libsemanage: allow spaces in user/group names

"semanage login -a" accepts whitespaces in user/group name (e.g. users/groups from Active Directory), which may lead to issues down the line since libsemanage doesn't expect whitespaces in /var/lib/selinux/targeted/active/seusers and other config files. Fixes: Artificial but simple reproducer # groupadd server_admins # sed -i "s/^server_admins/server admins/" /etc/group # semanage login -a -s staff_u %server\ admins # semanage login -l (or "semodule -B") libsemanage.parse_assert_ch: expected character ':', but found 'a' (/var/lib/selinux/targeted/active/seusers: 6): %server admins:staff_u:s0-s0:c0.c1023 (No such file or directory). libsemanage.seuser_parse: could not parse seuser record (No such file or directory). libsemanage.dbase_file_cache: could not cache file database (No such file or directory). libsemanage.enter_ro: could not enter read-only section (No such file or directory). FileNotFoundError: [Errno 2] No such file or directory Signed-off-by: Vit Mojzis <[email protected]>
SELinuxProject · Mar 3, 2022 · c79d38f · c79d38f
1 parent 4bab3ec
commit c79d38f
Show file tree

Hide file tree

Showing 12 changed files with 33 additions and 35 deletions.
diff --git a/libsemanage/src/booleans_file.c b/libsemanage/src/booleans_file.c
@@ -48,7 +48,7 @@ static int bool_parse(semanage_handle_t * handle,
  goto last;
 
  /* Extract name */
- if (parse_fetch_string(handle, info, &str, '=') < 0)
+ if (parse_fetch_string(handle, info, &str, '=', 0) < 0)
  goto err;
 
  if (semanage_bool_set_name(handle, boolean, str) < 0)

diff --git a/libsemanage/src/fcontexts_file.c b/libsemanage/src/fcontexts_file.c
@@ -90,7 +90,7 @@ static int fcontext_parse(semanage_handle_t * handle,
  goto last;
 
  /* Regexp */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_fcontext_set_expr(handle, fcontext, str) < 0)
  goto err;
@@ -100,7 +100,7 @@ static int fcontext_parse(semanage_handle_t * handle,
  /* Type */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (!strcasecmp(str, "-s"))
  semanage_fcontext_set_type(fcontext, SEMANAGE_FCONTEXT_SOCK);
@@ -124,7 +124,7 @@ static int fcontext_parse(semanage_handle_t * handle,
  /* Context */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
 
  process_context:

diff --git a/libsemanage/src/ibendports_file.c b/libsemanage/src/ibendports_file.c
@@ -75,7 +75,7 @@ static int ibendport_parse(semanage_handle_t *handle,
  goto err;
 
  /* IB Device Name */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_ibendport_set_ibdev_name(handle, ibendport, str) < 0)
  goto err;
@@ -92,7 +92,7 @@ static int ibendport_parse(semanage_handle_t *handle,
  /* context */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",

diff --git a/libsemanage/src/ibpkeys_file.c b/libsemanage/src/ibpkeys_file.c
@@ -80,7 +80,7 @@ static int ibpkey_parse(semanage_handle_t *handle,
  goto err;
 
  /* Subnet Prefix */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_ibpkey_set_subnet_prefix(handle, ibpkey, str) < 0)
  goto err;
@@ -115,7 +115,7 @@ static int ibpkey_parse(semanage_handle_t *handle,
  semanage_ibpkey_set_pkey(ibpkey, low);
  }
  /* Pkey context */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",

diff --git a/libsemanage/src/interfaces_file.c b/libsemanage/src/interfaces_file.c
@@ -72,7 +72,7 @@ static int iface_parse(semanage_handle_t * handle,
  goto err;
 
  /* Name */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_iface_set_name(handle, iface, str) < 0)
  goto err;
@@ -82,7 +82,7 @@ static int iface_parse(semanage_handle_t * handle,
  /* Interface context */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",
@@ -106,7 +106,7 @@ static int iface_parse(semanage_handle_t * handle,
  /* Message context */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",

diff --git a/libsemanage/src/nodes_file.c b/libsemanage/src/nodes_file.c
@@ -77,7 +77,7 @@ static int node_parse(semanage_handle_t * handle,
  goto err;
 
  /* Protocol */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (!strcasecmp(str, "ipv4"))
  proto = SEMANAGE_PROTO_IP4;
@@ -96,7 +96,7 @@ static int node_parse(semanage_handle_t * handle,
  /* Address */
  if (parse_assert_space(handle, info) < 0)
  goto err;
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_node_set_addr(handle, node, proto, str) < 0)
  goto err;
@@ -106,7 +106,7 @@ static int node_parse(semanage_handle_t * handle,
  str = NULL;
 
  /* Netmask */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_node_set_mask(handle, node, proto, str) < 0)
  goto err;
@@ -116,7 +116,7 @@ static int node_parse(semanage_handle_t * handle,
  str = NULL;
 
  /* Port context */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",

diff --git a/libsemanage/src/parse_utils.c b/libsemanage/src/parse_utils.c
@@ -239,7 +239,7 @@ int parse_fetch_int(semanage_handle_t * handle,
  char *test = NULL;
  int value = 0;
 
