RepoMirrors/selinux
1
0
Fork 0
mirror of https://github.com/SELinuxProject/selinux synced 2025-03-06 18:27:40 +00:00
Code Issues Packages Projects Releases Wiki Activity
e2d018423d
selinux/libsepol
History
Nicolas Iooss e2d018423d libsepol/cil: propagate failure of cil_fill_list() 
OSS-Fuzz found a Null-dereference READ in the CIL compiler when trying
to compile the following policy:

    (optional o (validatetrans x (eq t3 (a ()))))

With some logs, secilc reports:

    Invalid syntax
    Destroying Parse Tree
    Resolving AST
    Failed to resolve validatetrans statement at fuzz:1
    Disabling optional 'o' at tmp.cil:1

So there is an "Invalid syntax" error, but the compilation continues.
Fix this issue by stopping the compilation when cil_fill_list() reports
an error:

    Invalid syntax
    Bad expression tree for constraint
    Bad validatetrans declaration at tmp.cil:1

Fixes: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=29061
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
2021-01-04 13:34:38 -05:00
..
cil libsepol/cil: propagate failure of cil_fill_list() 2021-01-04 13:34:38 -05:00
include libsepol: Drop deprecated functions 2020-10-19 22:11:39 +02:00
man selinux: Update manpages after removing legacy boolean and user code 2019-07-29 23:46:47 +02:00
src libsepol: free memory when realloc() fails 2020-11-12 21:24:06 +01:00
tests libsepol/tests: drop ncurses dependency 2020-05-04 10:31:44 +02:00
utils libsepol: build: follow standard semantics for DESTDIR and PREFIX 2018-02-14 15:59:36 +01:00
.gitignore
COPYING
Makefile
VERSION Update VERSIONs and Python bindings version to 3.1 for release 2020-07-10 17:17:15 +02:00