RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-03-06 18:27:40 +00:00
Code Issues Packages Projects Releases Wiki Activity

libsepol: add missing ibendport port validity check

Browse Source 
The kernel checks if the port is in the range 1-255 when loading an
ibenportcon rule. Add the same check to libsepol.

Fixes: 118c0cd103 ("libsepol: Add ibendport ocontext handling")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
This commit is contained in:
Ondrej Mosnacek 2018-10-23 08:57:57 +02:00 committed by William Roberts
parent c8e5de952d
commit 94ebccf534
1 changed files with 9 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
libsepol/src/policydb.c
View File

@ -2854,7 +2854,9 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
return -1;
break;
}
case OCON_IBENDPORT:
case OCON_IBENDPORT: {
uint32_t port;
rc = next_entry(buf, fp, sizeof(uint32_t) * 2);
if (rc < 0)
return -1;
@ -2862,6 +2864,10 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
if (len == 0 || len > IB_DEVICE_NAME_MAX - 1)
return -1;
port = le32_to_cpu(buf[1]);
if (port > UINT8_MAX || port == 0)
return -1;
c->u.ibendport.dev_name = malloc(len + 1);
if (!c->u.ibendport.dev_name)
return -1;
@ -2869,11 +2875,12 @@ static int ocontext_read_selinux(struct policydb_compat_info *info,
if (rc < 0)
return -1;
c->u.ibendport.dev_name[len] = 0;
c->u.ibendport.port = le32_to_cpu(buf[1]);
c->u.ibendport.port = port;
if (context_read_and_validate
(&c->context[0], p, fp))
return -1;
break;
}
case OCON_PORT:
rc = next_entry(buf, fp, sizeof(uint32_t) * 3);
if (rc < 0)