RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2024-12-18 20:24:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
6675e12cc1
selinux/libsepol
History
Nicolas Iooss 6675e12cc1 libsepol: do not crash when a symbol does not exist 
When hll/pp reads an invalid policy module where some scopes use
required symbols which are not defined, the program crashes with a
segmentation fault in required_scopes_to_cil():

    Program received signal SIGSEGV, Segmentation fault.
    required_scopes_to_cil (decl_stack=0x6040b0, block=0x607780,
    pdb=0x6042e0, indent=0) at module_to_cil.c:3479
    3479                for (j = 0; j < scope_datum->decl_ids_len; j++)
    {
    => 0x00007ffff7a7b1a8 <block_to_cil+5224>:  44 8b 58 10 mov
    0x10(%rax),%r11d

    (gdb) bt
    #0  required_scopes_to_cil (decl_stack=0x6040b0, block=0x607780,
    pdb=0x6042e0, indent=0) at module_to_cil.c:3479
    #1  block_to_cil (pdb=pdb@entry=0x6042e0,
    block=block@entry=0x607780, stack=stack@entry=0x6040b0,
    indent=indent@entry=0) at module_to_cil.c:3622
    #2  0x00007ffff7a85a18 in global_block_to_cil (stack=0x6040b0,
    block=0x607780, pdb=0x6042e0) at module_to_cil.c:3738
    #3  blocks_to_cil (pdb=0x6042e0) at module_to_cil.c:3764
    #4  sepol_module_policydb_to_cil (fp=fp@entry=0x7ffff79d05e0
    <_IO_2_1_stdout_>, pdb=0x6042e0, linked=linked@entry=0) at
    module_to_cil.c:4051
    #5  0x00007ffff7a86b55 in sepol_module_package_to_cil
    (fp=fp@entry=0x7ffff79d05e0 <_IO_2_1_stdout_>, mod_pkg=0x604280) at
    module_to_cil.c:4080
    #6  0x0000000000401acc in main (argc=<optimized out>,
    argv=<optimized out>) at pp.c:150

    (gdb) p scope_datum
    $1 = (struct scope_datum *) 0x0

Detect such errors and exit with an error return value.

Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2016-11-23 12:31:55 -05:00
..
cil libsepol: cil: remove double-free. 2016-11-15 10:48:26 -05:00
include policydb.h: use AVTAB macros to avoid duplications 2016-11-17 16:41:45 -05:00
man Laurent Bigonville patch to fix various minor manpage issues and correct section numbering. 2013-10-24 13:58:37 -04:00
src libsepol: do not crash when a symbol does not exist 2016-11-23 12:31:55 -05:00
tests libsepol/tests: fix mispelling of optimization option 2016-09-26 11:08:53 -04:00
utils libsepol: Android/MacOS X build support 2012-06-28 11:21:15 -04:00
.gitignore libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
COPYING initial import from svn trunk revision 2950 2008-08-19 15:30:36 -04:00
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSION and ChangeLog files for 2.6 final release. 2016-10-14 11:31:26 -04:00