coreutils: fix segfault for ls --context

Yi Zhao · rpurdie · commit 414c7767fbfe · 2025-03-24T17:18:17.000Z
Backport a patch to fix crash for ls --context when enable selinux:

root@qemux86-64:~# ls -Z /home
Segmentation fault (core dumped)

Signed-off-by: Yi Zhao &lt;yi.zhao@windriver.com&gt;
Signed-off-by: Richard Purdie &lt;richard.purdie@linuxfoundation.org&gt;
diff --git a/meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch b/meta/recipes-core/coreutils/coreutils/0001-ls-fix-crash-with-context.patch
@@ -0,0 +1,101 @@
+From 43a63408630e5064317823702518099f0ea652dd Mon Sep 17 00:00:00 2001
+From: =?UTF-8?q?P=C3=A1draig=20Brady?= <P@draigBrady.com>
+Date: Fri, 17 Jan 2025 17:29:34 +0000
+Subject: [PATCH] ls: fix crash with --context
+
+* src/ls.c (main): Flag that we need to stat()
+if we're going to get security context (call file_has_aclinfo_cache).
+(file_has_aclinfo_cache): Be defensive and only lookup the device
+for the file if the stat has been performed.
+(has_capability_cache): Likewise.
+* tests/ls/selinux-segfault.sh: Add a test case.
+* NEWS: Mention the bug fix.
+Reported by Bruno Haible.
+
+Upstream-Status: Backport
+[https://git.savannah.gnu.org/cgit/coreutils.git/commit/?id=915004f403cb25fadb207ddfdbe6a2f43bd44fac]
+
+Signed-off-by: Yi Zhao <yi.zhao@windriver.com>
+---
+ NEWS                         |  3 +++
+ src/ls.c                     | 10 +++++-----
+ tests/ls/selinux-segfault.sh |  3 +++
+ 3 files changed, 11 insertions(+), 5 deletions(-)
+
+diff --git a/NEWS b/NEWS
+index 3799f75..65867f9 100644
+--- a/NEWS
++++ b/NEWS
+@@ -4,6 +4,9 @@ GNU coreutils NEWS                                    -*- outline -*-
+ 
+ ** Bug fixes
+ 
++  `ls -Z dir` would crash.
++  [bug introduced in coreutils-9.6]
++
+   cp fixes support for --update=none-fail, which would have been
+   rejected as an invalid option.
+   [bug introduced in coreutils-9.5]
+diff --git a/src/ls.c b/src/ls.c
+index 3215360..f67167f 100644
+--- a/src/ls.c
++++ b/src/ls.c
+@@ -1768,7 +1768,7 @@ main (int argc, char **argv)
+ 
+   format_needs_stat = ((sort_type == sort_time) | (sort_type == sort_size)
+                        | (format == long_format)
+-                       | print_block_size | print_hyperlink);
++                       | print_block_size | print_hyperlink | print_scontext);
+   format_needs_type = ((! format_needs_stat)
+                        & (recursive | print_with_color | print_scontext
+                           | directories_first
+@@ -3309,7 +3309,7 @@ file_has_aclinfo_cache (char const *file, struct fileinfo *f,
+   static int unsupported_scontext_err;
+   static dev_t unsupported_device;
+ 
+-  if (f->stat.st_dev == unsupported_device)
++  if (f->stat_ok && f->stat.st_dev == unsupported_device)
+     {
+       ai->buf = ai->u.__gl_acl_ch;
+       ai->size = 0;
+@@ -3322,7 +3322,7 @@ file_has_aclinfo_cache (char const *file, struct fileinfo *f,
+   errno = 0;
+   int n = file_has_aclinfo (file, ai, flags);
+   int err = errno;
+-  if (n <= 0 && !acl_errno_valid (err))
++  if (f->stat_ok && n <= 0 && !acl_errno_valid (err))
+     {
+       unsupported_return = n;
+       unsupported_scontext = ai->scontext;
+@@ -3342,14 +3342,14 @@ has_capability_cache (char const *file, struct fileinfo *f)
+      found that has_capability fails indicating lack of support.  */
+   static dev_t unsupported_device;
+ 
+-  if (f->stat.st_dev == unsupported_device)
++  if (f->stat_ok && f->stat.st_dev == unsupported_device)
+     {
+       errno = ENOTSUP;
+       return 0;
+     }
+ 
+   bool b = has_capability (file);
+-  if ( !b && !acl_errno_valid (errno))
++  if (f->stat_ok && !b && !acl_errno_valid (errno))
+     unsupported_device = f->stat.st_dev;
+   return b;
+ }
+diff --git a/tests/ls/selinux-segfault.sh b/tests/ls/selinux-segfault.sh
+index 11623ac..1cac2b5 100755
+--- a/tests/ls/selinux-segfault.sh
++++ b/tests/ls/selinux-segfault.sh
+@@ -30,4 +30,7 @@ mkdir sedir || framework_failure_
+ ln -sf missing sedir/broken || framework_failure_
+ returns_ 1 ls -L -R -Z -m sedir > out || fail=1
+ 
++# ls 9.6 would segfault with the following
++ls -Z . > out || fail=1
++
+ Exit $fail
+-- 
+2.34.1
+
diff --git a/meta/recipes-core/coreutils/coreutils_9.6.bb b/meta/recipes-core/coreutils/coreutils_9.6.bb
@@ -17,6 +17,7 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \
            file://remove-usr-local-lib-from-m4.patch \
            file://0001-local.mk-fix-cross-compiling-problem.patch \
            file://intermittent-testfailure.patch \
+           file://0001-ls-fix-crash-with-context.patch \
            file://run-ptest \
            "
 SRC_URI[sha256sum] = "7a0124327b398fd9eb1a6abde583389821422c744ffa10734b24f557610d3283"

Original file line number	Diff line number	Diff line change
`@@ -17,6 +17,7 @@ SRC_URI = "${GNU_MIRROR}/coreutils/${BP}.tar.xz \`
`17`	`17`	`file://remove-usr-local-lib-from-m4.patch \`
`18`	`18`	`file://0001-local.mk-fix-cross-compiling-problem.patch \`
`19`	`19`	`file://intermittent-testfailure.patch \`
	`20`	`+ file://0001-ls-fix-crash-with-context.patch \`
`20`	`21`	`file://run-ptest \`
`21`	`22`	`"`
`22`	`23`	`SRC_URI[sha256sum] = "7a0124327b398fd9eb1a6abde583389821422c744ffa10734b24f557610d3283"`