From patchwork Thu May 13 18:52:49 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256303
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_NONE,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 6A09DC43460
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:00 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 47F4661264
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:00 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231659AbhEMSzJ (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:55:09 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46012 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230366AbhEMSzJ (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:55:09 -0400
Received: from mail-qv1-xf2a.google.com (mail-qv1-xf2a.google.com
 [IPv6:2607:f8b0:4864:20::f2a])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 4047FC061574
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:53:59 -0700 (PDT)
Received: by mail-qv1-xf2a.google.com with SMTP id u33so2375656qvf.9
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:53:59 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=FC0ak52LAgRDIFnxZv/PhJhPRmOUWUZ6YhUX2JMSFXY=;
        b=UIc3Vf9tgWVESpknGcpO0x+zQDQ9dh1wismHXBwanP3khuG49+8ESoxBBVBat4UoLz
         MAymT4Bnkg8pDAS8EetPNbvjLxZRktaA2jAdTPZ1zgwIUMCHOO6g8Wncvh5DT4NA15o5
         lAnhM183MWKQl7VB3cIUl9BAf0DcxZT1YxbPy9xgEjB0avKSo1xY4YgRyozfK5Q1oUcr
         psDV8NF+kqJn+MrcsCZE2zhLB/qApqHQW8Psr9sRww6lYpApbJKk73bjYun54QKSeVWV
         kRRsfbz2vK5HoiVVDe+icBOOdaZT52Qg/rZxTlSj6lNuGpBVstVN35V6I1giglGx1d45
         HkwA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=FC0ak52LAgRDIFnxZv/PhJhPRmOUWUZ6YhUX2JMSFXY=;
        b=M14d7AiyUjV5oCjLE9xLG7G0RpcMfAs1WRW9pwXlulCjG8DvycTtuXpTNQ/jktl+GC
         Ae+ogIegoYlhHDW6mzP0zGhSnkPI1uC1s5Bupm7et6oi4eYrx/N1y5Nw3f1jATMBZBy+
         eKEAHPKPcy54UJsjommO1iV9eYu+lsB4ZMvapWHWxEcBO77NkbLgXt2An8C7mL7ea3Mp
         dG2c85+5WN2Uo8TQLAefmwejkP2sNOHUeDqTdjKvQZyVJ4MUUeS9ztwnokihKgD3FuoJ
         2+LbSz8om/jKodqxBq5JKoHGKlrliZ8OFCDl7FBtu55ujQhv6KxE4aNb3P/2BfOCqWjm
         BiCQ==
X-Gm-Message-State: AOAM531+sR6GaadXN3yGBN3KqEIaYZpuJreMkAEPOyuthoK9oikn9vtF
        D6xWTyjRqsne9ULWMEsnqWx2nBC/+hfxpg==
X-Google-Smtp-Source: 
 ABdhPJwv+KzjPTi1iNtkJfMWLcFz0aL94UjCuw0atgnBRjAcpWyPSRX0xkuOsG+ccKZtSJ8DV5STaA==
X-Received: by 2002:a05:6214:2b0:: with SMTP id
 m16mr42869575qvv.4.1620932038433;
        Thu, 13 May 2021 11:53:58 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.53.46
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:53:53 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 1/6] libsepol/cil: Handle disabled optional blocks in earlier
 passes
Date: Thu, 13 May 2021 14:52:49 -0400
Message-Id: <20210513185254.559588-2-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

A failed tunable resolution in a tunableif can cause an optional
to be disabled before the CIL_PASS_CALL1 phase. If this occurs, the
optional block and its subtree should be destroyed, but no reset
will be required since tunables are not allowed inside an optional
block.

Anytime there are optional blocks in the disabled_optionals list
(changed == 1), destroy the optional block and its subtree even if
in a pass before CIL_PASS_CALL1.

This bug was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_resolve_ast.c | 54 ++++++++++++++++--------------
 1 file changed, 28 insertions(+), 26 deletions(-)

diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
index 5368ae80..242aea4a 100644
--- a/libsepol/cil/src/cil_resolve_ast.c
+++ b/libsepol/cil/src/cil_resolve_ast.c
@@ -4099,35 +4099,37 @@ int cil_resolve_ast(struct cil_db *db, struct cil_tree_node *current)
 			}
 		}
 
