From c1ac1e463751f88f5c5c58c0bccc79df8bfe5570 Mon Sep 17 00:00:00 2001 From: =?utf8?q?Daniel=20P=2E=20Berrang=C3=A9?= Date: Tue, 2 Apr 2019 13:35:43 +0100 Subject: [PATCH] security: avoid use of dirent d_type field MIME-Version: 1.0 Content-Type: text/plain; charset=utf8 Content-Transfer-Encoding: 8bit The d_type field cannot be assumed to be filled. Some filesystems, such as older XFS, will simply report DT_UNKNOWN. Even if the d_type is filled in, the use of it in the SELinux functions is dubious. If labelling all files in a directory there's no reason to skip things which are not regular files. We merely need to skip "." and "..", which is done by virDirRead() already. Signed-off-by: Daniel P. Berrangé --- src/security/security_selinux.c | 6 ------ 1 file changed, 6 deletions(-) diff --git a/src/security/security_selinux.c b/src/security/security_selinux.c index 2fceb547b4..094272e084 100644 --- a/src/security/security_selinux.c +++ b/src/security/security_selinux.c @@ -3282,9 +3282,6 @@ virSecuritySELinuxSetFileLabels(virSecurityManagerPtr mgr, return -1; while ((ret = virDirRead(dir, &ent, path)) > 0) { - if (ent->d_type != DT_REG) - continue; - if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) { ret = -1; break; @@ -3334,9 +3331,6 @@ virSecuritySELinuxRestoreFileLabels(virSecurityManagerPtr mgr, return -1; while ((ret = virDirRead(dir, &ent, path)) > 0) { - if (ent->d_type != DT_REG) - continue; - if (virAsprintf(&filename, "%s/%s", path, ent->d_name) < 0) { ret = -1; break; -- 2.47.2