mkswap: possible to crash with SELinux relabeling support

When fgetfilecon() is failed with -ENODATA, this process does not
exit.  However, "oldcontext" is not initialized in this case, so
context_new() will be called with uninitialized "oldcontext" at the
next.

Finally, it makes a segmentation fault, because context_new() have to
refer an incorrect memory region.

The attached patch fixes this matter using matchpathcon().  If we
cannot obtain actual file context due to -ENODATA, a context which is
returned by matchpathcon() is applied as oldcontext.  Then, the type
of the context is relabeled to "swapfile_t" explicitly.

Signed-off-by: KaiGai Kohei <kaigai@kaigai.gr.jp>
Signed-off-by: Karel Zak <kzak@redhat.com>

1 files changed, 9 insertions, 6 deletions

diff --git a/disk-utils/mkswap.c b/disk-utils/mkswap.c
index 6af1ff7bb..2394368b7 100644
--- a/disk-utils/mkswap.c
+++ b/disk-utils/mkswap.c
@@ -738,12 +738,15 @@ the -f option to force it.\n"),
 		security_context_t oldcontext;
 		context_t newcontext;
 
-		if ((fgetfilecon(DEV, &oldcontext) < 0) &&
-		    (errno != ENODATA)) {
-			fprintf(stderr, _("%s: %s: unable to obtain selinux file label: %s\n"),
-					program_name, device_name,
-					strerror(errno));
-			exit(1);
+		if (fgetfilecon(DEV, &oldcontext) < 0) {
+			if (errno != ENODATA) {
+				fprintf(stderr, _("%s: %s: unable to obtain selinux file label: %s\n"),
+						program_name, device_name,
+						strerror(errno));
+				exit(1);
+			}
+			if (matchpathcon(device_name, statbuf.st_mode, &oldcontext))
+				die(_("unable to matchpathcon()"));
 		}
 		if (!(newcontext = context_new(oldcontext)))
 			die(_("unable to create new selinux context"));