From patchwork Wed Aug 17 19:15:38 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Stephen Smalley <sds@tycho.nsa.gov>
X-Patchwork-Id: 9286363
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	240F660459 for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 17 Aug 2016 19:14:14 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 10FE329089
	for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 17 Aug 2016 19:14:14 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id 05934293E7; Wed, 17 Aug 2016 19:14:14 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-1.9 required=2.0 tests=BAYES_00 autolearn=ham
	version=3.3.1
Received: from emsm-gh1-uea10.nsa.gov (emsm-gh1-uea10.nsa.gov [8.44.101.8])
	(using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256
	bits)) (No client certificate requested)
	by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 92A8D29089
	for <patchwork-selinux@patchwork.kernel.org>;
	Wed, 17 Aug 2016 19:14:09 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.28,535,1464652800"; d="scan'208";a="16695014"
IronPort-PHdr: =?us-ascii?q?9a23=3A5OWTeBTjymbqKOax6qphB/ETm9psv+yvbD5Q0YIu?=
	=?us-ascii?q?jvd0So/mwa64YxeN2/xhgRfzUJnB7Loc0qyN4vmmAzZLuczJ8ChbNscdD1ld0Y?=
	=?us-ascii?q?RetjdjKfbNMVf8Iv/uYn5yN+V5f3ghwUuGN1NIEt31fVzYry76xzcTHhLiKVg9?=
	=?us-ascii?q?fbytScbshsi6n9q/54fUK10RwmHsOPUodl7u902R7pBQ2to6bP5pi1PgmThhQ6?=
	=?us-ascii?q?xu32RmJFaezV7Xx/yb29pdyRlWoO8r7MVaUK/3LOwSRL1cCyk6YShuvJW4/STZ?=
	=?us-ascii?q?SUOzwldUEiBMylsbSzTCuQr3Wpb3rzvSqvt22C7cO9b/C78zR2eM9aBuHST0hT?=
	=?us-ascii?q?8HOjhxy2Tejsh9neoPux66jwBuyI7TJoeOPbxxeb2LLoBSfnZIQssED38JOYi7?=
	=?us-ascii?q?dYZaSrBZMA=3D=3D?=
X-IPAS-Result: =?us-ascii?q?A2HuAwCbtrRX/wHyM5BeGgEBAQGDJlZtD7Mahi4gh3FMAQE?=
	=?us-ascii?q?BAQEBAQIBAlsngjIEAxGCHAIkExQgCwMDCQIXKQgIAwEtFR8LBRgEiBC9TyWPC?=
	=?us-ascii?q?REBhXcFiCqRGo8eAolrhVoCSI9rVIIPAxyBaFKFPoE2AQEB?=
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea10.nsa.gov with ESMTP; 17 Aug 2016 19:14:07 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7HJDlrt009985;
	Wed, 17 Aug 2016 15:13:53 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u7HJDkT6273179 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Wed, 17 Aug 2016 15:13:46 -0400
Received: from moss-pluto.infosec.tycho.ncsc.mil (moss-pluto
	[192.168.25.131])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id
	u7HJDjqO009974; Wed, 17 Aug 2016 15:13:45 -0400
From: Stephen Smalley <sds@tycho.nsa.gov>
To: selinux@tycho.nsa.gov
Subject: [PATCH] libselinux, sefcontext_compile: handle NULL pcre study data
Date: Wed, 17 Aug 2016 15:15:38 -0400
Message-Id: <1471461338-13426-1-git-send-email-sds@tycho.nsa.gov>
X-Mailer: git-send-email 2.7.4
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

pcre_study() can return a NULL result if no additional information
could be determined for the pattern.  Thus, sefcontext_compile
needs to correctly handle the case where the study data is NULL
when generating file_contexts.bin, and libselinux needs to correctly
handle it when loading file_contexts.bin.  Fix them both.

This change enables:
semanage fcontext -a -t httpd_exec_t "(/.*)?"
to succeed, since the regex itself is valid but there is no
additional information produced by pcre_study().

