RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-01-26 23:32:53 +00:00
Code Issues Packages Projects Releases Wiki Activity
1,744 Commits 4 Branches 737 Tags 22 MiB
C 74.6%
Python 16.2%
Roff 5.2%
SWIG 1.2%
Makefile 1.1%
Other 1.7%
c303ca910a
Go to file
James Carter c303ca910a libsepol/cil: Check for too many permissions in classes and commons 
Fixes bug found by Nicolas Iooss as described below in the way suggested by Steve Lawrence.

Nicolass reported:

When compiling a CIL policy with more than 32 items in a class (e.g. in
(class capability (chown ...)) with many items),
cil_classorder_to_policydb() overflows perm_value_to_cil[class_index]
array. As this array is allocated on the heap through
calloc(PERMS_PER_CLASS+1, sizeof(...)), this makes secilc crash with the
following message:

    *** Error in `/usr/bin/secilc': double free or corruption (!prev): 0x000000000062be80 ***
    ======= Backtrace: =========
    /usr/lib/libc.so.6(+0x70c4b)[0x7ffff76a7c4b]
    /usr/lib/libc.so.6(+0x76fe6)[0x7ffff76adfe6]
    /usr/lib/libc.so.6(+0x777de)[0x7ffff76ae7de]
    /lib/libsepol.so.1(+0x14fbda)[0x7ffff7b24bda]
    /lib/libsepol.so.1(+0x152db8)[0x7ffff7b27db8]
    /lib/libsepol.so.1(cil_build_policydb+0x63)[0x7ffff7af8723]
    /usr/bin/secilc[0x40273b]
    /usr/lib/libc.so.6(__libc_start_main+0xf1)[0x7ffff7657291]
    /usr/bin/secilc[0x402f7a]

This bug has been found by fuzzing secilc with american fuzzy lop.

Signed-off-by: James Carter <jwcart2@tycho.nsa.gov>
2016-09-29 13:59:45 -04:00
checkpolicy Updated checkpolicy and libsepol ChangeLogs 2016-09-06 11:14:09 -04:00
libselinux Updated libselinux ChangeLog 2016-09-29 10:08:52 -04:00
libsemanage Updated libsemanage ChangeLog 2016-09-29 10:49:35 -04:00
libsepol libsepol/cil: Check for too many permissions in classes and commons 2016-09-29 13:59:45 -04:00
policycoreutils Updated policycoreutils ChangeLog 2016-09-29 10:42:57 -04:00
scripts Add secilc to release script. 2015-03-31 12:41:28 -04:00
secilc libsepol,checkpolicy,secilc: Replace #ifdef DARWIN with __APPLE__. 2016-05-03 11:54:20 -04:00
sepolgen sepolgen: fix make test 2016-09-12 09:42:38 -04:00
.gitignore global: gitignore: add a couple of more editor backup filetypes 2013-02-01 12:14:57 -05:00
Android.mk Add empty top level Android.mk / CleanSpec.mk files 2015-04-16 07:54:09 -04:00
CleanSpec.mk Add empty top level Android.mk / CleanSpec.mk files 2015-04-16 07:54:09 -04:00
Makefile Makefile: make distclean target work 2016-09-29 10:48:14 -04:00
README Add redhat-rpm-config as a build dependency on Fedora. 2016-05-04 15:54:27 -04:00

README 

Please submit all bug reports and patches to selinux@tycho.nsa.gov.
Subscribe via selinux-join@tycho.nsa.gov.

Build dependencies on Fedora:
yum install audit-libs-devel bison bzip2-devel dbus-devel dbus-glib-devel flex flex-devel flex-static glib2-devel libcap-devel libcap-ng-devel pam-devel pcre-devel python-devel setools-devel swig ustr-devel xmlto redhat-rpm-config

To build and install everything under a private directory, run:
make DESTDIR=~/obj install install-pywrap

To install as the default system libraries and binaries
(overwriting any previously installed ones - dangerous!),
on x86_64, run:
make LIBDIR=/usr/lib64 SHLIBDIR=/lib64 install install-pywrap relabel
or on x86 (32-bit), run:
make install install-pywrap relabel

This may render your system unusable if the upstream SELinux userspace
lacks library functions or other dependencies relied upon by your
distribution.  If it breaks, you get to keep both pieces.