-		if (changed && (pass > CIL_PASS_CALL1)) {
+		if (changed) {
 			struct cil_list_item *item;
-			/* Need to re-resolve because an optional was disabled that contained
-			 * one or more declarations. We only need to reset to the call1 pass 
-			 * because things done in the preceding passes aren't allowed in 
-			 * optionals, and thus can't be disabled.
-			 * Note: set pass to CIL_PASS_CALL1 because the pass++ will increment 
-			 * it to CIL_PASS_CALL2
-			 */
-			cil_log(CIL_INFO, "Resetting declarations\n");
-
-			if (pass >= CIL_PASS_MISC1) {
-				__cil_ordered_lists_reset(&extra_args.sidorder_lists);
-				__cil_ordered_lists_reset(&extra_args.classorder_lists);
-				__cil_ordered_lists_reset(&extra_args.unordered_classorder_lists);
-				__cil_ordered_lists_reset(&extra_args.catorder_lists);
-				__cil_ordered_lists_reset(&extra_args.sensitivityorder_lists);
-				cil_list_destroy(&db->sidorder, CIL_FALSE);
-				cil_list_destroy(&db->classorder, CIL_FALSE);
-				cil_list_destroy(&db->catorder, CIL_FALSE);
-				cil_list_destroy(&db->sensitivityorder, CIL_FALSE);
-			}
+			if (pass > CIL_PASS_CALL1) {
+				/* Need to re-resolve because an optional was disabled that contained
+				 * one or more declarations. We only need to reset to the call1 pass
+				 * because things done in the preceding passes aren't allowed in
+				 * optionals, and thus can't be disabled.
+				 * Note: set pass to CIL_PASS_CALL1 because the pass++ will increment
+				 * it to CIL_PASS_CALL2
+				 */
+				cil_log(CIL_INFO, "Resetting declarations\n");
+
+				if (pass >= CIL_PASS_MISC1) {
+					__cil_ordered_lists_reset(&extra_args.sidorder_lists);
+					__cil_ordered_lists_reset(&extra_args.classorder_lists);
+					__cil_ordered_lists_reset(&extra_args.unordered_classorder_lists);
+					__cil_ordered_lists_reset(&extra_args.catorder_lists);
+					__cil_ordered_lists_reset(&extra_args.sensitivityorder_lists);
+					cil_list_destroy(&db->sidorder, CIL_FALSE);
+					cil_list_destroy(&db->classorder, CIL_FALSE);
+					cil_list_destroy(&db->catorder, CIL_FALSE);
+					cil_list_destroy(&db->sensitivityorder, CIL_FALSE);
+				}
 
-			pass = CIL_PASS_CALL1;
+				pass = CIL_PASS_CALL1;
 
-			rc = cil_reset_ast(current);
-			if (rc != SEPOL_OK) {
-				cil_log(CIL_ERR, "Failed to reset declarations\n");
-				goto exit;
+				rc = cil_reset_ast(current);
+				if (rc != SEPOL_OK) {
+					cil_log(CIL_ERR, "Failed to reset declarations\n");
+					goto exit;
+				}
 			}
 			cil_list_for_each(item, extra_args.disabled_optionals) {
 				cil_tree_children_destroy(item->data);

From patchwork Thu May 13 18:52:50 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256305
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.7 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_NONE,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 9FCAEC433ED
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:27 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 72854610F8
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:27 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231867AbhEMSzg (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:55:36 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46108 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231844AbhEMSzg (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:55:36 -0400
Received: from mail-qt1-x82e.google.com (mail-qt1-x82e.google.com
 [IPv6:2607:f8b0:4864:20::82e])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id A758EC061574
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:26 -0700 (PDT)
Received: by mail-qt1-x82e.google.com with SMTP id y12so20508562qtx.11
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:26 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=1l8q26/dWl4LYOjBwzHjpDidOuMWD5Rj5ss0EqDUgvw=;
        b=EF7JW4uzaBuH5j4ADjapfh4UHhapnKXIl2WNKsuqyIVb12qDTqZCHBqaybYsPGqDUA
         BdMQl1IM+EanztjUrpimvEZKOH8WJEKANg3NdBTst5Gp2O+CL8iiFHlTJlrq17FQwrtd
         p+/WZdh86YPXlGxpOrR+TLnClN8n6vW5Sofh0f3oCELecrlj5q7g+T8bd/ayJVGc9Z/E
         PRIoIaPqS51AXsLfa6xetsOjnaUqyznpQQnk1JJi53nonAC2ZfD0yNYRtxyUkZL3jJdE
         5F3qFUZ/EquNhj46ExGI0VMxgWccLtciJR/1Br9TdQUgMi3yep5M5n/WaYpjktZ7fHAa
         aZiA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=1l8q26/dWl4LYOjBwzHjpDidOuMWD5Rj5ss0EqDUgvw=;
        b=SRzGKISFPHby/Uf049cJQkD5GzRE8E6gsdxh9s9UA2VnERPBiLTlEfdFpNyab4//h3
         NlgD77jAMi1tzBPwnkfLGgKn8gKMq28rFS17P3XKI0cp04W5uPofye3VoJtaLPbufKed
         2qBU/tYPfLMivBtRUTSHKfPD4CCCzwlENOkLyTp4XyalWAT8Mlg9HGaDfgqopkbnFu2k
         3tP4IAlovlXtA72mMcF6W47hCswrocPQCYhG1avd5StBPQCnBenKs6DGMK/TkU0QxVzr
         fK3n5Xj4hVWN6F3QSwQx1KiC+GGZT+5WGSwjeoHXhU1AwcAtEdWqHcwMjJT/HyDzlsG3
         RPsQ==
X-Gm-Message-State: AOAM533L/gcnglw6/zuLQUknHcK16008TyPtrEWizDR6D5YhbXn3uWzo
        zfnlpHWJ+by8ut/58FW3VwLkXZB5Na0Q3Q==
X-Google-Smtp-Source: 
 ABdhPJyW4DNAK6zOnHaSmCQG4OIgYVq5aqOTXB2q2RQHXjXU7aEtDqresgTvfcZvJEooMQw3W+XFAg==
X-Received: by 2002:ac8:4e21:: with SMTP id d1mr38883290qtw.290.1620932065859;
        Thu, 13 May 2021 11:54:25 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.53.58
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:54:04 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 2/6] libsepol/cil: Destroy the permission nodes when exiting
 with an error
Date: Thu, 13 May 2021 14:52:50 -0400
Message-Id: <20210513185254.559588-3-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

