All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH] python/semanage: check variable type of port before trying to split
@ 2019-12-07  0:17 Joshua Schmidlkofer
  2019-12-10 20:38 ` Stephen Smalley
  0 siblings, 1 reply; 3+ messages in thread
From: Joshua Schmidlkofer @ 2019-12-07  0:17 UTC (permalink / raw)
  To: selinux

While using Ansible's Selinux module to manage ports, I discovered
that numerical ports caused an unhandled exception in 'seobject.py'.
This appears to be a bug, and I am proposing a fix which checks the
type of the argument before operating on it.  This maintains the
original functionality in the case of a string, and acts in the same
fashion if you supply an integer.

I did not find any open bug report against the SELinux project. The
downstream bug report is here:
https://github.com/ansible/ansible/issues/60968


Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us>
---
 python/semanage/seobject.py | 6 +++++-
 1 file changed, 5 insertions(+), 1 deletion(-)

diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
index dc413ca5..0e9ce290 100644
--- a/python/semanage/seobject.py
+++ b/python/semanage/seobject.py
@@ -1070,7 +1070,11 @@ class portRecords(semanageRecords):
         if port == "":
             raise ValueError(_("Port is required"))

-        ports = port.split("-")
+        if isinstance(port, str):
+            ports = port.split('-', 1)
+        else:
+            ports = (port,)
+
         if len(ports) == 1:
             high = low = int(ports[0])
         else:
--
2.23.0

^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH] python/semanage: check variable type of port before trying to split
  2019-12-07  0:17 [PATCH] python/semanage: check variable type of port before trying to split Joshua Schmidlkofer
@ 2019-12-10 20:38 ` Stephen Smalley
  2019-12-11 15:54   ` Stephen Smalley
  0 siblings, 1 reply; 3+ messages in thread
From: Stephen Smalley @ 2019-12-10 20:38 UTC (permalink / raw)
  To: Joshua Schmidlkofer, selinux

On 12/6/19 7:17 PM, Joshua Schmidlkofer wrote:
> While using Ansible's Selinux module to manage ports, I discovered
> that numerical ports caused an unhandled exception in 'seobject.py'.
> This appears to be a bug, and I am proposing a fix which checks the
> type of the argument before operating on it.  This maintains the
> original functionality in the case of a string, and acts in the same
> fashion if you supply an integer.
> 
> I did not find any open bug report against the SELinux project. The
> downstream bug report is here:
> https://github.com/ansible/ansible/issues/60968
> 
> 
> Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us>

Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

> ---
>   python/semanage/seobject.py | 6 +++++-
>   1 file changed, 5 insertions(+), 1 deletion(-)
> 
> diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
> index dc413ca5..0e9ce290 100644
> --- a/python/semanage/seobject.py
> +++ b/python/semanage/seobject.py
> @@ -1070,7 +1070,11 @@ class portRecords(semanageRecords):
>           if port == "":
>               raise ValueError(_("Port is required"))
> 
> -        ports = port.split("-")
> +        if isinstance(port, str):
> +            ports = port.split('-', 1)
> +        else:
> +            ports = (port,)
> +
>           if len(ports) == 1:
>               high = low = int(ports[0])
>           else:
> --
> 2.23.0
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread
* Re: [PATCH] python/semanage: check variable type of port before trying to split
  2019-12-10 20:38 ` Stephen Smalley
@ 2019-12-11 15:54   ` Stephen Smalley
  0 siblings, 0 replies; 3+ messages in thread
From: Stephen Smalley @ 2019-12-11 15:54 UTC (permalink / raw)
  To: Joshua Schmidlkofer, selinux

On 12/10/19 3:38 PM, Stephen Smalley wrote:
> On 12/6/19 7:17 PM, Joshua Schmidlkofer wrote:
>> While using Ansible's Selinux module to manage ports, I discovered
>> that numerical ports caused an unhandled exception in 'seobject.py'.
>> This appears to be a bug, and I am proposing a fix which checks the
>> type of the argument before operating on it.  This maintains the
>> original functionality in the case of a string, and acts in the same
>> fashion if you supply an integer.
>>
>> I did not find any open bug report against the SELinux project. The
>> downstream bug report is here:
>> https://github.com/ansible/ansible/issues/60968
>>
>>
>> Signed-off-by: Joshua Schmidlkofer <joshua@joshuainnovates.us>
> 
> Acked-by: Stephen Smalley <sds@tycho.nsa.gov>

Thanks, applied.

> 
>> ---
>>   python/semanage/seobject.py | 6 +++++-
>>   1 file changed, 5 insertions(+), 1 deletion(-)
>>
>> diff --git a/python/semanage/seobject.py b/python/semanage/seobject.py
>> index dc413ca5..0e9ce290 100644
>> --- a/python/semanage/seobject.py
>> +++ b/python/semanage/seobject.py
>> @@ -1070,7 +1070,11 @@ class portRecords(semanageRecords):
>>           if port == "":
>>               raise ValueError(_("Port is required"))
>>
>> -        ports = port.split("-")
>> +        if isinstance(port, str):
>> +            ports = port.split('-', 1)
>> +        else:
>> +            ports = (port,)
>> +
>>           if len(ports) == 1:
>>               high = low = int(ports[0])
>>           else:
>> -- 
>> 2.23.0
>>
> 


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2019-12-11 15:54 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-12-07  0:17 [PATCH] python/semanage: check variable type of port before trying to split Joshua Schmidlkofer
2019-12-10 20:38 ` Stephen Smalley
2019-12-11 15:54   ` Stephen Smalley

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.