| Message ID | 20210913182600.1016101-1-jwcart2@gmail.com (mailing list archive) |
|---|---|
| State | Accepted |
| Headers | show |
| Series | libsepol/cil: Do not use original type and typeattribute datums | expand |
James Carter <jwcart2@gmail.com> writes: > When compiling CIL policy using secilc's "-m" option (which allows > duplicate declarations for types and type attributes), a segfault > will occur if the type or type attribute being copied has already > been declared. This is because a search of the symbol table is made > during the copy and the original datum will be used if one is found. > The original datum will be considered a duplicate when an attempt is > made to add it to the symbol table. The original datum, which is still > in use, will then be destroyed and a segfault will follow soon after > that. > > Instead, always create a new datum. When it is added the new datum > will be destroyed if it is a duplicate and duplicate declarations > are allowed. > > Signed-off-by: James Carter <jwcart2@gmail.com> > Acked-by: Petr Lautrbach <plautrba@redhat.com> > --- > libsepol/cil/src/cil_copy_ast.c | 32 ++++++++------------------------ > 1 file changed, 8 insertions(+), 24 deletions(-) > > diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c > index 7c5ae9e1..2fad972c 100644 > --- a/libsepol/cil/src/cil_copy_ast.c > +++ b/libsepol/cil/src/cil_copy_ast.c > @@ -590,20 +590,12 @@ int cil_copy_roleallow(__attribute__((unused)) struct cil_db *db, void *data, vo > return SEPOL_OK; > } > > -int cil_copy_type(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) > +int cil_copy_type(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) > { > - struct cil_type *orig = data; > - char *key = orig->datum.name; > - struct cil_symtab_datum *datum = NULL; > + struct cil_type *new; > > - cil_symtab_get_datum(symtab, key, &datum); > - if (datum == NULL) { > - struct cil_type *new; > - cil_type_init(&new); > - *copy = new; > - } else { > - *copy = datum; > - } > + cil_type_init(&new); > + *copy = new; > > return SEPOL_OK; > } > @@ -622,20 +614,12 @@ int cil_copy_typepermissive(__attribute__((unused)) struct cil_db *db, void *dat > return SEPOL_OK; > } > > -int cil_copy_typeattribute(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) > +int cil_copy_typeattribute(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) > { > - struct cil_typeattribute *orig = data; > - char *key = orig->datum.name; > - struct cil_symtab_datum *datum = NULL; > + struct cil_typeattribute *new; > > - cil_symtab_get_datum(symtab, key, &datum); > - if (datum == NULL) { > - struct cil_typeattribute *new; > - cil_typeattribute_init(&new); > - *copy = new; > - } else { > - *copy = datum; > - } > + cil_typeattribute_init(&new); > + *copy = new; > > return SEPOL_OK; > } > -- > 2.31.1
diff --git a/libsepol/cil/src/cil_copy_ast.c b/libsepol/cil/src/cil_copy_ast.c index 7c5ae9e1..2fad972c 100644 --- a/libsepol/cil/src/cil_copy_ast.c +++ b/libsepol/cil/src/cil_copy_ast.c @@ -590,20 +590,12 @@ int cil_copy_roleallow(__attribute__((unused)) struct cil_db *db, void *data, vo return SEPOL_OK; } -int cil_copy_type(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) +int cil_copy_type(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) { - struct cil_type *orig = data; - char *key = orig->datum.name; - struct cil_symtab_datum *datum = NULL; + struct cil_type *new; - cil_symtab_get_datum(symtab, key, &datum); - if (datum == NULL) { - struct cil_type *new; - cil_type_init(&new); - *copy = new; - } else { - *copy = datum; - } + cil_type_init(&new); + *copy = new; return SEPOL_OK; } @@ -622,20 +614,12 @@ int cil_copy_typepermissive(__attribute__((unused)) struct cil_db *db, void *dat return SEPOL_OK; } -int cil_copy_typeattribute(__attribute__((unused)) struct cil_db *db, void *data, void **copy, symtab_t *symtab) +int cil_copy_typeattribute(__attribute__((unused)) struct cil_db *db, __attribute__((unused)) void *data, void **copy, __attribute__((unused)) symtab_t *symtab) { - struct cil_typeattribute *orig = data; - char *key = orig->datum.name; - struct cil_symtab_datum *datum = NULL; + struct cil_typeattribute *new; - cil_symtab_get_datum(symtab, key, &datum); - if (datum == NULL) { - struct cil_typeattribute *new; - cil_typeattribute_init(&new); - *copy = new; - } else { - *copy = datum; - } + cil_typeattribute_init(&new); + *copy = new; return SEPOL_OK; }
When compiling CIL policy using secilc's "-m" option (which allows duplicate declarations for types and type attributes), a segfault will occur if the type or type attribute being copied has already been declared. This is because a search of the symbol table is made during the copy and the original datum will be used if one is found. The original datum will be considered a duplicate when an attempt is made to add it to the symbol table. The original datum, which is still in use, will then be destroyed and a segfault will follow soon after that. Instead, always create a new datum. When it is added the new datum will be destroyed if it is a duplicate and duplicate declarations are allowed. Signed-off-by: James Carter <jwcart2@gmail.com> --- libsepol/cil/src/cil_copy_ast.c | 32 ++++++++------------------------ 1 file changed, 8 insertions(+), 24 deletions(-)