| Message ID | 20201230100746.2549568-3-nicolas.iooss@m4x.org (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | [1/6] libsepol: do not decode out-of-bound rolebounds | expand |
On Wed, Dec 30, 2020 at 5:09 AM Nicolas Iooss <nicolas.iooss@m4x.org> wrote: > > Function cil_add_file() copies its input into a newly-allocated buffer, > and does not modify "name". State these properties in the types of > parameters by adding "const" qualifiers. > > This enables using LibFuzzer directly on cil_add_file(), without a > warning about discarding "const" qualifier: > > fuzz-secilc.c: In function ‘LLVMFuzzerTestOneInput’: > fuzz-secilc.c:57:31: warning: passing argument 3 of ‘cil_add_file’ > discards ‘const’ qualifier from pointer target type > [-Wdiscarded-qualifiers] > 57 | if (cil_add_file(db, "fuzz", data, size) != SEPOL_OK) > | ^~~~ > In file included from fuzz-secilc.c:26: > /usr/include/sepol/cil/cil.h:45:57: note: expected ‘char *’ but > argument is of type ‘const uint8_t *’ {aka ‘const unsigned char *’} > 45 | extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); > | ~~~~~~^~~~ > > Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> Acked-by: James Carter <jwcart2@gmail.com> > --- > libsepol/cil/include/cil/cil.h | 4 ++-- > libsepol/cil/src/cil.c | 2 +- > libsepol/cil/src/cil_log.c | 6 +++--- > libsepol/cil/src/cil_parser.c | 2 +- > libsepol/cil/src/cil_parser.h | 2 +- > 5 files changed, 8 insertions(+), 8 deletions(-) > > diff --git a/libsepol/cil/include/cil/cil.h b/libsepol/cil/include/cil/cil.h > index f8cfc3be5015..e6f4503eb33a 100644 > --- a/libsepol/cil/include/cil/cil.h > +++ b/libsepol/cil/include/cil/cil.h > @@ -42,7 +42,7 @@ typedef struct cil_db cil_db_t; > extern void cil_db_init(cil_db_t **db); > extern void cil_db_destroy(cil_db_t **db); > > -extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); > +extern int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size); > > extern int cil_compile(cil_db_t *db); > extern int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db); > @@ -67,7 +67,7 @@ enum cil_log_level { > CIL_INFO > }; > extern void cil_set_log_level(enum cil_log_level lvl); > -extern void cil_set_log_handler(void (*handler)(int lvl, char *msg)); > +extern void cil_set_log_handler(void (*handler)(int lvl, const char *msg)); > > #ifdef __GNUC__ > __attribute__ ((format(printf, 2, 3))) > diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c > index bb7f06d5c4b3..99c8e288912c 100644 > --- a/libsepol/cil/src/cil.c > +++ b/libsepol/cil/src/cil.c > @@ -500,7 +500,7 @@ void cil_root_destroy(struct cil_root *root) > free(root); > } > > -int cil_add_file(cil_db_t *db, char *name, char *data, size_t size) > +int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size) > { > char *buffer = NULL; > int rc; > diff --git a/libsepol/cil/src/cil_log.c b/libsepol/cil/src/cil_log.c > index b222b155120a..a8e4d2e94a78 100644 > --- a/libsepol/cil/src/cil_log.c > +++ b/libsepol/cil/src/cil_log.c > @@ -37,14 +37,14 @@ > > static enum cil_log_level cil_log_level = CIL_ERR; > > -void cil_default_log_handler(__attribute__((unused)) int lvl, char *msg) > +void cil_default_log_handler(__attribute__((unused)) int lvl, const char *msg) > { > fprintf(stderr, "%s", msg); > } > > -void (*cil_log_handler)(int lvl, char *msg) = &cil_default_log_handler; > +void (*cil_log_handler)(int lvl, const char *msg) = &cil_default_log_handler; > > -void cil_set_log_handler(void (*handler)(int lvl, char *msg)) > +void cil_set_log_handler(void (*handler)(int lvl, const char *msg)) > { > cil_log_handler = handler; > } > diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c > index a8af1dce2c4b..b62043b95806 100644 > --- a/libsepol/cil/src/cil_parser.c > +++ b/libsepol/cil/src/cil_parser.c > @@ -196,7 +196,7 @@ static void add_cil_path(struct cil_tree_node **current, char *path) > insert_node(node, *current); > } > > -int cil_parser(char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) > +int cil_parser(const char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) > { > > int paren_count = 0; > diff --git a/libsepol/cil/src/cil_parser.h b/libsepol/cil/src/cil_parser.h > index 02ecb784e95c..1cec63944fdf 100644 > --- a/libsepol/cil/src/cil_parser.h > +++ b/libsepol/cil/src/cil_parser.h > @@ -32,6 +32,6 @@ > > #include "cil_tree.h" > > -int cil_parser(char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); > +int cil_parser(const char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); > > #endif /* CIL_PARSER_H_ */ > -- > 2.29.2 >