When exiting with an error because a class or common has too many
permissions, destroy the permission nodes.

This bug was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_build_ast.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c
index 87043a8f..71f14e20 100644
--- a/libsepol/cil/src/cil_build_ast.c
+++ b/libsepol/cil/src/cil_build_ast.c
@@ -444,6 +444,7 @@ int cil_gen_class(struct cil_db *db, struct cil_tree_node *parse_current, struct
 		}
 		if (class->num_perms > CIL_PERMS_PER_CLASS) {
 			cil_tree_log(parse_current, CIL_ERR, "Too many permissions in class '%s'", class->datum.name);
+			cil_tree_children_destroy(ast_node);
 			rc = SEPOL_ERR;
 			goto exit;
 		}
@@ -1019,6 +1020,7 @@ int cil_gen_common(struct cil_db *db, struct cil_tree_node *parse_current, struc
 	}
 	if (common->num_perms > CIL_PERMS_PER_CLASS) {
 		cil_tree_log(parse_current, CIL_ERR, "Too many permissions in common '%s'", common->datum.name);
+		cil_tree_children_destroy(ast_node);
 		rc = SEPOL_ERR;
 		goto exit;
 	}

From patchwork Thu May 13 18:52:51 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256307
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5080DC433ED
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:51 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 2AF8F61264
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:51 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S230366AbhEMS4A (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:56:00 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46190 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231844AbhEMS4A (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:56:00 -0400
Received: from mail-qk1-x72f.google.com (mail-qk1-x72f.google.com
 [IPv6:2607:f8b0:4864:20::72f])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id E3158C061574
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:48 -0700 (PDT)
Received: by mail-qk1-x72f.google.com with SMTP id 197so26496043qkl.12
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:48 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=/AtZBLYQtLpPGpWQH3Z8AgEUKpRBgf0BUcASH6jRzKw=;
        b=dZfnHXsWwDQ/0ffAO551KIh82xPZ5A0hqMb6ciE2eThcO548Xi2VytWOZG2FQujoYD
         /UusHIHX3GdOP79wv0WPPRHL2hQgU+7LZOIm098/dByqnr8vcjwKCCr/SO5vwRd5dLb2
         STdbHKTg3TNaq4KLuz7KHDitbwOnExemIBcTM4fyHiTaSKGtAEFamVoeQuVLEP+K2O0d
         rL1lJSlghrCcG8GRO3JHsz6ORjWUZmwPt5iAHFRRfV8sm1/+AApUYQhTcYtH79MTvF3Q
         ChTEvZy2cxK79xz7NuEQQmfx2wcWuTi/aCbsju8EmTsbqqrWXSDv3/avowJsWuojTimk
         mb1w==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=/AtZBLYQtLpPGpWQH3Z8AgEUKpRBgf0BUcASH6jRzKw=;
        b=mu6VL1SxdrNAyirLXfh7yV+PeT5f72mSt0p3UcruRFS1Qk+Jp+REtuiZh4WZVPbnPS
         90pRlejZFkXqpa2aSlB8JB6phkSYFZHCm+5nrgZ8bQNSptHte9cFzMMzYz8O3+KCKT83
         GBS3GV7fnBuo05K1kaggIc0xnWkTGaXD9iJK808W2+dhMWClgIFxYu0tdxyp8n+l9OBy
         +Y4aZd1+P4eIIU/UHisYiUuf7iusZim6N/7aMavX2ohJfttpluuymBSXuRdkBaMhZkAc
         EOX+sBEe4xg9RGM3737aAijNKQ53cs+F3uDx5RKlgEyKRSwSXkaeDQ03vPgTv9ECkSIm
         4k9Q==
X-Gm-Message-State: AOAM5306jnb1yw837rQgEZa7PoFs0TqJqoI0haQrWpBLL0luDNNJda6W
        hpucYqa3gksEkGfMQGTGj1PSWrbs4YoTNw==
X-Google-Smtp-Source: 
 ABdhPJw1aa+gIeYDASlND9c2rtOtrAvGGR3xKwQs/FuFSiX0ysowJ5HooluwOasOlUVBHeOq/coqVQ==
X-Received: by 2002:a37:658a:: with SMTP id
 z132mr28928031qkb.86.1620932087836;
        Thu, 13 May 2021 11:54:47 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.54.25
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:54:38 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 3/6] libsepol/cil: Limit the number of open parenthesis
 allowed
Date: Thu, 13 May 2021 14:52:51 -0400
Message-Id: <20210513185254.559588-4-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

