@@ -6075,12 +6075,24 @@ void cil_destroy_mls(struct cil_mls *mls)
int cil_gen_src_info(struct cil_tree_node *parse_current, struct cil_tree_node *ast_node)
{
- /* No need to check syntax, because this is auto generated */
+ int rc = SEPOL_ERR;
+ enum cil_syntax syntax[] = {
+ CIL_SYN_STRING,
+ CIL_SYN_STRING,
+ CIL_SYN_STRING,
+ CIL_SYN_N_LISTS | CIL_SYN_END,
+ CIL_SYN_END
+ };
+ int syntax_len = sizeof(syntax)/sizeof(*syntax);
struct cil_src_info *info = NULL;
- if (parse_current->next == NULL || parse_current->next->next == NULL) {
- cil_tree_log(parse_current, CIL_ERR, "Bad <src_info>");
- return SEPOL_ERR;
+ if (parse_current == NULL || ast_node == NULL) {
+ goto exit;
+ }
+
+ rc = __cil_verify_syntax(parse_current, syntax, syntax_len);
+ if (rc != SEPOL_OK) {
+ goto exit;
}
cil_src_info_init(&info);
@@ -6092,6 +6104,10 @@ int cil_gen_src_info(struct cil_tree_node *parse_current, struct cil_tree_node *
ast_node->flavor = CIL_SRC_INFO;
return SEPOL_OK;
+
+exit:
+ cil_tree_log(parse_current, CIL_ERR, "Bad src info");
+ return rc;
}
void cil_destroy_src_info(struct cil_src_info *info)
Every rule other than src_info has their syntax checked when building the AST. It wasn't considered necessary for src_info rules because they were expected to always be generated by the parser and aren't part of the CIL language. But there is no check preventing them from occurring in a policy and the secilc fuzzer found some bugs by using src_info rules in a policy. This caused some syntax checking to be added. Since the parse AST from secil2tree will contain src_info rules and since the goal is to be able to compile the output of secil2tree, it makes sense to check the syntax of src_info rules in the same way that all of the other rules are checked. Check the syntax of src_info statements in the same way every other rule is checked. Signed-off-by: James Carter <jwcart2@gmail.com> --- libsepol/cil/src/cil_build_ast.c | 24 ++++++++++++++++++++---- 1 file changed, 20 insertions(+), 4 deletions(-)