mirror of
https://github.com/SELinuxProject/selinux
synced 2024-12-24 06:52:12 +00:00
410634d650
Nicolas Iooss found while fuzzing secilc with AFL that using an attribute as a child in a typebounds statement will cause a segfault. This happens because the child datum is assumed to be part of a cil_type struct when it is really part of a cil_typeattribute struct. The check to verify that it is a type and not an attribute comes after it is used. This bug effects user and role bounds as well because they do not check whether a datum refers to an attribute or not. Add checks to verify that neither the child nor the parent datum refer to an attribute before using them in user, role, and type bounds. Signed-off-by: James Carter <jwcart2@tycho.nsa.gov> |
||
---|---|---|
.. | ||
include/cil | ||
src | ||
test | ||
.gitignore |