Register and Stack Variables Resolves: RHEL-21820 Signed-off-by: Radovan Sroka <rsroka@redhat.com>
75 lines
2.3 KiB
Diff
75 lines
2.3 KiB
Diff
From 73006fb25f0ebc35bc46b8f20036d40fcbb6de53 Mon Sep 17 00:00:00 2001
|
|
From: Radovan Sroka <rsroka@redhat.com>
|
|
Date: Thu, 1 Apr 2021 21:42:03 +0200
|
|
Subject: [PATCH] Removed depricated security_context_t
|
|
|
|
Signed-off-by: Radovan Sroka <rsroka@redhat.com>
|
|
---
|
|
src/selinux.c | 24 ++++++++++++------------
|
|
1 file changed, 12 insertions(+), 12 deletions(-)
|
|
|
|
diff --git a/src/selinux.c b/src/selinux.c
|
|
index a2f73f8d0..c2f50aafb 100644
|
|
--- a/src/selinux.c
|
|
+++ b/src/selinux.c
|
|
@@ -58,10 +58,10 @@
|
|
#include "sudo_exec.h"
|
|
|
|
static struct selinux_state {
|
|
- security_context_t old_context;
|
|
- security_context_t new_context;
|
|
- security_context_t tty_con_raw;
|
|
- security_context_t new_tty_con_raw;
|
|
+ char * old_context;
|
|
+ char * new_context;
|
|
+ char * tty_con_raw;
|
|
+ char * new_tty_con_raw;
|
|
const char *ttyn;
|
|
int ttyfd;
|
|
int enforcing;
|
|
@@ -69,8 +69,8 @@ static struct selinux_state {
|
|
|
|
#ifdef HAVE_LINUX_AUDIT
|
|
static int
|
|
-audit_role_change(const security_context_t old_context,
|
|
- const security_context_t new_context, const char *ttyn, int result)
|
|
+audit_role_change(const char * old_context,
|
|
+ const char * new_context, const char *ttyn, int result)
|
|
{
|
|
int au_fd, rc = -1;
|
|
char *message;
|
|
@@ -111,7 +111,7 @@ int
|
|
selinux_restore_tty(void)
|
|
{
|
|
int ret = -1;
|
|
- security_context_t chk_tty_con_raw = NULL;
|
|
+ char * chk_tty_con_raw = NULL;
|
|
debug_decl(selinux_restore_tty, SUDO_DEBUG_SELINUX);
|
|
|
|
if (se_state.ttyfd == -1 || se_state.new_tty_con_raw == NULL) {
|
|
@@ -166,8 +166,8 @@ selinux_restore_tty(void)
|
|
static int
|
|
relabel_tty(const char *ttyn, int ptyfd)
|
|
{
|
|
- security_context_t tty_con = NULL;
|
|
- security_context_t new_tty_con = NULL;
|
|
+ char * tty_con = NULL;
|
|
+ char * new_tty_con = NULL;
|
|
struct stat sb;
|
|
int fd;
|
|
debug_decl(relabel_tty, SUDO_DEBUG_SELINUX);
|
|
@@ -308,10 +308,10 @@ relabel_tty(const char *ttyn, int ptyfd)
|
|
* Returns a new security context based on the old context and the
|
|
* specified role and type.
|
|
*/
|
|
-security_context_t
|
|
-get_exec_context(security_context_t old_context, const char *role, const char *type)
|
|
+char *
|
|
+get_exec_context(char * old_context, const char *role, const char *type)
|
|
{
|
|
- security_context_t new_context = NULL;
|
|
+ char * new_context = NULL;
|
|
context_t context = NULL;
|
|
char *typebuf = NULL;
|
|
debug_decl(get_exec_context, SUDO_DEBUG_SELINUX);
|