| Message ID | 1471276754-25266-7-git-send-email-william.c.roberts@intel.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show
Return-Path: <selinux-bounces@tycho.nsa.gov> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id E1D8D600CB for <patchwork-selinux@patchwork.kernel.org>; Mon, 15 Aug 2016 16:38:29 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id D2DB428C98 for <patchwork-selinux@patchwork.kernel.org>; Mon, 15 Aug 2016 16:38:29 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id C7BD328DE5; Mon, 15 Aug 2016 16:38:29 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id DB03C28C98 for <patchwork-selinux@patchwork.kernel.org>; Mon, 15 Aug 2016 16:38:27 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.28,525,1464652800"; d="scan'208";a="18477641" IronPort-PHdr: =?us-ascii?q?9a23=3AHEFKqxF+khG5AWIjGsDqG51GYnF86YWxBRYc798d?= =?us-ascii?q?s5kLTJ74pMWwAkXT6L1XgUPTWs2DsrQf2rOQ6v2rADRaqdbZ6TZZIcQKD0dEwe?= =?us-ascii?q?wt3CUYSPafDkP6KPO4JwcbJ+9lEGFfwnegLEJOE9z/bVCB6le77DoVBwmtfVEt?= =?us-ascii?q?fre9JIfegoyN2vyo/NWLOkMT1WP7OO45dU3s5UWJ749N0NMkcv5wgjLy4VJwM9?= =?us-ascii?q?xMwm1pIV/B1z3d3eyXuKBZziJLpvg6/NRBW6ipN44xTLhfESh0ezttvJ6jiAPH?= =?us-ascii?q?BTeryjNcFzxO00kAPw+Q9xz+X5HsogPmp+F932+cJsSwQrcqHXyg8KxiUgOyoD?= =?us-ascii?q?sWPD4+tmfMg4p/i7wf6Amsrhpz2YnVbMSRNeFiVr/MdtMdA2xaV4BeUDIFSpiw?= =?us-ascii?q?dKMTHuEBOqBetIC7qFwQ/jWkAgz5G+Lrzj5Bgzn9m7c92ek7DRru3Qo8EtZIu3?= =?us-ascii?q?PR/4a9D7sbTe3glPqA9j7Edf4DnG6l5Q=3D=3D?= X-IPAS-Result: =?us-ascii?q?A2E4BwCZ7rFX/wHyM5BeGgEBAQGDJ4FSpxqUGh6HVEwBAQE?= =?us-ascii?q?BAQEBAgECWyeCMgQDEYIVAgQBAiQTFCAOAwkBARcIIQgIAwEtFREHBwsFGASIE?= =?us-ascii?q?L11AQoBAQEjiCqGXxEBhXcFjxCKLo8WAolqhVdIj2dUhBpOAYVtgTYBAQE?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP; 15 Aug 2016 16:35:57 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7FGXqWO009689; Mon, 15 Aug 2016 12:34:25 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u7FFxZ9X198300 for <selinux@prometheus.infosec.tycho.ncsc.mil>; Mon, 15 Aug 2016 11:59:35 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7FFxUNJ005172; Mon, 15 Aug 2016 11:59:35 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1DFBADi5bFX/yNjr8ZeGgEBAQGDJ4FSty2EDIYdAoFOTAEBAQEBAQECXoUGAgQnUhAgMVcHEogxvW0BAQEBAQEEAQEBASOIKoxoBY8Qii6PFgKPQUiPZ1SEGhwyAYcjAQEB X-IPAS-Result: A1DFBADi5bFX/yNjr8ZeGgEBAQGDJ4FSty2EDIYdAoFOTAEBAQEBAQECXoUGAgQnUhAgMVcHEogxvW0BAQEBAQEEAQEBASOIKoxoBY8Qii6PFgKPQUiPZ1SEGhwyAYcjAQEB X-IronPort-AV: E=Sophos;i="5.28,525,1464667200"; d="scan'208";a="5645658" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 15 Aug 2016 11:59:30 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3AbLCTER84GXn3SP9uRHKM819IXTAuvvDOBiVQ1KB8?