Reported-by: Vit Mojzis <vmojzis@redhat.com>
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
---
 libselinux/src/label_file.c           | 25 ++++++++++++++-----------
 libselinux/src/label_file.h           |  9 ++++++---
 libselinux/utils/sefcontext_compile.c | 21 +++++++++++++--------
 3 files changed, 33 insertions(+), 22 deletions(-)

diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c
index 071d902..c89bb35 100644
--- a/libselinux/src/label_file.c
+++ b/libselinux/src/label_file.c
@@ -388,18 +388,21 @@ static int load_mmap(struct selabel_handle *rec, const char *path,
 			rc = -1;
 			goto err;
 		}
-		spec->lsd.study_data = (void *)mmap_area->next_addr;
-		spec->lsd.flags |= PCRE_EXTRA_STUDY_DATA;
-		rc = next_entry(NULL, mmap_area, entry_len);
-		if (rc < 0)
-			goto err;
 
-		/* Check that study data lengths match. */
-		rc = pcre_fullinfo(spec->regex, &spec->lsd,
-				    PCRE_INFO_STUDYSIZE, &len);
-		if (rc < 0 || len != entry_len) {
-			rc = -1;
-			goto err;
+		if (entry_len) {
+			spec->lsd.study_data = (void *)mmap_area->next_addr;
+			spec->lsd.flags |= PCRE_EXTRA_STUDY_DATA;
+			rc = next_entry(NULL, mmap_area, entry_len);
+			if (rc < 0)
+				goto err;
+
+			/* Check that study data lengths match. */
+			rc = pcre_fullinfo(spec->regex, &spec->lsd,
+					   PCRE_INFO_STUDYSIZE, &len);
+			if (rc < 0 || len != entry_len) {
+				rc = -1;
+				goto err;
+			}
 		}
 
 		data->nspec++;
diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h
index 72fed1f..6d1e890 100644
--- a/libselinux/src/label_file.h
+++ b/libselinux/src/label_file.h
@@ -80,9 +80,12 @@ struct saved_data {
 
 static inline pcre_extra *get_pcre_extra(struct spec *spec)
 {
-	if (spec->from_mmap)
-		return &spec->lsd;
-	else
+	if (spec->from_mmap) {
+		if (spec->lsd.study_data)
+			return &spec->lsd;
+		else
+			return NULL;
+	} else
 		return spec->sd;
 }
 
diff --git a/libselinux/utils/sefcontext_compile.c b/libselinux/utils/sefcontext_compile.c
index d2578b6..fd6fb78 100644
--- a/libselinux/utils/sefcontext_compile.c
+++ b/libselinux/utils/sefcontext_compile.c
@@ -228,10 +228,13 @@ static int write_binary_file(struct saved_data *data, int fd)
 		if (len != to_write)
 			goto err;
 
-		/* determine the size of the pcre study info */
-		rc = pcre_fullinfo(re, sd, PCRE_INFO_STUDYSIZE, &size);
-		if (rc < 0)
-			goto err;
+		if (sd) {
+			/* determine the size of the pcre study info */
+			rc = pcre_fullinfo(re, sd, PCRE_INFO_STUDYSIZE, &size);
+			if (rc < 0)
+				goto err;
+		} else
+			size = 0;
 
 		/* write the number of bytes in the pcre study data */
 		to_write = size;
@@ -239,10 +242,12 @@ static int write_binary_file(struct saved_data *data, int fd)
 		if (len != 1)
 			goto err;
 
-		/* write the actual pcre study data as a char array */
-		len = fwrite(sd->study_data, 1, to_write, bin_file);
-		if (len != to_write)
-			goto err;
+		if (sd) {
+			/* write the actual pcre study data as a char array */
+			len = fwrite(sd->study_data, 1, to_write, bin_file);
+			if (len != to_write)
+				goto err;
+		}
 	}
 
 	rc = 0;