| Message ID | 1471368517-20552-6-git-send-email-william.c.roberts@intel.com (mailing list archive) |
|---|---|
| State | Not Applicable |
| Headers | show
Return-Path: <selinux-bounces@tycho.nsa.gov> Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id AB82A607FD for <patchwork-selinux@patchwork.kernel.org>; Tue, 16 Aug 2016 18:15:47 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id A0523286B9 for <patchwork-selinux@patchwork.kernel.org>; Tue, 16 Aug 2016 18:15:47 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 951DD286BE; Tue, 16 Aug 2016 18:15:47 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED autolearn=ham version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id C1529286B9 for <patchwork-selinux@patchwork.kernel.org>; Tue, 16 Aug 2016 18:15:46 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.28,529,1464652800"; d="scan'208";a="18517967" IronPort-PHdr: =?us-ascii?q?9a23=3AkXIvHRAK/kTX85q4Qn2QUyQJP3N1i/DPJgcQr6Af?= =?us-ascii?q?oPdwSP/4rsbcNUDSrc9gkEXOFd2CrakV0qyP7Ou5AT1Ioc7Y9itTKNoUD15NoP?= =?us-ascii?q?5VtjRoONSCB0z/IayiRA0BN+MGamVY+WqmO1NeAsf0ag6aiHSz6TkPBke3blIt?= =?us-ascii?q?dazLE4Lfx/66y/q1s8WKJV4Z3XzkPvgrdET+7V2I8JJH2c06cud54yCKi0MAQ/?= =?us-ascii?q?5Ry2JsKADbtDfHzeD0wqRe9T9Nsekq7c9KXPayVa05SbtFEGZuaDhtt4XWrx2L?= =?us-ascii?q?cS+jrjtZCz1XwVJ0BF3e4RX7WIrhmjfrvep6ni+BNIv5Sq5wETa95K5xVEXAlD?= =?us-ascii?q?YMNzl/9nrezMN3kuYTux+ooRBlxI/YJYWUL+ZWYrLWfdRcQ3FIGMlWSWgJGY+n?= =?us-ascii?q?R5ceBOoGe+BDps/yoEVdgwG5AFyzBefryzZNwHSwx6ow3v49CinH2hAtG5QFt3?= =?us-ascii?q?GH/53OKK4OXLXtn+HzxjLZYqYTgG/w?= X-IPAS-Result: =?us-ascii?q?A2GCBQAEWLNX/wHyM5BeGgEBAQGDJYFSpyaUGx6HXkwBAQE?= =?us-ascii?q?BAQEBAgECWyeCMgQDEYIVAgQBAiQTFCAOAwkBARcIIQgIAwEtFREHBwsFGASIE?= =?us-ascii?q?L5jAQoBAQEjiCqGXxEBhXcFjxKKL48ZAolrhVhIj2hUhBpOAYUqgTYBAQE?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP; 16 Aug 2016 18:14:33 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7GICb1P013287; Tue, 16 Aug 2016 14:13:09 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u7GHT8UU243300 for <selinux@prometheus.infosec.tycho.ncsc.mil>; Tue, 16 Aug 2016 13:29:08 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7GHT7Zl007907; Tue, 16 Aug 2016 13:29:08 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1BvBQCWS7NX/yNjr8ZeGgEBAQGDJ4FStzqEDIYdAoFUTAEBAQEBAQECXoUGAgQnUhAgMVcHEogxvlQBAQEBAQEEAQEBASOIKoxoBY8Sii+PGQKPQ0iPaFSEGhwyAYcWAQEB X-IPAS-Result: A1BvBQCWS7NX/yNjr8ZeGgEBAQGDJ4FStzqEDIYdAoFUTAEBAQEBAQECXoUGAgQnUhAgMVcHEogxvlQBAQEBAQEEAQEBASOIKoxoBY8Sii+PGQKPQ0iPaFSEGhwyAYcWAQEB X-IronPort-AV: E=Sophos;i="5.28,529,1464667200"; d="scan'208";a="5648263" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 16 Aug 2016 13:29:01 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3Apgdf3RYKc0lqdBnWQWKj8Dj/LSx+4OfEezUN459i?