From 73d991abdc41b8e1380bfe05f031c822bfa0b515 Mon Sep 17 00:00:00 2001 From: James Carter Date: Thu, 13 May 2021 12:53:54 -0400 Subject: [PATCH] libsepol/cil: Pointers to datums should be set to NULL when resetting Set the pointer to the sensitivity in levels, the pointers to the low and high levels in levelranges, the pointer to the level in userlevels, the pointer to the range in userranges, and the pointers to contexts in ocontexts to NULL. Signed-off-by: James Carter --- libsepol/cil/src/cil_reset_ast.c | 56 ++++++++++++++++++++++++++++++-- 1 file changed, 53 insertions(+), 3 deletions(-) diff --git a/libsepol/cil/src/cil_reset_ast.c b/libsepol/cil/src/cil_reset_ast.c index d24d4f81..6d1d2da7 100644 --- a/libsepol/cil/src/cil_reset_ast.c +++ b/libsepol/cil/src/cil_reset_ast.c @@ -140,8 +140,11 @@ static void cil_reset_userattributeset(struct cil_userattributeset *uas) static void cil_reset_selinuxuser(struct cil_selinuxuser *selinuxuser) { + selinuxuser->user = NULL; if (selinuxuser->range_str == NULL) { cil_reset_levelrange(selinuxuser->range); + } else { + selinuxuser->range = NULL; } } @@ -214,6 +217,8 @@ static void cil_reset_rangetransition(struct cil_rangetransition *rangetrans) { if (rangetrans->range_str == NULL) { cil_reset_levelrange(rangetrans->range); + } else { + rangetrans->range = NULL; } } @@ -251,6 +256,7 @@ static void cil_reset_catset(struct cil_catset *catset) static inline void cil_reset_level(struct cil_level *level) { + level->sens = NULL; cil_reset_cats(level->cats); } @@ -258,10 +264,14 @@ static inline void cil_reset_levelrange(struct cil_levelrange *levelrange) { if (levelrange->low_str == NULL) { cil_reset_level(levelrange->low); + } else { + levelrange->low = NULL; } if (levelrange->high_str == NULL) { cil_reset_level(levelrange->high); + } else { + levelrange->high = NULL; } } @@ -269,6 +279,8 @@ static inline void cil_reset_userlevel(struct cil_userlevel *userlevel) { if (userlevel->level_str == NULL) { cil_reset_level(userlevel->level); + } else { + userlevel->level = NULL; } } @@ -276,13 +288,20 @@ static inline void cil_reset_userrange(struct cil_userrange *userrange) { if (userrange->range_str == NULL) { cil_reset_levelrange(userrange->range); + } else { + userrange->range = NULL; } } static inline void cil_reset_context(struct cil_context *context) { + if (!context) { + return; + } if (context->range_str == NULL) { cil_reset_levelrange(context->range); + } else { + context->range = NULL; } } @@ -290,26 +309,35 @@ static void cil_reset_sidcontext(struct cil_sidcontext *sidcontext) { if (sidcontext->context_str == NULL) { cil_reset_context(sidcontext->context); + } else { + sidcontext->context = NULL; } } static void cil_reset_filecon(struct cil_filecon *filecon) { - if (filecon->context_str == NULL && filecon->context != NULL) { + if (filecon->context_str == NULL) { cil_reset_context(filecon->context); + } else { + filecon->context = NULL; } } static void cil_reset_ibpkeycon(struct cil_ibpkeycon *ibpkeycon) { - if (!ibpkeycon->context_str) + if (ibpkeycon->context_str == NULL) { cil_reset_context(ibpkeycon->context); + } else { + ibpkeycon->context = NULL; + } } static void cil_reset_portcon(struct cil_portcon *portcon) { if (portcon->context_str == NULL) { cil_reset_context(portcon->context); + } else { + portcon->context = NULL; } } @@ -317,6 +345,8 @@ static void cil_reset_nodecon(struct cil_nodecon *nodecon) { if (nodecon->context_str == NULL) { cil_reset_context(nodecon->context); + } else { + nodecon->context = NULL; } } @@ -324,6 +354,8 @@ static void cil_reset_genfscon(struct cil_genfscon *genfscon) { if (genfscon->context_str == NULL) { cil_reset_context(genfscon->context); + } else { + genfscon->context = NULL; } } @@ -331,17 +363,23 @@ static void cil_reset_netifcon(struct cil_netifcon *netifcon) { if (netifcon->if_context_str == NULL) { cil_reset_context(netifcon->if_context); + } else { + netifcon->if_context = NULL; } if (netifcon->packet_context_str == NULL) { cil_reset_context(netifcon->packet_context); + } else { + netifcon->packet_context = NULL; } } static void cil_reset_ibendportcon(struct cil_ibendportcon *ibendportcon) { - if (!ibendportcon->context_str) { + if (ibendportcon->context_str == NULL) { cil_reset_context(ibendportcon->context); + } else { + ibendportcon->context = NULL; } } @@ -349,6 +387,8 @@ static void cil_reset_pirqcon(struct cil_pirqcon *pirqcon) { if (pirqcon->context_str == NULL) { cil_reset_context(pirqcon->context); + } else { + pirqcon->context = NULL; } } @@ -356,6 +396,8 @@ static void cil_reset_iomemcon(struct cil_iomemcon *iomemcon) { if (iomemcon->context_str == NULL) { cil_reset_context(iomemcon->context); + } else { + iomemcon->context = NULL; } } @@ -363,6 +405,8 @@ static void cil_reset_ioportcon(struct cil_ioportcon *ioportcon) { if (ioportcon->context_str == NULL) { cil_reset_context(ioportcon->context); + } else { + ioportcon->context = NULL; } } @@ -370,6 +414,8 @@ static void cil_reset_pcidevicecon(struct cil_pcidevicecon *pcidevicecon) { if (pcidevicecon->context_str == NULL) { cil_reset_context(pcidevicecon->context); + } else { + pcidevicecon->context = NULL; } } @@ -377,6 +423,8 @@ static void cil_reset_devicetreecon(struct cil_devicetreecon *devicetreecon) { if (devicetreecon->context_str == NULL) { cil_reset_context(devicetreecon->context); + } else { + devicetreecon->context = NULL; } } @@ -384,6 +432,8 @@ static void cil_reset_fsuse(struct cil_fsuse *fsuse) { if (fsuse->context_str == NULL) { cil_reset_context(fsuse->context); + } else { + fsuse->context = NULL; } }