Applied. Thanks, Jim On Mon, Jan 4, 2021 at 11:33 AM James Carter <jwcart2@gmail.com> wrote: > > On Wed, Dec 30, 2020 at 5:09 AM Nicolas Iooss <nicolas.iooss@m4x.org> wrote: > > > > Function cil_add_file() copies its input into a newly-allocated buffer, > > and does not modify "name". State these properties in the types of > > parameters by adding "const" qualifiers. > > > > This enables using LibFuzzer directly on cil_add_file(), without a > > warning about discarding "const" qualifier: > > > > fuzz-secilc.c: In function ‘LLVMFuzzerTestOneInput’: > > fuzz-secilc.c:57:31: warning: passing argument 3 of ‘cil_add_file’ > > discards ‘const’ qualifier from pointer target type > > [-Wdiscarded-qualifiers] > > 57 | if (cil_add_file(db, "fuzz", data, size) != SEPOL_OK) > > | ^~~~ > > In file included from fuzz-secilc.c:26: > > /usr/include/sepol/cil/cil.h:45:57: note: expected ‘char *’ but > > argument is of type ‘const uint8_t *’ {aka ‘const unsigned char *’} > > 45 | extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); > > | ~~~~~~^~~~ > > > > Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> > > Acked-by: James Carter <jwcart2@gmail.com> > > > --- > > libsepol/cil/include/cil/cil.h | 4 ++-- > > libsepol/cil/src/cil.c | 2 +- > > libsepol/cil/src/cil_log.c | 6 +++--- > > libsepol/cil/src/cil_parser.c | 2 +- > > libsepol/cil/src/cil_parser.h | 2 +- > > 5 files changed, 8 insertions(+), 8 deletions(-) > > > > diff --git a/libsepol/cil/include/cil/cil.h b/libsepol/cil/include/cil/cil.h > > index f8cfc3be5015..e6f4503eb33a 100644 > > --- a/libsepol/cil/include/cil/cil.h > > +++ b/libsepol/cil/include/cil/cil.h > > @@ -42,7 +42,7 @@ typedef struct cil_db cil_db_t; > > extern void cil_db_init(cil_db_t **db); > > extern void cil_db_destroy(cil_db_t **db); > > > > -extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); > > +extern int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size); > > > > extern int cil_compile(cil_db_t *db); > > extern int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db); > > @@ -67,7 +67,7 @@ enum cil_log_level { > > CIL_INFO > > }; > > extern void cil_set_log_level(enum cil_log_level lvl); > > -extern void cil_set_log_handler(void (*handler)(int lvl, char *msg)); > > +extern void cil_set_log_handler(void (*handler)(int lvl, const char *msg)); > > > > #ifdef __GNUC__ > > __attribute__ ((format(printf, 2, 3))) > > diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c > > index bb7f06d5c4b3..99c8e288912c 100644 > > --- a/libsepol/cil/src/cil.c > > +++ b/libsepol/cil/src/cil.c > > @@ -500,7 +500,7 @@ void cil_root_destroy(struct cil_root *root) > > free(root); > > } > > > > -int cil_add_file(cil_db_t *db, char *name, char *data, size_t size) > > +int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size) > > { > > char *buffer = NULL; > > int rc; > > diff --git a/libsepol/cil/src/cil_log.c b/libsepol/cil/src/cil_log.c > > index b222b155120a..a8e4d2e94a78 100644 > > --- a/libsepol/cil/src/cil_log.c > > +++ b/libsepol/cil/src/cil_log.c > > @@ -37,14 +37,14 @@ > > > > static enum cil_log_level cil_log_level = CIL_ERR; > > > > -void cil_default_log_handler(__attribute__((unused)) int lvl, char *msg) > > +void cil_default_log_handler(__attribute__((unused)) int lvl, const char *msg) > > { > > fprintf(stderr, "%s", msg); > > } > > > > -void (*cil_log_handler)(int lvl, char *msg) = &cil_default_log_handler; > > +void (*cil_log_handler)(int lvl, const char *msg) = &cil_default_log_handler; > > > > -void cil_set_log_handler(void (*handler)(int lvl, char *msg)) > > +void cil_set_log_handler(void (*handler)(int lvl, const char *msg)) > > { > > cil_log_handler = handler; > > } > > diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c > > index a8af1dce2c4b..b62043b95806 100644 > > --- a/libsepol/cil/src/cil_parser.c > > +++ b/libsepol/cil/src/cil_parser.c > > @@ -196,7 +196,7 @@ static void add_cil_path(struct cil_tree_node **current, char *path) > > insert_node(node, *current); > > } > > > > -int cil_parser(char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) > > +int cil_parser(const char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) > > { > > > > int paren_count = 0; > > diff --git a/libsepol/cil/src/cil_parser.h b/libsepol/cil/src/cil_parser.h > > index 02ecb784e95c..1cec63944fdf 100644 > > --- a/libsepol/cil/src/cil_parser.h > > +++ b/libsepol/cil/src/cil_parser.h > > @@ -32,6 +32,6 @@ > > > > #include "cil_tree.h" > > > > -int cil_parser(char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); > > +int cil_parser(const char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); > > > > #endif /* CIL_PARSER_H_ */ > > -- > > 2.29.2 > >