= =?us-ascii?q?1+4cTK2v8tzYMVDF4r011RmSDNydsq8P2rGe8/i5HzdRudDZ6DFKWacPfidNsd?= =?us-ascii?q?8RkQ0kDZzNImzAB9muURYHGt9fXkRu5XCxPBsdMs//Y1rPvi/6tmZKSV3BPAZ4?= =?us-ascii?q?bt74BpTVx5zukbvjotuKPk4Z33L9Oeo0d0Tu612J94E/ushLEu4J0BzHo39FKa?= =?us-ascii?q?x95FhDAhatpSv6/dq655V58i5d6LoL/s9EVrjmLexjFeQLRBxvCW0+5dXquB/f?= =?us-ascii?q?VkPPoyJECiRF2iZPVhPI6BD8Q4fZrjrxtu073jKTe8LxU/R8Wyup5r13Ejf0mS?= =?us-ascii?q?wHMHg/62iRhctuyOpArRunqwZ4woKRZICOKNJib6jdepUcXmMHUcFPE2RaDpiU?= =?us-ascii?q?c5oED+1HO/1R6Yb6uQggtxy7UBatAOfuwzoOjTns2qc3yfg6OQDAwAEkWdkJtS?= =?us-ascii?q?eH5O7pPbsfBLjmhJLDyi/OOrYPgW/w?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0FsCAAe5rFX/yNjr8ZeGwEBAYMngVKnG?= =?us-ascii?q?pAThAyGHQKBTkwBAQEBAQEBAgECWyeCMgQBEwGCFAIEJ1IQIDFXBxKIMb1uAQE?= =?us-ascii?q?BAQEBBAEBAQEBIogqjGgFjxCKLo8WAo9BSI9nVIQaHDIBhyMBAQE?= X-IPAS-Result: =?us-ascii?q?A0FsCAAe5rFX/yNjr8ZeGwEBAYMngVKnGpAThAyGHQKBTkw?= =?us-ascii?q?BAQEBAQEBAgECWyeCMgQBEwGCFAIEJ1IQIDFXBxKIMb1uAQEBAQEBBAEBAQEBI?= =?us-ascii?q?ogqjGgFjxCKLo8WAo9BSI9nVIQaHDIBhyMBAQE?= X-IronPort-AV: E=Sophos;i="5.28,525,1464652800"; d="scan'208";a="18475759" Received: from fmsmga002-icc.fm.intel.com ([198.175.99.35]) by emsm-gh1-uea11.nsa.gov with ESMTP; 15 Aug 2016 15:59:23 +0000 Received: from orsmga001.jf.intel.com ([10.7.209.18]) by fmsmga002-icc.fm.intel.com with ESMTP; 15 Aug 2016 08:59:20 -0700 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos; i="5.28,525,1464678000"; d="scan'208"; a="1014647707" Received: from hkramach-mobl1.amr.corp.intel.com (HELO wcrobert-MOBL1.amr.corp.intel.com) ([10.254.184.14]) by orsmga001.jf.intel.com with ESMTP; 15 Aug 2016 08:59:19 -0700 From: william.c.roberts@intel.com To: selinux@tycho.nsa.gov, jwcart2@tycho.nsa.gov, seandroid-list@tycho.nsa.gov, sds@tycho.nsa.gov Subject: [PATCH v3 6/7] libsepol: bound attr_type_map access by nprim Date: Mon, 15 Aug 2016 08:59:13 -0700 Message-Id: <1471276754-25266-7-git-send-email-william.c.roberts@intel.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1471276754-25266-1-git-send-email-william.c.roberts@intel.com> References: <1471276754-25266-1-git-send-email-william.c.roberts@intel.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" <selinux.tycho.nsa.gov> List-Post: <mailto:selinux@tycho.nsa.gov> List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" <selinux-bounces@tycho.nsa.gov> X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 604e022..9f1c507 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -3972,6 +3972,10 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose) if (!ebitmap_node_get_bit(tnode, j) || i == j) continue; + + if (j >= p->p_types.nprim) + goto bad; + if (ebitmap_set_bit (&p->attr_type_map[j], i, 1)) goto bad;