RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-03-06 10:17:32 +00:00
Code Issues Packages Projects Releases Wiki Activity
e13c816265
selinux/libsepol
History
James Carter e13c816265 libsepol/cil: Fix out-of-bound read of file context pattern ending with "\" 
Based on patch by Nicolas Iooss, who writes:
  OSS-Fuzz found a Heap-buffer-overflow in the CIL compiler when trying
  to compile the following policy:

    (sid SID)
    (sidorder(SID))
    (filecon "\" any ())
    (filecon "" any ())

  When cil_post_fc_fill_data() processes "\", it goes beyond the NUL
  terminator of the string. Fix this by returning when '\0' is read
  after a backslash.

To be consistent with the function compute_diffdata() in
refpolicy/support/fc_sort.py, also increment str_len in this case.

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=28484
Reported-by: Nicolas Iooss <nicolas.iooss@m4x.org>
Signed-off-by: James Carter <jwcart2@gmail.com>
2021-04-19 10:40:26 -04:00
..
cil libsepol/cil: Fix out-of-bound read of file context pattern ending with "\" 2021-04-19 10:40:26 -04:00
include libsepol: Create function ebitmap_highest_set_bit() 2021-02-19 16:30:11 +01:00
man selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
src libsepol: Write "NO_IDENTIFIER" for empty CIL constraint expression 2021-03-18 10:09:16 -04:00
tests libsepol/tests: drop ncurses dependency 2020-05-04 10:31:44 +02:00
utils libsepol: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:36 +01:00
.gitignore libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
COPYING
Makefile libsepol: build cil into libsepol 2014-08-26 08:03:31 -04:00
VERSION Update VERSIONs to 3.2 for release. 2021-03-04 16:42:59 +01:00