@@ -59,12 +59,17 @@ alnum [a-zA-Z0-9]
hexval [0-9A-Fa-f]
%%
-\n.* { strncpy(linebuf[lno], yytext+1, 255);
- linebuf[lno][254] = 0;
- lno = 1 - lno;
- policydb_lineno++;
- source_lineno++;
- yyless(1); }
+\n.* {
+ strncpy(linebuf[lno], yytext+1, 255);
+ linebuf[lno][254] = 0;
+ lno = 1 - lno;
+ policydb_lineno++;
+ if (source_lineno == ULONG_MAX)
+ yywarn("source line number overflow");
+ else
+ source_lineno++;
+ yyless(1);
+ }
CLONE |
clone { return(CLONE); }
COMMON |
@@ -270,7 +275,13 @@ GLBLUB { return(GLBLUB); }
{hexval}{0,4}":"{hexval}{0,4}":"({hexval}|[:.])* { return(IPV6_ADDR); }
{digit}+(\.({alnum}|[_.])*)? { return(VERSION_IDENTIFIER); }
#line[ ]1[ ]\"[^\n]*\" { set_source_file(yytext+9); }
-#line[ ]{digit}+ { source_lineno = atoi(yytext+6)-1; }
+#line[ ]{digit}+ {
+ errno = 0;
+ source_lineno = strtoul(yytext+6, NULL, 10) - 1;
+ if (errno) {
+ yywarn("source line number too big");
+ }
+ }
#[^\n]* { /* delete comments */ }
[ \t\f]+ { /* delete whitespace */ }
"==" { return(EQUALS); }
In case the source line value overflows or has a too big value in the source policy print a warning. policy_scan.l:273:19: runtime error: implicit conversion from type 'int' of value -2 (32-bit, signed) to type 'unsigned long' changed the value to 18446744073709551614 (64-bit, unsigned) policy_scan.l:66:20: runtime error: unsigned integer overflow: 18446744073709551615 + 1 cannot be represented in type 'unsigned long' Signed-off-by: Christian Göttsche <cgzones@googlemail.com> --- checkpolicy/policy_scan.l | 25 ++++++++++++++++++------- 1 file changed, 18 insertions(+), 7 deletions(-)