RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-04-11 04:01:46 +00:00
Code Issues Packages Projects Releases Wiki Activity

setfiles: avoid unsigned integer underflow

Browse Source 
While well-defined unsigned integer underflow might signal a logic
mistake or processing of unchecked user input.  Please Clang's undefined
behavior sanitizer:

    restore.c:91:37: runtime error: unsigned integer overflow: 1 - 2 cannot be represented in type 'unsigned long'

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
Christian Göttsche 2023-12-19 17:09:33 +01:00 committed by James Carter
parent 454a9f248b
commit fc2e9318d0
1 changed files with 5 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

10
policycoreutils/setfiles/restore.c
View File

@ -77,8 +77,8 @@ int process_glob(char *name, struct restore_opts *opts, size_t nthreads,
long unsigned *skipped_errors) long unsigned *skipped_errors)
{ {
glob_t globbuf; glob_t globbuf;
size_t i = 0; size_t i, len;
int len, rc, errors; int rc, errors;
memset(&globbuf, 0, sizeof(globbuf)); memset(&globbuf, 0, sizeof(globbuf));
@ -88,10 +88,10 @@ int process_glob(char *name, struct restore_opts *opts, size_t nthreads,
return errors; return errors;
for (i = 0; i < globbuf.gl_pathc; i++) { for (i = 0; i < globbuf.gl_pathc; i++) {
len = strlen(globbuf.gl_pathv[i]) - 2; len = strlen(globbuf.gl_pathv[i]);
if (len > 0 && strcmp(&globbuf.gl_pathv[i][len--], "/.") == 0) if (len > 2 && strcmp(&globbuf.gl_pathv[i][len - 2], "/.") == 0)
continue; continue;
if (len > 0 && strcmp(&globbuf.gl_pathv[i][len], "/..") == 0) if (len > 3 && strcmp(&globbuf.gl_pathv[i][len - 3], "/..") == 0)
continue; continue;
rc = selinux_restorecon_parallel(globbuf.gl_pathv[i], rc = selinux_restorecon_parallel(globbuf.gl_pathv[i],
opts->restorecon_flags, opts->restorecon_flags,