When parsing a CIL policy, the number of open parenthesis is tracked
to verify that each has a matching close parenthesis. If there are
too many open parenthesis, a stack overflow could occur during later
processing.

Exit with an error if the number of open parenthesis exceeds 4096
(which should be enough for any policy.)

This bug was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_parser.c | 7 ++++++-
 1 file changed, 6 insertions(+), 1 deletion(-)

diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c
index a9306218..fb95f401 100644
--- a/libsepol/cil/src/cil_parser.c
+++ b/libsepol/cil/src/cil_parser.c
@@ -42,6 +42,8 @@
 #include "cil_strpool.h"
 #include "cil_stack.h"
 
+#define CIL_PARSER_MAX_EXPR_DEPTH (0x1 << 12)
+
 char *CIL_KEY_HLL_LMS;
 char *CIL_KEY_HLL_LMX;
 char *CIL_KEY_HLL_LME;
@@ -245,7 +247,10 @@ int cil_parser(const char *_path, char *buffer, uint32_t size, struct cil_tree *
 			break;
 		case OPAREN:
 			paren_count++;
-
+			if (paren_count > CIL_PARSER_MAX_EXPR_DEPTH) {
+				cil_log(CIL_ERR, "Number of open parenthesis exceeds limit of %d at line %d of %s\n", CIL_PARSER_MAX_EXPR_DEPTH, tok.line, path);
+				goto exit;
+			}
 			create_node(&node, current, tok.line, hll_lineno, NULL);
 			insert_node(node, current);
 			current = node;

From patchwork Thu May 13 18:52:52 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256309
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 36F2DC433B4
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:51 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 0B4A7610F8
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:51 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231856AbhEMS4A (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:56:00 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46198 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S230366AbhEMSz7 (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:55:59 -0400
Received: from mail-qk1-x731.google.com (mail-qk1-x731.google.com
 [IPv6:2607:f8b0:4864:20::731])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BED9AC06174A
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:49 -0700 (PDT)
Received: by mail-qk1-x731.google.com with SMTP id i67so26518536qkc.4
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:49 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=rqmsuvoI/H5T5WiC2gfKicvCrFKxV98JgJrMCP9Fxlk=;
        b=vQQFIhHHOltGb5o6Awl8DAxwOBxXeOauYAc7ILV0lg1h/zHrC5K0gR+6KcvVXZOAlc
         m9VTmy59ghcQrqYwsnCMFuIdRw03QrVKJyknq+IOgTuibEZFXK2srtE85jYIP+Q/0xJX
         PGPKmWI8IM/zSQ4U9qgt2ZkH5XJ12GTIS29YomgOBxwbskVxyaw5dTVAs1GKHwUMNgWt
         JhEH9tJxSbJT74kGhDhU2SebJ5w732hYW7rAis38lIjEVOYufQ2VZrKVlfmYU3IwPPc5
         O0NpexXKxiIPo7UfvxN4CA8MwedZAXAf3pTITrwyuI8tLxO5Gk/PZeGYt3As6h1RChhE
         XIlA==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=rqmsuvoI/H5T5WiC2gfKicvCrFKxV98JgJrMCP9Fxlk=;
        b=HGNahp1fi03ljKfqSQgafJnPe4O7qy4gVkvN+wcgMGIvCz/huWjzN2ELFiOx3X4FTo
         XPhsXaqL17811ksZWK5nE2V8kJvGwubhRexkIvfX+6e2mGFmM9kQOtdUXSyWkpclHO0+
         O/ffi1m06C30NM+/QJFqa02iw+TcbM9sGr7g8UjZXcdkvPwUZSXGwfzedbNjYG1ZkATc
         Ef72TAY4U4eMoHBWK+afRBaeqtM8HUcP8bTexCcHvm3dZ49Tuf+cCX+12ESTiAc0TC9K
         G09ib9JYJH8NZnzZK+EI+8Jance1dSdvUssKJ5EwvXVllRD1NbUdR/lVm+sXUUpK/9wF
         bKMg==
X-Gm-Message-State: AOAM532Dt8FBqDQtTl8IcvDCTnu19zzs9xRwMl8AmeiUFbxCWJRtthBw
        bD1Ddnt7Py6UA+KVI8qYmBScHT+zVYRS6g==
X-Google-Smtp-Source: 
 ABdhPJyiSjzi26vvz1thsS5gJjuj/1MnlKwsyjvU264sf8A+sj9wow08hB621Loc0kXDLEGs22EauA==
X-Received: by 2002:ae9:ed54:: with SMTP id
 c81mr39755631qkg.251.1620932088804;
        Thu, 13 May 2021 11:54:48 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.54.47
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:54:48 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 4/6] libsepol/cil: Resolve anonymous class permission sets
 only once
Date: Thu, 13 May 2021 14:52:52 -0400
Message-Id: <20210513185254.559588-5-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

