Message ID | 20220113160422.675541-1-jwcart2@gmail.com (mailing list archive) |
---|---|
State | Accepted |
Headers | show |
Series | libsepol/cil: Ensure that the class in a classcommon is a kernel class | expand |
I also plan on merging this patch at the end of the week. Jim On Thu, Jan 13, 2022 at 11:04 AM James Carter <jwcart2@gmail.com> wrote: > > Map classes use the same struct as kernel classes, but only the kernel > class uses the pointer to a common class. When resolving a classcommon, > make sure that the class that is found is a kernel class and not a > map class. If not, then return an error. > > Found by oss-fuzz (#43209) > > Signed-off-by: James Carter <jwcart2@gmail.com> > --- > libsepol/cil/src/cil_resolve_ast.c | 5 +++++ > 1 file changed, 5 insertions(+) > > diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c > index e97a9f46..d359eca0 100644 > --- a/libsepol/cil/src/cil_resolve_ast.c > +++ b/libsepol/cil/src/cil_resolve_ast.c > @@ -754,6 +754,11 @@ int cil_resolve_classcommon(struct cil_tree_node *current, void *extra_args) > if (rc != SEPOL_OK) { > goto exit; > } > + if (NODE(class_datum)->flavor != CIL_CLASS) { > + cil_log(CIL_ERR, "Class %s is not a kernel class and cannot be associated with common %s\n", clscom->class_str, clscom->common_str); > + rc = SEPOL_ERR; > + goto exit; > + } > > rc = cil_resolve_name(current, clscom->common_str, CIL_SYM_COMMONS, extra_args, &common_datum); > if (rc != SEPOL_OK) { > -- > 2.31.1 >
On Mon, Feb 7, 2022 at 1:56 PM James Carter <jwcart2@gmail.com> wrote: > > I also plan on merging this patch at the end of the week. > Jim > This patch has now been merged. Jim > > On Thu, Jan 13, 2022 at 11:04 AM James Carter <jwcart2@gmail.com> wrote: > > > > Map classes use the same struct as kernel classes, but only the kernel > > class uses the pointer to a common class. When resolving a classcommon, > > make sure that the class that is found is a kernel class and not a > > map class. If not, then return an error. > > > > Found by oss-fuzz (#43209) > > > > Signed-off-by: James Carter <jwcart2@gmail.com> > > --- > > libsepol/cil/src/cil_resolve_ast.c | 5 +++++ > > 1 file changed, 5 insertions(+) > > > > diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c > > index e97a9f46..d359eca0 100644 > > --- a/libsepol/cil/src/cil_resolve_ast.c > > +++ b/libsepol/cil/src/cil_resolve_ast.c > > @@ -754,6 +754,11 @@ int cil_resolve_classcommon(struct cil_tree_node *current, void *extra_args) > > if (rc != SEPOL_OK) { > > goto exit; > > } > > + if (NODE(class_datum)->flavor != CIL_CLASS) { > > + cil_log(CIL_ERR, "Class %s is not a kernel class and cannot be associated with common %s\n", clscom->class_str, clscom->common_str); > > + rc = SEPOL_ERR; > > + goto exit; > > + } > > > > rc = cil_resolve_name(current, clscom->common_str, CIL_SYM_COMMONS, extra_args, &common_datum); > > if (rc != SEPOL_OK) { > > -- > > 2.31.1 > >
diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c index e97a9f46..d359eca0 100644 --- a/libsepol/cil/src/cil_resolve_ast.c +++ b/libsepol/cil/src/cil_resolve_ast.c @@ -754,6 +754,11 @@ int cil_resolve_classcommon(struct cil_tree_node *current, void *extra_args) if (rc != SEPOL_OK) { goto exit; } + if (NODE(class_datum)->flavor != CIL_CLASS) { + cil_log(CIL_ERR, "Class %s is not a kernel class and cannot be associated with common %s\n", clscom->class_str, clscom->common_str); + rc = SEPOL_ERR; + goto exit; + } rc = cil_resolve_name(current, clscom->common_str, CIL_SYM_COMMONS, extra_args, &common_datum); if (rc != SEPOL_OK) {
Map classes use the same struct as kernel classes, but only the kernel class uses the pointer to a common class. When resolving a classcommon, make sure that the class that is found is a kernel class and not a map class. If not, then return an error. Found by oss-fuzz (#43209) Signed-off-by: James Carter <jwcart2@gmail.com> --- libsepol/cil/src/cil_resolve_ast.c | 5 +++++ 1 file changed, 5 insertions(+)