Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!
Bug 196446 - pam-0.78-r5 has bug in pam-0.78-selinux.patch
Summary: pam-0.78-r5 has bug in pam-0.78-selinux.patch
Status: RESOLVED INVALID
Alias: None
Product: Gentoo Linux
Classification: Unclassified
Component: New packages (show other bugs)
Hardware: x86 Linux
: High normal (vote)
Assignee: SE Linux Bugs
URL:
Whiteboard:
Keywords:
Depends on:
Blocks:
 
Reported: 2007-10-19 19:37 UTC by Dan A. Dickey
Modified: 2008-10-03 13:48 UTC (History)
0 users

See Also:
Package list:
Runtime testing required: ---

Attachments
Add an attachment (proposed patch, testcase, etc.)

Note You need to log in before you can comment on or make changes to this bug.
Description Dan A. Dickey 2007-10-19 19:37:23 UTC 
From inspection, the file pam-0.78-selinux.patch has a bug in it at line 584.
The relevant lines of the patch read:
+  status=setexeccon(prev_user_context);
+  freecon(prev_user_context);
+  if (status) {
+    syslog(LOG_ERR, _("Error!  Unable to set executable context %s."),
+           prev_user_context);
+    return PAM_AUTH_ERR;
+  }

So, the call to setexeccon is made - followed by the freecon() call.
If status was set, the call to syslog() uses prev_user_context -
which was just freed!

I'm not sure if this actually causes a problem or not, but got involved with
this while trying to track down a problem with sshd and selinux.
Comment 1 Chris PeBenito (RETIRED) gentoo-dev 2008-10-03 13:48:50 UTC 
this version of pam is no longer in the tree