Anonymous class permission sets can be passed as call arguments.
Anonymous call arguments are resolved when they are used in a
rule. [This is because all the information might not be present
(like common permissions being added to a class) when the call
itself is resolved.] If there is more than one rule using an
anonymous class permission set, then a memory leak will occur
when a new list for the permission datum expression is created
without destroying the old one.

When resolving the class and permissions, check if the class has
already been resolved. If it has, then the permissions have been
as well.

This bug was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_resolve_ast.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
index 242aea4a..865297fb 100644
--- a/libsepol/cil/src/cil_resolve_ast.c
+++ b/libsepol/cil/src/cil_resolve_ast.c
@@ -158,6 +158,10 @@ int cil_resolve_classperms(struct cil_tree_node *current, struct cil_classperms
 	symtab_t *common_symtab = NULL;
 	struct cil_class *class;
 
+	if (cp->class) {
+		return SEPOL_OK;
+	}
+
 	rc = cil_resolve_name(current, cp->class_str, CIL_SYM_CLASSES, extra_args, &datum);
 	if (rc != SEPOL_OK) {
 		goto exit;

From patchwork Thu May 13 18:52:53 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256313
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-13.0 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,UNWANTED_LANGUAGE_BODY,
	USER_AGENT_GIT autolearn=ham autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id AF71BC43462
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:52 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 8E75261264
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:52 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231896AbhEMS4C (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:56:02 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46200 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231844AbhEMS4B (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:56:01 -0400
Received: from mail-qk1-x72c.google.com (mail-qk1-x72c.google.com
 [IPv6:2607:f8b0:4864:20::72c])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id BEBA9C061574
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:50 -0700 (PDT)
Received: by mail-qk1-x72c.google.com with SMTP id 76so26503442qkn.13
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:50 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=9QDqmv8L4sOqxVSxNiacjWf4sGNN9j1gTzfLGs/MOao=;
        b=Vj5m12cxhwcr5uJWuK4jNwGhMSo0odXEM3KBcuZ53MrKsSqh0h3E51MwWMQsd/rPiC
         zIvxQLId+LNJTnJSuYzVSCcqnjjdHB3pMDoJc1f3mQ9W+RVeZsB+fpWCRJysgndQK3gI
         JNJq4DONjIzTbNgiIBFQLmpyk3nmmgY7kSrxFopOlkCQr751nNQTbnk7Ms/10SxbFe3Z
         Sx51y22SEbhvtGSl0XV4L5wP98OX6S+UsaVURLxUISnegwM6N/JO9K+leXRq/npAVRAI
         8DcmYVCO2XQuX9gbTiaZu7L0STam4GytsvQOsOqhI3pyQHU3s/zXWN0XgV9M5rBpaQfm
         WFZQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=9QDqmv8L4sOqxVSxNiacjWf4sGNN9j1gTzfLGs/MOao=;
        b=FoEilpnqOSXPo1yzPOAgnERs/tsrx2nVsXU+MYv+af2jwvCgR4XvsY4a1rSbjU1BSs
         jTCyNRtXZB26DaULtuGLJDWWHP4OxGJ+jzHevj2/yBekICOkDDlFrpds/0fIw5UyVve+
         rPIy7GgEpnulRmePnZMZtiSfRVWS2ik4PXoXSxa6qa1fXUuGDPdvRN1FNRwcNrr6VN8y
         gVEbs0GKWJhvBI4OqIiljuTf77kt34xGFgiEkqH1Gylq8IYCQb7f/inq5YZunyiZz/79
         xBAKyQq4F8dDvtmxYdyd+7AmHQ58v0SyPLsiYi0D7ZlEAuYj/El6lIpMw01xkMNyMDXL
         8OWg==
X-Gm-Message-State: AOAM533LErMn/NY/tdUsqYcfRfQ+Cl4skhz5e5XLdF1m8/hF4butwAK/
        HenS+gPAo4788cYluNjRlGKuyLuaTCezOg==
X-Google-Smtp-Source: 
 ABdhPJzznRCDKPU+OJB/6Big+ZbLI5xyHzFRIVXBqSuhzZvXSdyB6BYeZZLoQVtdw+LKmVgWG4lIjA==
X-Received: by 2002:a05:620a:2a0f:: with SMTP id
 o15mr18633199qkp.295.1620932089687;
        Thu, 13 May 2021 11:54:49 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.54.48
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:54:49 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 5/6] libsepol/cil: Pointers to datums should be set to NULL
 when resetting
Date: Thu, 13 May 2021 14:52:53 -0400
Message-Id: <20210513185254.559588-6-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