diff --git a/libsepol/cil/include/cil/cil.h b/libsepol/cil/include/cil/cil.h index f8cfc3be5015..e6f4503eb33a 100644 --- a/libsepol/cil/include/cil/cil.h +++ b/libsepol/cil/include/cil/cil.h @@ -42,7 +42,7 @@ typedef struct cil_db cil_db_t; extern void cil_db_init(cil_db_t **db); extern void cil_db_destroy(cil_db_t **db); -extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); +extern int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size); extern int cil_compile(cil_db_t *db); extern int cil_build_policydb(cil_db_t *db, sepol_policydb_t **sepol_db); @@ -67,7 +67,7 @@ enum cil_log_level { CIL_INFO }; extern void cil_set_log_level(enum cil_log_level lvl); -extern void cil_set_log_handler(void (*handler)(int lvl, char *msg)); +extern void cil_set_log_handler(void (*handler)(int lvl, const char *msg)); #ifdef __GNUC__ __attribute__ ((format(printf, 2, 3))) diff --git a/libsepol/cil/src/cil.c b/libsepol/cil/src/cil.c index bb7f06d5c4b3..99c8e288912c 100644 --- a/libsepol/cil/src/cil.c +++ b/libsepol/cil/src/cil.c @@ -500,7 +500,7 @@ void cil_root_destroy(struct cil_root *root) free(root); } -int cil_add_file(cil_db_t *db, char *name, char *data, size_t size) +int cil_add_file(cil_db_t *db, const char *name, const char *data, size_t size) { char *buffer = NULL; int rc; diff --git a/libsepol/cil/src/cil_log.c b/libsepol/cil/src/cil_log.c index b222b155120a..a8e4d2e94a78 100644 --- a/libsepol/cil/src/cil_log.c +++ b/libsepol/cil/src/cil_log.c @@ -37,14 +37,14 @@ static enum cil_log_level cil_log_level = CIL_ERR; -void cil_default_log_handler(__attribute__((unused)) int lvl, char *msg) +void cil_default_log_handler(__attribute__((unused)) int lvl, const char *msg) { fprintf(stderr, "%s", msg); } -void (*cil_log_handler)(int lvl, char *msg) = &cil_default_log_handler; +void (*cil_log_handler)(int lvl, const char *msg) = &cil_default_log_handler; -void cil_set_log_handler(void (*handler)(int lvl, char *msg)) +void cil_set_log_handler(void (*handler)(int lvl, const char *msg)) { cil_log_handler = handler; } diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c index a8af1dce2c4b..b62043b95806 100644 --- a/libsepol/cil/src/cil_parser.c +++ b/libsepol/cil/src/cil_parser.c @@ -196,7 +196,7 @@ static void add_cil_path(struct cil_tree_node **current, char *path) insert_node(node, *current); } -int cil_parser(char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) +int cil_parser(const char *_path, char *buffer, uint32_t size, struct cil_tree **parse_tree) { int paren_count = 0; diff --git a/libsepol/cil/src/cil_parser.h b/libsepol/cil/src/cil_parser.h index 02ecb784e95c..1cec63944fdf 100644 --- a/libsepol/cil/src/cil_parser.h +++ b/libsepol/cil/src/cil_parser.h @@ -32,6 +32,6 @@ #include "cil_tree.h" -int cil_parser(char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); +int cil_parser(const char *path, char *buffer, uint32_t size, struct cil_tree **parse_tree); #endif /* CIL_PARSER_H_ */
Function cil_add_file() copies its input into a newly-allocated buffer, and does not modify "name". State these properties in the types of parameters by adding "const" qualifiers. This enables using LibFuzzer directly on cil_add_file(), without a warning about discarding "const" qualifier: fuzz-secilc.c: In function ‘LLVMFuzzerTestOneInput’: fuzz-secilc.c:57:31: warning: passing argument 3 of ‘cil_add_file’ discards ‘const’ qualifier from pointer target type [-Wdiscarded-qualifiers] 57 | if (cil_add_file(db, "fuzz", data, size) != SEPOL_OK) | ^~~~ In file included from fuzz-secilc.c:26: /usr/include/sepol/cil/cil.h:45:57: note: expected ‘char *’ but argument is of type ‘const uint8_t *’ {aka ‘const unsigned char *’} 45 | extern int cil_add_file(cil_db_t *db, char *name, char *data, size_t size); | ~~~~~~^~~~ Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org> --- libsepol/cil/include/cil/cil.h | 4 ++-- libsepol/cil/src/cil.c | 2 +- libsepol/cil/src/cil_log.c | 6 +++--- libsepol/cil/src/cil_parser.c | 2 +- libsepol/cil/src/cil_parser.h | 2 +- 5 files changed, 8 insertions(+), 8 deletions(-)