- if (parse_fetch_string(handle, info, &str, delim) < 0)
+ if (parse_fetch_string(handle, info, &str, delim, 0) < 0)
  goto err;
 
  if (!isdigit((int)*str)) {
@@ -267,7 +267,7 @@ int parse_fetch_int(semanage_handle_t * handle,
 }
 
 int parse_fetch_string(semanage_handle_t * handle,
- parse_info_t * info, char **str, char delim)
+ parse_info_t * info, char **str, char delim, int allow_spaces)
 {
 
  char *start = info->ptr;
@@ -277,7 +277,7 @@ int parse_fetch_string(semanage_handle_t * handle,
  if (parse_assert_noeof(handle, info) < 0)
  goto err;
 
- while (*(info->ptr) && !isspace(*(info->ptr)) &&
+ while (*(info->ptr) && (allow_spaces || !isspace(*(info->ptr))) &&
  (*(info->ptr) != delim)) {
  info->ptr++;
  len++;

diff --git a/libsemanage/src/parse_utils.h b/libsemanage/src/parse_utils.h
@@ -71,12 +71,11 @@ extern int parse_optional_str(parse_info_t * info, const char *str);
 int parse_fetch_int(semanage_handle_t * hgandle,
  parse_info_t * info, int *num, char delim);
 
-/* Extract the next string (delimited by 
- * whitespace), and move the read pointer past it.
- * Stop of the optional character delim is encountered,
- * or if whitespace/eof is encountered. Fail if the
- * string is of length 0. */
+/* Extract the next string and move the read pointer past it.
+ * Stop if the optional character delim (or eof) is encountered,
+ * or if whitespace is encountered and allow_spaces is 0.
+ * Fail if the string is of length 0. */
 extern int parse_fetch_string(semanage_handle_t * handle,
- parse_info_t * info, char **str_ptr, char delim);
+ parse_info_t * info, char **str_ptr, char delim, int allow_spaces);
 
 #endif
diff --git a/libsemanage/src/ports_file.c b/libsemanage/src/ports_file.c
@@ -77,7 +77,7 @@ static int port_parse(semanage_handle_t * handle,
  goto err;
 
  /* Protocol */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (!strcasecmp(str, "tcp"))
  semanage_port_set_proto(port, SEMANAGE_PROTO_TCP);
@@ -123,7 +123,7 @@ static int port_parse(semanage_handle_t * handle,
  semanage_port_set_port(port, low);
 
  /* Port context */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_context_from_string(handle, str, &con) < 0) {
  ERR(handle, "invalid security context \"%s\" (%s: %u)\n%s",

diff --git a/libsemanage/src/seusers_file.c b/libsemanage/src/seusers_file.c
@@ -53,7 +53,7 @@ static int seuser_parse(semanage_handle_t * handle,
  goto last;
 
  /* Extract name */
- if (parse_fetch_string(handle, info, &str, ':') < 0)
+ if (parse_fetch_string(handle, info, &str, ':', 1) < 0)
  goto err;
  if (semanage_seuser_set_name(handle, seuser, str) < 0)
  goto err;
@@ -68,7 +68,7 @@ static int seuser_parse(semanage_handle_t * handle,
  goto err;
 
  /* Extract sename */
- if (parse_fetch_string(handle, info, &str, ':') < 0)
+ if (parse_fetch_string(handle, info, &str, ':', 1) < 0)
  goto err;
  if (semanage_seuser_set_sename(handle, seuser, str) < 0)
  goto err;
@@ -83,7 +83,7 @@ static int seuser_parse(semanage_handle_t * handle,
  goto err;
 
  /* NOTE: does not allow spaces/multiline */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
 
  if (semanage_seuser_set_mlsrange(handle, seuser, str) < 0)

diff --git a/libsemanage/src/users_base_file.c b/libsemanage/src/users_base_file.c
@@ -83,7 +83,7 @@ static int user_base_parse(semanage_handle_t * handle,
  goto err;
 
  /* Parse user name */
- if (parse_fetch_string(handle, info, &name_str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &name_str, ' ', 0) < 0)
  goto err;
 
  if (semanage_user_base_set_name(handle, user, name_str) < 0) {
@@ -150,7 +150,7 @@ static int user_base_parse(semanage_handle_t * handle,
  goto err;
 
  /* NOTE: does not allow spaces/multiline */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_user_base_set_mlslevel(handle, user, str) < 0)
  goto err;
@@ -165,8 +165,7 @@ static int user_base_parse(semanage_handle_t * handle,
  if (parse_assert_space(handle, info) < 0)
  goto err;
 
- /* NOTE: does not allow spaces/multiline */
- if (parse_fetch_string(handle, info, &str, ';') < 0)
+ if (parse_fetch_string(handle, info, &str, ';', 1) < 0)
  goto err;
  if (semanage_user_base_set_mlsrange(handle, user, str) < 0)
  goto err;

diff --git a/libsemanage/src/users_extra_file.c b/libsemanage/src/users_extra_file.c
@@ -57,7 +57,7 @@ static int user_extra_parse(semanage_handle_t * handle,
  goto err;
 
  /* Extract name */
- if (parse_fetch_string(handle, info, &str, ' ') < 0)
+ if (parse_fetch_string(handle, info, &str, ' ', 0) < 0)
  goto err;
  if (semanage_user_extra_set_name(handle, user_extra, str) < 0)
  goto err;
@@ -73,7 +73,7 @@ static int user_extra_parse(semanage_handle_t * handle,
  goto err;
 
  /* Extract prefix */
- if (parse_fetch_string(handle, info, &str, ';') < 0)
+ if (parse_fetch_string(handle, info, &str, ';', 1) < 0)
  goto err;
  if (semanage_user_extra_set_prefix(handle, user_extra, str) < 0)
  goto err;