Set the pointer to the sensitivity in levels, the pointers to the low
and high levels in levelranges, the pointer to the level in userlevels,
the pointer to the range in userranges, and the pointers to contexts
in ocontexts to NULL.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_reset_ast.c | 56 ++++++++++++++++++++++++++++++--
 1 file changed, 53 insertions(+), 3 deletions(-)

diff --git a/libsepol/cil/src/cil_reset_ast.c b/libsepol/cil/src/cil_reset_ast.c
index d24d4f81..6d1d2da7 100644
--- a/libsepol/cil/src/cil_reset_ast.c
+++ b/libsepol/cil/src/cil_reset_ast.c
@@ -140,8 +140,11 @@ static void cil_reset_userattributeset(struct cil_userattributeset *uas)
 
 static void cil_reset_selinuxuser(struct cil_selinuxuser *selinuxuser)
 {
+	selinuxuser->user = NULL;
 	if (selinuxuser->range_str == NULL) {
 		cil_reset_levelrange(selinuxuser->range);
+	} else {
+		selinuxuser->range = NULL;
 	}
 }
 
@@ -214,6 +217,8 @@ static void cil_reset_rangetransition(struct cil_rangetransition *rangetrans)
 {
 	if (rangetrans->range_str == NULL) {
 		cil_reset_levelrange(rangetrans->range);
+	} else {
+		rangetrans->range = NULL;
 	}
 }
 
@@ -251,6 +256,7 @@ static void cil_reset_catset(struct cil_catset *catset)
 
 static inline void cil_reset_level(struct cil_level *level)
 {
+	level->sens = NULL;
 	cil_reset_cats(level->cats);
 }
 
@@ -258,10 +264,14 @@ static inline void cil_reset_levelrange(struct cil_levelrange *levelrange)
 {
 	if (levelrange->low_str == NULL) {
 		cil_reset_level(levelrange->low);
+	} else {
+		levelrange->low = NULL;
 	}
 
 	if (levelrange->high_str == NULL) {
 		cil_reset_level(levelrange->high);
+	} else {
+		levelrange->high = NULL;
 	}
 }
 
@@ -269,6 +279,8 @@ static inline void cil_reset_userlevel(struct cil_userlevel *userlevel)
 {
 	if (userlevel->level_str == NULL) {
 		cil_reset_level(userlevel->level);
+	} else {
+		userlevel->level = NULL;
 	}
 }
 
@@ -276,13 +288,20 @@ static inline void cil_reset_userrange(struct cil_userrange *userrange)
 {
 	if (userrange->range_str == NULL) {
 		cil_reset_levelrange(userrange->range);
+	} else {
+		userrange->range = NULL;
 	}
 }
 
 static inline void cil_reset_context(struct cil_context *context)
 {
+	if (!context) {
+		return;
+	}
 	if (context->range_str == NULL) {
 		cil_reset_levelrange(context->range);
+	} else {
+		context->range = NULL;
 	}
 }
 
@@ -290,26 +309,35 @@ static void cil_reset_sidcontext(struct cil_sidcontext *sidcontext)
 {
 	if (sidcontext->context_str == NULL) {
 		cil_reset_context(sidcontext->context);
+	} else {
+		sidcontext->context = NULL;
 	}
 }
 
 static void cil_reset_filecon(struct cil_filecon *filecon)
 {
-	if (filecon->context_str == NULL && filecon->context != NULL) {
+	if (filecon->context_str == NULL) {
 		cil_reset_context(filecon->context);
+	} else {
+		filecon->context = NULL;
 	}
 }
 
 static void cil_reset_ibpkeycon(struct cil_ibpkeycon *ibpkeycon)
 {
-	if (!ibpkeycon->context_str)
+	if (ibpkeycon->context_str == NULL) {
 		cil_reset_context(ibpkeycon->context);
+	} else {
+		ibpkeycon->context = NULL;
+	}
 }
 
 static void cil_reset_portcon(struct cil_portcon *portcon)
 {
 	if (portcon->context_str == NULL) {
 		cil_reset_context(portcon->context);
+	} else {
+		portcon->context = NULL;
 	}
 }
 
@@ -317,6 +345,8 @@ static void cil_reset_nodecon(struct cil_nodecon *nodecon)
 {
 	if (nodecon->context_str == NULL) {
 		cil_reset_context(nodecon->context);
+	} else {
+		nodecon->context = NULL;
 	}
 }
 
@@ -324,6 +354,8 @@ static void cil_reset_genfscon(struct cil_genfscon *genfscon)
 {
 	if (genfscon->context_str == NULL) {
 		cil_reset_context(genfscon->context);
+	} else {
+		genfscon->context = NULL;
 	}
 }
 
