mirror of
https://github.com/SELinuxProject/selinux
synced 2025-01-11 16:09:47 +00:00
libselinux: make process_boolean() fail on invalid lines
When security_load_booleans() calls process_boolean() to parse a boolean
definition, process_boolean() returns a successful value when it fails
to use strtok_r() (e.g. when there is no "=" in the parsed line). This
leads security_load_booleans() to use uninitialized name and/or val when
setting the boolean into the policy.
This issue has been found using clang's static analyzer and is similar
to the one which has been fixed in libsepol with commit 76f8c04c19
("libsepol: make process_boolean() fail on invalid lines"). Fix it in
the same way.
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
This commit is contained in:
parent
86e6ae67fd
commit
c09fb32384
@ -342,30 +342,42 @@ static int process_boolean(char *buffer, char *name, int namesize, int *val)
|
||||
{
|
||||
char name1[BUFSIZ];
|
||||
char *ptr = NULL;
|
||||
char *tok = strtok_r(buffer, "=", &ptr);
|
||||
if (tok) {
|
||||
strncpy(name1, tok, BUFSIZ - 1);
|
||||
strtrim(name, name1, namesize - 1);
|
||||
if (name[0] == '#')
|
||||
return 0;
|
||||
tok = strtok_r(NULL, "\0", &ptr);
|
||||
if (tok) {
|
||||
while (isspace(*tok))
|
||||
tok++;
|
||||
*val = -1;
|
||||
if (isdigit(tok[0]))
|
||||
*val = atoi(tok);
|
||||
else if (!strncasecmp(tok, "true", sizeof("true") - 1))
|
||||
*val = 1;
|
||||
else if (!strncasecmp
|
||||
(tok, "false", sizeof("false") - 1))
|
||||
*val = 0;
|
||||
if (*val != 0 && *val != 1) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
char *tok;
|
||||
|
||||
}
|
||||
/* Skip spaces */
|
||||
while (isspace(buffer[0]))
|
||||
buffer++;
|
||||
/* Ignore comments */
|
||||
if (buffer[0] == '#')
|
||||
return 0;
|
||||
|
||||
tok = strtok_r(buffer, "=", &ptr);
|
||||
if (!tok) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
strncpy(name1, tok, BUFSIZ - 1);
|
||||
strtrim(name, name1, namesize - 1);
|
||||
|
||||
tok = strtok_r(NULL, "\0", &ptr);
|
||||
if (!tok) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
|
||||
while (isspace(*tok))
|
||||
tok++;
|
||||
|
||||
*val = -1;
|
||||
if (isdigit(tok[0]))
|
||||
*val = atoi(tok);
|
||||
else if (!strncasecmp(tok, "true", sizeof("true") - 1))
|
||||
*val = 1;
|
||||
else if (!strncasecmp(tok, "false", sizeof("false") - 1))
|
||||
*val = 0;
|
||||
if (*val != 0 && *val != 1) {
|
||||
errno = EINVAL;
|
||||
return -1;
|
||||
}
|
||||
return 1;
|
||||
}
|
||||
|
Loading…
Reference in New Issue
Block a user