= =?us-ascii?q?sYplN5qZpMi8bnLW6fgltlLVR4KTs6sC0LuP9fm/EjVYsN7B6ClEK80UEUddyI?= =?us-ascii?q?0/pE8JOIa9E0r1LfrnPWQRPf9pcxtbxUy9KlVfA83kZlff8TWY5D8WHQjjZ0Iu?= =?us-ascii?q?frymUrDbg8n/7e2u4ZqbO1wO32vkJ+otZ0zu/E2R7pBQ2to6bP5pi1PgmThhQ6?= =?us-ascii?q?xu32RmJFaezV7Xx/yb29pdyRlWoO8r7MVaUK/3LOwSRL1cCyk6YShuvJW4/TGK?= =?us-ascii?q?dwaE52MdX2MKiVIIRlGdtFCpFqv25zD3sut7xTmyIdz9TbdyXy+rqahsVlugij?= =?us-ascii?q?gMPiQlqknLm8dwi+RduxvnqBthh8bPbYiTOOB5f6+YedIBWUJdT81RUGpHGYr6?= =?us-ascii?q?YIwRS6IaMf1ws5j2p1xIqwC3QwarGrDB0DhN02D32ak72uFnGkfc2wYtBc4VmH?= =?us-ascii?q?XSsNjxcqwVVLPmhJLUxCnOOqsFkQz275LFJ1V4+amB?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0FYBwBDTLNX/yNjr8ZeGwEBAYMngVKnJ?= =?us-ascii?q?pAUhAyGHQKBVEwBAQEBAQEBAgECWyeCMgQBEwGCFAIEJ1IQIDFXBxKIMb5UAQE?= =?us-ascii?q?BAQEBBAEBAQEBIogqjGgFjxKKL48ZAo9DSI9oVIQaHDIBhxYBAQE?= X-IPAS-Result: =?us-ascii?q?A0FYBwBDTLNX/yNjr8ZeGwEBAYMngVKnJpAUhAyGHQKBVEw?= =?us-ascii?q?BAQEBAQEBAgECWyeCMgQBEwGCFAIEJ1IQIDFXBxKIMb5UAQEBAQEBBAEBAQEBI?= =?us-ascii?q?ogqjGgFjxKKL48ZAo9DSI9oVIQaHDIBhxYBAQE?= X-IronPort-AV: E=Sophos;i="5.28,529,1464652800"; d="scan'208";a="18515594" Received: from fmsmga002-icc.fm.intel.com ([198.175.99.35]) by emsm-gh1-uea11.nsa.gov with ESMTP; 16 Aug 2016 17:28:48 +0000 X-ExtLoop1: 1 X-IronPort-AV: E=Sophos; i="5.28,529,1464678000"; d="scan'208"; a="1042217084" Received: from mtbauma1-mobl.amr.corp.intel.com (HELO wcrobert-MOBL1.amr.corp.intel.com) ([10.255.79.225]) by fmsmga002.fm.intel.com with ESMTP; 16 Aug 2016 10:28:41 -0700 From: william.c.roberts@intel.com To: selinux@tycho.nsa.gov, jwcart2@tycho.nsa.gov, seandroid-list@tycho.nsa.gov, sds@tycho.nsa.gov Subject: [PATCH v4 5/7] libsepol: bound attr_type_map access by nprim Date: Tue, 16 Aug 2016 10:28:35 -0700 Message-Id: <1471368517-20552-6-git-send-email-william.c.roberts@intel.com> X-Mailer: git-send-email 1.9.1 In-Reply-To: <1471368517-20552-1-git-send-email-william.c.roberts@intel.com> References: <1471368517-20552-1-git-send-email-william.c.roberts@intel.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" <selinux.tycho.nsa.gov> List-Post: <mailto:selinux@tycho.nsa.gov> List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help> MIME-Version: 1.0 Content-Type: text/plain; charset="us-ascii" Content-Transfer-Encoding: 7bit Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" <selinux-bounces@tycho.nsa.gov> X-Virus-Scanned: ClamAV using ClamSMTP |
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index 971793d..b8f6ca8 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -3926,6 +3926,10 @@ int policydb_read(policydb_t * p, struct policy_file *fp, unsigned verbose) if (!ebitmap_node_get_bit(tnode, j) || i == j) continue; + + if (j >= p->p_types.nprim) + goto bad; + if (ebitmap_set_bit (&p->attr_type_map[j], i, 1)) goto bad;