@@ -331,17 +363,23 @@ static void cil_reset_netifcon(struct cil_netifcon *netifcon)
 {
 	if (netifcon->if_context_str == NULL) {
 		cil_reset_context(netifcon->if_context);
+	} else {
+		netifcon->if_context = NULL;
 	}
 
 	if (netifcon->packet_context_str == NULL) {
 		cil_reset_context(netifcon->packet_context);
+	} else {
+		netifcon->packet_context = NULL;
 	}
 }
 
 static void cil_reset_ibendportcon(struct cil_ibendportcon *ibendportcon)
 {
-	if (!ibendportcon->context_str) {
+	if (ibendportcon->context_str == NULL) {
 		cil_reset_context(ibendportcon->context);
+	} else {
+		ibendportcon->context = NULL;
 	}
 }
 
@@ -349,6 +387,8 @@ static void cil_reset_pirqcon(struct cil_pirqcon *pirqcon)
 {
 	if (pirqcon->context_str == NULL) {
 		cil_reset_context(pirqcon->context);
+	} else {
+		pirqcon->context = NULL;
 	}
 }
 
@@ -356,6 +396,8 @@ static void cil_reset_iomemcon(struct cil_iomemcon *iomemcon)
 {
 	if (iomemcon->context_str == NULL) {
 		cil_reset_context(iomemcon->context);
+	} else {
+		iomemcon->context = NULL;
 	}
 }
 
@@ -363,6 +405,8 @@ static void cil_reset_ioportcon(struct cil_ioportcon *ioportcon)
 {
 	if (ioportcon->context_str == NULL) {
 		cil_reset_context(ioportcon->context);
+	} else {
+		ioportcon->context = NULL;
 	}
 }
 
@@ -370,6 +414,8 @@ static void cil_reset_pcidevicecon(struct cil_pcidevicecon *pcidevicecon)
 {
 	if (pcidevicecon->context_str == NULL) {
 		cil_reset_context(pcidevicecon->context);
+	} else {
+		pcidevicecon->context = NULL;
 	}
 }
 
@@ -377,6 +423,8 @@ static void cil_reset_devicetreecon(struct cil_devicetreecon *devicetreecon)
 {
 	if (devicetreecon->context_str == NULL) {
 		cil_reset_context(devicetreecon->context);
+	} else {
+		devicetreecon->context = NULL;
 	}
 }
 
@@ -384,6 +432,8 @@ static void cil_reset_fsuse(struct cil_fsuse *fsuse)
 {
 	if (fsuse->context_str == NULL) {
 		cil_reset_context(fsuse->context);
+	} else {
+		fsuse->context = NULL;
 	}
 }
 

