useradd: fix uninitialized flags causing aarch64 failure #1396
Conversation
|
As an additional comment, I wonder if we should do the same in all definitions of |
Initialize option_flags structure to prevent garbage memory values in `flags.chroot` and `flags.prefix` fields. Uninitialized memory caused architecture-specific failures where process_selinux evaluation differed between x86_64 and aarch64, leading to `pw_close()` failures when SELinux contexts weren't properly managed. Fixes: c0c9485 (2025-04-25; "src/useradd.c: chroot or prefix SELinux file context") Link: <https://bodhi.fedoraproject.org/updates/FEDORA-2025-3d835cfb15> Signed-off-by: Iker Pedrosa <ipedrosa@redhat.com>
alejandro-colomar
left a comment
alejandro-colomar
left a comment
There was a problem hiding this comment.
Thanks! LGTM.
Reviewed-by: Alejandro Colomar <alx@kernel.org>
|
BTW, the commit that this fixes touched many more files. Did you check if any other files may have similar issues? |
|
This issue was detected by an automated test and I think that only tests
I wanted to have the fix ready for WDYT? Should we also make similar changes in other binaries? |
Fixes: c0c9485 (2025-10-07; "src/useradd.c: chroot or prefix SELinux file context") Link: <shadow-maint#1396> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
Well, the fix was obviously good, so I merged it. :)
Yup, I've checked the source code, and the bug affects all binaries. I've pushed a fix in #1400 . |
In all these functions, we were setting the flags to 'true' in process_flags() if the appropriate command-line flag was specified. However, they were never being defined to 'false', which should be the default value. Initialize these flags to false. Fixes: c0c9485 (2025-10-07; "src/useradd.c: chroot or prefix SELinux file context") Link: <shadow-maint#1396> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
In all these functions, we were setting the flags to 'true' in process_flags() if the appropriate command-line flag was specified. However, they were never being defined to 'false', which should be the default value. Initialize these flags to false. Fixes: c0c9485 (2025-10-07; "src/useradd.c: chroot or prefix SELinux file context") Link: <shadow-maint#1396> Reviewed-by: Serge Hallyn <serge@hallyn.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
In all these functions, we were setting the flags to 'true' in process_flags() if the appropriate command-line flag was specified. However, they were never being defined to 'false', which should be the default value. Initialize these flags to false. Fixes: c0c9485 (2025-10-07; "src/useradd.c: chroot or prefix SELinux file context") Link: <#1396> Reviewed-by: Serge Hallyn <serge@hallyn.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
In all these functions, we were setting the flags to 'true' in process_flags() if the appropriate command-line flag was specified. However, they were never being defined to 'false', which should be the default value. Initialize these flags to false. Fixes: c0c9485 (2025-10-07; "src/useradd.c: chroot or prefix SELinux file context") Link: <shadow-maint#1396> Reviewed-by: Serge Hallyn <serge@hallyn.com> Cc: Iker Pedrosa <ipedrosa@redhat.com> Signed-off-by: Alejandro Colomar <alx@kernel.org>
2 participants
Initialize option_flags structure to prevent garbage memory values in
flags.chrootandflags.prefixfields. Uninitialized memory caused architecture-specific failures where process_selinux evaluation differed between x86_64 and aarch64, leading topw_close()failures when SELinux contexts weren't properly managed.Fixes: c0c9485 (2025-04-25; "src/useradd.c: chroot or prefix SELinux file context")
Link: https://bodhi.fedoraproject.org/updates/FEDORA-2025-3d835cfb15