RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-02-17 10:06:51 +00:00
Code Issues Packages Projects Releases Wiki Activity
a7a829530e
selinux/libsepol
History
Christian Göttsche cf6ddded16 libsepol: validate the identifier for initials SID is valid 
Check the identifier for initial SIDs is less than the maximum known ID.
The kernel will ignore all unknown IDs, see
security/selinux/ss/policydb.c:policydb_load_isids().

Without checking huge IDs result in OOM events, while writing policies,
e.g. in write_sids_to_conf() or write_sids_to_cil(), due to allocation
of large (continuous) string lists.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
2023-11-15 08:36:33 -05:00
..
cil libsepol/cil: Add cil_write_post_ast function 2023-08-16 13:34:09 -04:00
fuzz libsepol/fuzz: more strict fuzzing of binary policies 2023-07-12 13:01:15 -04:00
include libsepol: Changes to ebitmap.h to fix compiler warnings 2023-08-16 13:33:48 -04:00
man Do not automatically install Russian translations 2023-08-16 13:33:47 -04:00
src libsepol: validate the identifier for initials SID is valid 2023-11-15 08:36:33 -05:00
tests libsepol/tests: rename bool indentifiers 2023-05-03 09:15:20 -04:00
utils libsepol/utils: improve wording 2022-07-06 15:57:24 -04:00
.gitignore libsepol: add policy utilities 2022-04-12 13:09:19 -04:00
LICENSE docs: provide a top level LICENSE file 2022-10-05 08:20:38 -04:00
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSIONs to 3.6-rc1 for release. 2023-11-08 12:51:35 +01:00