From patchwork Thu May 13 18:52:54 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: James Carter <jwcart2@gmail.com>
X-Patchwork-Id: 12256311
Return-Path: <selinux-owner@kernel.org>
X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on
	aws-us-west-2-korg-lkml-1.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-15.8 required=3.0 tests=BAYES_00,DKIM_SIGNED,
	DKIM_VALID,DKIM_VALID_AU,FREEMAIL_FORGED_FROMDOMAIN,FREEMAIL_FROM,
	HEADER_FROM_DIFFERENT_DOMAINS,INCLUDES_CR_TRAILER,INCLUDES_PATCH,
	MAILING_LIST_MULTI,SPF_HELO_NONE,SPF_PASS,USER_AGENT_GIT autolearn=ham
	autolearn_force=no version=3.4.0
Received: from mail.kernel.org (mail.kernel.org [198.145.29.99])
	by smtp.lore.kernel.org (Postfix) with ESMTP id 5704EC43460
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:52 +0000 (UTC)
Received: from vger.kernel.org (vger.kernel.org [23.128.96.18])
	by mail.kernel.org (Postfix) with ESMTP id 33FD661264
	for <selinux@archiver.kernel.org>; Thu, 13 May 2021 18:54:52 +0000 (UTC)
Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand
        id S231883AbhEMS4B (ORCPT <rfc822;selinux@archiver.kernel.org>);
        Thu, 13 May 2021 14:56:01 -0400
Received: from lindbergh.monkeyblade.net ([23.128.96.19]:46212 "EHLO
        lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org
        with ESMTP id S231844AbhEMS4B (ORCPT
        <rfc822;selinux@vger.kernel.org>); Thu, 13 May 2021 14:56:01 -0400
Received: from mail-qk1-x730.google.com (mail-qk1-x730.google.com
 [IPv6:2607:f8b0:4864:20::730])
        by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 6B924C06174A
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:51 -0700 (PDT)
Received: by mail-qk1-x730.google.com with SMTP id l129so26522106qke.8
        for <selinux@vger.kernel.org>; Thu, 13 May 2021 11:54:51 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=gmail.com; s=20161025;
        h=from:to:cc:subject:date:message-id:in-reply-to:references
         :mime-version:content-transfer-encoding;
        bh=qbDoe6xas0UFhwO4qpY/2lEzLmZw7R8VmcG0YIrhVxY=;
        b=RBafFan4zok9R6mZzTE9jjQ4/6aYx4lAi7ZAi2BNqGb2qISwhOO7NMmQ7+RqOtgH6c
         le6y7boffsTwa0hMZi7aB4CT6y5NH5InhWFoE1Rt+RtfYtbg4mPQBjcAwBz5NruMho3W
         3+tNgn0mQxWcqqh9zSn3J/OzLstZj2ReFeowUS6mEbwPunpPeDINNe7C0vT7fEovp+zp
         4q1kmeqFUoLU5LX4Oh17m1xx/ekUOa8sIkbNAibAtq5tIVq3FXaLev5A8JLdDWV8SFgI
         B0hZu4GKtV0rSd1HNIykdhale8A9n+Ze6wK7fFan48/t4SvjLfsUdkYjqELD0uzFibKW
         2AHQ==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
        d=1e100.net; s=20161025;
        h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to
         :references:mime-version:content-transfer-encoding;
        bh=qbDoe6xas0UFhwO4qpY/2lEzLmZw7R8VmcG0YIrhVxY=;
        b=JrLXJ8p5hoD7AZe9UePcRbcbGm/sbyv/zUG3/6lWxrr/3ySSgMrmLz6oDcWPZsbC2r
         vfn9BRm85InXkj7oCQenzfavGgWYd28QPJS2HOJTroQbNkBse16peRgKJcV7p78dbUZ2
         TMcwlRj7C6KQz2QfrPPC16M8kd8PQSAo/JlGrLEQvrfqH/czglvFXp2kURgZUAtRym/f
         w9y21SzGwkRKhp628ihEGugn357fUTTPuTKR3VOp6VUS8TjbbzpSrrVelOCbCK/KmC1+
         fMCNlKPnMOEPvXNtS8Qdpe+Tfqe8QrP3im2db3cZTZbVWBOB97xYKVVLlKGSNljAsEUB
         Msdg==
X-Gm-Message-State: AOAM531umBbdfLHcNnMW+9dmSnpoG5v+ZF+7uzhKabzcW6vELZeBj0AR
        Ji/zhwWXTtxaDos11h2WSyXUYhiKOASTqQ==
X-Google-Smtp-Source: 
 ABdhPJyBTioP4wqdgdXuXJ9yhMVZEKPE3kC9Sv6nFTsxm+8Zzi11K3N6qKZ3/wI3Up+K15D4dlF0GA==
X-Received: by 2002:a05:620a:1675:: with SMTP id
 d21mr21536314qko.390.1620932090465;
        Thu, 13 May 2021 11:54:50 -0700 (PDT)
Received: from localhost.localdomain (c-73-200-157-122.hsd1.md.comcast.net.
 [73.200.157.122])
        by smtp.gmail.com with ESMTPSA id
 h188sm1713767qkf.133.2021.05.13.11.54.49
        (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256);
        Thu, 13 May 2021 11:54:50 -0700 (PDT)
From: James Carter <jwcart2@gmail.com>
To: selinux@vger.kernel.org
Cc: nicolas.iooss@m4x.org, James Carter <jwcart2@gmail.com>
Subject: [PATCH 6/6] libsepol/cil: Resolve anonymous levels only once
Date: Thu, 13 May 2021 14:52:54 -0400
Message-Id: <20210513185254.559588-7-jwcart2@gmail.com>
X-Mailer: git-send-email 2.26.3
In-Reply-To: <20210513185254.559588-1-jwcart2@gmail.com>
References: <20210513185254.559588-1-jwcart2@gmail.com>
MIME-Version: 1.0
Precedence: bulk
List-ID: <selinux.vger.kernel.org>
X-Mailing-List: selinux@vger.kernel.org

Anonymous levels can be passed as call arguments and they can
appear in anonymous levelranges as well.

Anonymous call arguments are resolved when they are used in a rule.
If more than one rule uses the anonymous level, then a memory leak
will occur when a new list for the category datum expression is
created without destroying the old one.

When resolving a level, check if the sensitivity datum has already
been resolved. If it has, then the categories have been as well.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_resolve_ast.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
index 865297fb..9c95f2a0 100644
--- a/libsepol/cil/src/cil_resolve_ast.c
+++ b/libsepol/cil/src/cil_resolve_ast.c
@@ -1700,6 +1700,10 @@ int cil_resolve_level(struct cil_tree_node *current, struct cil_level *level, vo
 	struct cil_symtab_datum *sens_datum = NULL;
 	int rc = SEPOL_ERR;
 
+	if (level->sens) {
+		return SEPOL_OK;
+	}
+
 	rc = cil_resolve_name(current, (char*)level->sens_str, CIL_SYM_SENS, extra_args, &sens_datum);
 	if (rc != SEPOL_OK) {
 		cil_log(CIL_ERR, "Failed to find sensitivity\n");