selinux

mirror of https://github.com/SELinuxProject/selinux synced 2024-12-21 05:30:13 +00:00

History

Nicolas Iooss af29a23553 libsepol/cil: do not allow \0 in quoted strings Using the '\0' character in strings in a CIL policy is not expected to happen, and makes the flex tokenizer very slow. For example when generating a file with: python -c 'print("\"" + "\0"*100000 + "\"")' > policy.cil secilc fails after 26 seconds, on my desktop computer. Increasing the numbers of \0 makes this time increase significantly. But replacing \0 with another character makes secilc fail in only few milliseconds. Fix this "possible denial of service" issue by forbidding \0 in strings in CIL policies. Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=36016 Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>		2021-07-13 21:05:03 +02:00
..
cil	libsepol/cil: do not allow \0 in quoted strings	2021-07-13 21:05:03 +02:00
include	libsepol: avoid implicit conversions	2021-07-13 21:01:07 +02:00
man	selinux: Update manpages after removing legacy boolean and user code	2019-07-29 23:46:47 +02:00
src	libsepol: assure string NUL-termination of ibdev_name	2021-07-13 21:01:11 +02:00
tests	libsepol: silence -Wextra-semi-stmt warning	2021-07-06 11:08:11 -04:00
utils	libsepol: build: follow standard semantics for DESTDIR and PREFIX	2018-02-14 15:59:36 +01:00
.gitignore
COPYING
Makefile
VERSION	Update VERSIONs to 3.2 for release.	2021-03-04 16:42:59 +01:00