libsepol: ensure the level context is not empty

When load_users() parses an invalid line with an empty level context (ie. nothing between "level" and "range" keywords), it allocates memory with malloc(0) and uses it. The behavior of malloc() in this case is an unspecified behavior: it might return NULL, which would lead to a segmentation fault. Fix this issue by reporting the invalid entry instead. While at it, ensure that the character before "range" is a space, and change the logic slightly in order to avoid using "--p; ... p++;". This issue is reported by clang's static analyzer with the following message: genusers.c:222:11: warning: Use of zero-allocated memory *r++ = *s; ^ genusers.c:225:7: warning: Use of zero-allocated memory *r = 0; ^ Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2024-12-27 00:12:05 +00:00 · 2018-04-13 22:34:21 +02:00 · 2018-04-13 22:34:21 +02:00 · 3dd5dd8a07
commit 3dd5dd8a07
parent 9fc2301047
1 changed files with 3 additions and 3 deletions
--- a/libsepol/src/genusers.c
+++ b/libsepol/src/genusers.c
@ -201,11 +201,11 @@ static int load_users(struct policydb *policydb, const char *path)
 			if (!(*p))
 				BADLINE();
 			q = p;
-			while (*p && strncasecmp(p, "range", 5))
+			while (*p && (!isspace(*p) || strncasecmp(p + 1, "range", 5)))
 				p++;
-			if (!(*p))
+			if (!(*p) || p == q)
 				BADLINE();
-			*--p = 0;
+			*p = 0;
 			p++;

 			scontext = malloc(p - q);