On 11/23/2014 02:59 PM, William Roberts wrote: > I am using the current master of check-seapp and I am getting a > segfault and valgrind is outputting this: > > > $ valgrind ./sepolicy-check -s system_app -t system_data_file -c file > -p write -P /home/bill/workspace/udoo/out/target/product/udoo/root/sepolicy > ==6300== Memcheck, a memory error detector > ==6300== Copyright (C) 2002-2011, and GNU GPL'd, by Julian Seward et al. > ==6300== Using Valgrind-3.7.0 and LibVEX; rerun with -h for copyright info > ==6300== Command: ./sepolicy-check -s system_app -t system_data_file > -c file -p write -P > /home/bill/workspace/udoo/out/target/product/udoo/root/sepolicy > ==6300== > ==6300== Invalid read of size 4 > ==6300== at 0x804D5C8: expand_avtab_node (expand.c:3137) > ==6300== by 0x8049FC6: avtab_map (avtab.c:285) > ==6300== by 0xFEF27EF3: ??? > ==6300== Address 0x8 is not stack'd, malloc'd or (recently) free'd > ==6300== > ==6300== > ==6300== Process terminating with default action of signal 11 (SIGSEGV) > ==6300== Access not within mapped region at address 0x8 > ==6300== at 0x804D5C8: expand_avtab_node (expand.c:3137) > ==6300== by 0x8049FC6: avtab_map (avtab.c:285) > ==6300== by 0xFEF27EF3: ??? > ==6300== If you believe this happened as a result of a stack > ==6300== overflow in your program's main thread (unlikely but > ==6300== possible), you can try to increase the size of the > ==6300== main thread stack using the --main-stacksize= flag. > > > Attached is my binary sepolicy which is an OLD version 23 policy. I > didn't see the quick fix, so punting to you guys.
Attached patch should fix it, but policy versions < 26 are not supported by AOSP anymore as they do not support name-based transitions and we use them in various places in external/sepolicy/*.te. grep 'type_transition.*"' external/sepolicy/*.te. You could perhaps downgrade them to regular type_transitions but then any directory/file created by that process in a directory with that type will be labeled accordingly, not just ones with that specific name.
>From f429fa56e09703a6be2f658c8313b8ee83389a6f Mon Sep 17 00:00:00 2001 From: Stephen Smalley <[email protected]> Date: Mon, 24 Nov 2014 09:43:59 -0500 Subject: [PATCH] Fix expand logic for policy versions older than 24. This was broken for older policy versions when we updated to version 24. Change-Id: I4063334c5c0462ef5c3706611c7dff5c60c612aa Signed-off-by: Stephen Smalley <[email protected]> --- src/expand.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/src/expand.c b/src/expand.c index acb6906..987714f 100644 --- a/src/expand.c +++ b/src/expand.c @@ -3256,12 +3256,12 @@ static int expand_avtab_node(avtab_key_t * k, avtab_datum_t * d, void *args) newkey.target_class = k->target_class; newkey.specified = k->specified; - if (stype->flavor != TYPE_ATTRIB && ttype->flavor != TYPE_ATTRIB) { + if (stype && ttype && stype->flavor != TYPE_ATTRIB && ttype->flavor != TYPE_ATTRIB) { /* Both are individual types, no expansion required. */ return expand_avtab_insert(expa, k, d); } - if (stype->flavor != TYPE_ATTRIB) { + if (stype && stype->flavor != TYPE_ATTRIB) { /* Source is an individual type, target is an attribute. */ newkey.source_type = k->source_type; ebitmap_for_each_bit(tattr, tnode, j) { @@ -3275,7 +3275,7 @@ static int expand_avtab_node(avtab_key_t * k, avtab_datum_t * d, void *args) return 0; } - if (ttype->flavor != TYPE_ATTRIB) { + if (ttype && ttype->flavor != TYPE_ATTRIB) { /* Target is an individual type, source is an attribute. */ newkey.target_type = k->target_type; ebitmap_for_each_bit(sattr, snode, i) { @@ -3386,12 +3386,12 @@ int expand_cond_av_node(policydb_t * p, newkey.target_class = k->target_class; newkey.specified = k->specified; - if (stype->flavor != TYPE_ATTRIB && ttype->flavor != TYPE_ATTRIB) { + if (stype && ttype && stype->flavor != TYPE_ATTRIB && ttype->flavor != TYPE_ATTRIB) { /* Both are individual types, no expansion required. */ return expand_cond_insert(newl, expa, k, d); } - if (stype->flavor != TYPE_ATTRIB) { + if (stype && stype->flavor != TYPE_ATTRIB) { /* Source is an individual type, target is an attribute. */ newkey.source_type = k->source_type; ebitmap_for_each_bit(tattr, tnode, j) { @@ -3405,7 +3405,7 @@ int expand_cond_av_node(policydb_t * p, return 0; } - if (ttype->flavor != TYPE_ATTRIB) { + if (ttype && ttype->flavor != TYPE_ATTRIB) { /* Target is an individual type, source is an attribute. */ newkey.target_type = k->target_type; ebitmap_for_each_bit(sattr, snode, i) { -- 1.8.3.1
_______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
