From 2e5fd8c5f2b39c3016dc99aef66b1f1fa592a2d6 Mon Sep 17 00:00:00 2001 From: Xin Ouyang Date: Tue, 25 Dec 2012 11:16:13 +0800 Subject: libsemanage: fix path length limits. Signed-off-by: Xin Ouyang --- .../libsemanage-fix-path-len-limit.patch | 28 ++++++++++++++++++++++ recipes-security/selinux/libsemanage_2.1.6.bb | 9 +++---- recipes-security/selinux/libsemanage_git.bb | 9 +++---- 3 files changed, 38 insertions(+), 8 deletions(-) create mode 100644 recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch diff --git a/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch b/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch new file mode 100644 index 0000000..c98f3fc --- /dev/null +++ b/recipes-security/selinux/libsemanage/libsemanage-fix-path-len-limit.patch @@ -0,0 +1,28 @@ +Subject: [PATCH] libsemanage: fix path length limit + +semanage_remove_directory uses NAME_MAX(255) as the max length of +file pathes, this will cause failures when the path length>255. + +Upstream-Status: pending + +Signed-off-by: Xin Ouyang +--- + src/semanage_store.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/semanage_store.c b/src/semanage_store.c +index 3fd4996..251a2d6 100644 +--- a/src/semanage_store.c ++++ b/src/semanage_store.c +@@ -580,7 +580,7 @@ int semanage_remove_directory(const char *path) + return -1; + } + for (i = 0; i < num_entries; i++) { +- char s[NAME_MAX]; ++ char s[PATH_MAX]; + struct stat buf; + snprintf(s, sizeof(s), "%s/%s", path, namelist[i]->d_name); + if (stat(s, &buf) == -1) { +-- +1.7.9.5 + diff --git a/recipes-security/selinux/libsemanage_2.1.6.bb b/recipes-security/selinux/libsemanage_2.1.6.bb index aa3dcd9..b808b68 100644 --- a/recipes-security/selinux/libsemanage_2.1.6.bb +++ b/recipes-security/selinux/libsemanage_2.1.6.bb @@ -4,7 +4,7 @@ It is used by checkpolicy (the policy compiler) and similar tools, as well \ as by programs like load_policy that need to perform specific transformations \ on binary policies such as customizing policy boolean settings." SECTION = "base" -PR = "r2" +PR = "r3" LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" @@ -16,9 +16,10 @@ SRC_URI[sha256sum] = "64e6849fe50fb463ec0ba24653a26e3452fa4aaa7d7e192213d5c5a7c5 DEPENDS += "libsepol libselinux ustr bzip2 python bison-native flex-native" -SRC_URI += "file://Fix-segfault-for-standard-policy.patch" -SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch" -SRC_URI += "file://libsemanage-semanage.conf-for-cross-compile.patch" +SRC_URI += "file://Fix-segfault-for-standard-policy.patch \ + file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ + file://libsemanage-semanage.conf-for-cross-compile.patch \ + file://libsemanage-fix-path-len-limit.patch" PACKAGES += "${PN}-python" FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*" diff --git a/recipes-security/selinux/libsemanage_git.bb b/recipes-security/selinux/libsemanage_git.bb index 776a54b..71cb1ab 100644 --- a/recipes-security/selinux/libsemanage_git.bb +++ b/recipes-security/selinux/libsemanage_git.bb @@ -4,7 +4,7 @@ It is used by checkpolicy (the policy compiler) and similar tools, as well \ as by programs like load_policy that need to perform specific transformations \ on binary policies such as customizing policy boolean settings." SECTION = "base" -PR = "r2" +PR = "r3" LICENSE = "LGPLv2.1+" LIC_FILES_CHKSUM = "file://COPYING;md5=a6f89e2100d9b6cdffcea4f398e37343" DEFAULT_PREFERENCE = "-1" @@ -17,9 +17,10 @@ PV = "2.1.6+git${SRCPV}" DEPENDS += "libsepol libselinux ustr bzip2 python bison-native flex-native" -SRC_URI += "file://Fix-segfault-for-standard-policy.patch" -SRC_URI += "file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch" -SRC_URI += "file://libsemanage-semanage.conf-for-cross-compile.patch" +SRC_URI += "file://Fix-segfault-for-standard-policy.patch \ + file://libsemanage-Fix-execve-segfaults-on-Ubuntu.patch \ + file://libsemanage-semanage.conf-for-cross-compile.patch \ + file://libsemanage-fix-path-len-limit.patch" PACKAGES += "${PN}-python" FILES_${PN}-python = "${libdir}/python${PYTHON_BASEVERSION}/site-packages/*" -- cgit v1.2.3-54-g00ecf