On Tue, 2005-09-20 at 16:31 -0400, Valdis.Kletnieks(a)vt.edu wrote:
Something is causing checkpolicy to segfault. I ended up building
it from the .src.rpm so it was compiled with -g and not stripped.
checkpolicy-1.27.1-1, libselinux-1.26-6, updated to -devel tree as of this morning.
gdb then says:
(gdb) run -M -o policy.20 policy.conf
Starting program: /usr/src/redhat/BUILD/checkpolicy-1.27.1/checkpolicy -M -o policy.20
policy.conf
Reading symbols from shared object read from target memory...done.
Loaded system supplied DSO at 0xffffe000
/usr/src/redhat/BUILD/checkpolicy-1.27.1/checkpolicy: loading policy configuration from
policy.conf
Program received signal SIGSEGV, Segmentation fault.
parse_categories (id=0x8bbff28 "s0", levdatum=0x80a75b8, cats=0x80a00bc)
at policy_parse.y:3569
3569 range_start = range_end = cdatum->value - 1;
(gdb) where
#0 parse_categories (id=0x8bbff28 "s0", levdatum=0x80a75b8, cats=0x80a00bc)
at policy_parse.y:3569
#1 0x0804f340 in parse_security_context (c=0x80a00ac) at policy_parse.y:3850
#2 0x080534f2 in yyparse () at policy_parse.y:3925
#3 0x0804a743 in main (argc=5, argv=0xbfeecd74) at checkpolicy.c:549
This ring any bells? Have I dorked up a file ('users' most likely) during the
conversion to MCS in a way that didn't flag a syntax error but causes a crash?
Hints, etc accepted..
From the info above, you have an id "s0" that is a
sensitivity rather
than a category, so the hashtab_search fails, but that code path
fails
to check for such failure and thus crashes rather than reporting it.
Try the patch below.
Index: checkpolicy/policy_parse.y
===================================================================
RCS file: /nfshome/pal/CVS/selinux-usr/checkpolicy/policy_parse.y,v
retrieving revision 1.43
diff -u -p -r1.43 policy_parse.y
--- checkpolicy/policy_parse.y 16 Sep 2005 17:24:11 -0000 1.43
+++ checkpolicy/policy_parse.y 20 Sep 2005 20:38:34 -0000
@@ -3566,6 +3566,11 @@ parse_categories(char *id, level_datum_t
} else {
cdatum = (cat_datum_t *)hashtab_search(policydbp->p_cats.table,
(hashtab_key_t)id);
+ if (!cdatum) {
+ sprintf(errormsg, "unknown category %s", id);
+ yyerror(errormsg);
+ return -1;
+ }
range_start = range_end = cdatum->value - 1;
}
--
Stephen Smalley
National Security Agency