From patchwork Fri Jul 14 18:44:11 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13314167 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id BFDE6EB64DC for ; Fri, 14 Jul 2023 18:44:26 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236503AbjGNSoZ (ORCPT ); Fri, 14 Jul 2023 14:44:25 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51454 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S235463AbjGNSoY (ORCPT ); Fri, 14 Jul 2023 14:44:24 -0400 Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com [IPv6:2a00:1450:4864:20::633]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 5C0B32D6B for ; Fri, 14 Jul 2023 11:44:23 -0700 (PDT) Received: by mail-ej1-x633.google.com with SMTP id a640c23a62f3a-9926623e367so299289566b.0 for ; Fri, 14 Jul 2023 11:44:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:from:to:cc:subject:date:message-id:reply-to; bh=2GNxra1aV40ir7qGnj4nvL+9oXUzgUjUbIrEK/WMMok=; b=Jl01EBCyp37iQdHlLPsZ8pZA1cksQa7Jn0vCOOkChBeh67kkZZ2Zyh4Xvkl+iBaclB F7811LUNOeTf6HpPxzf6J96Kl2CbnrC/QcQnFGp+5eDa2YrDKjE9L92Ks7DHLSHCDMGX NnmJ9RWP4ashomlVy+EI8OSHs9246bpzCIN4lUchgbEw/ZEtovHkYDSbSGYhfnZ8aQ2I jWYZoU1ScV7WvjYVzliqyEijPadTEDaXIBVKxp/HTKXjd/UK7ohe9UNyL0UJo1XIP82W KU81PYZbWsetuf3ecqtyg2X3v/oQyiBDjNiF3CUXU0rjJGUZrrFNyx9RU9GEY65sEHby P/cQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:message-id:date:subject:to :from:x-gm-message-state:from:to:cc:subject:date:message-id:reply-to; bh=2GNxra1aV40ir7qGnj4nvL+9oXUzgUjUbIrEK/WMMok=; b=gACCMPn3vnWRx5Rt7AruIZkwue27TYdXE3VgL75juUPBD+9LTKOPMRciw4glI/pr8m 3qaGT2vD1g/KZhi5UjczTdd7K3SbQwYLyGqjD3uje17lV3AdxoLNER/FwZ3wuEpXb9Gk xVAcovjob2JQ65s0xo0RmTP2fKFgyiOt1r9RMlYc5qpQnH8SLP9SQ6f+zoa8p4thHoFZ pcSEAD+M5Akm+AWfV/pXM7hWcTme0v/8z5r26OfWYaQsfie6U9EtNc3HfvFKGBt18vRz GdlRXoCV9M+aaV5f9q5sYt0f9mABlD0LwMS9VcwuEHCcMHnypRT7Df43wCL/kkv+Ko/o L5/w== X-Gm-Message-State: ABy/qLatBAT3YxkBANJJmm/JIHDHCnWmjsQRqLa8Y8y0AYOy1qhnxriO aDKMntzD0eLgIc4mOjLUaw05IpCe4AxDuw== X-Google-Smtp-Source: APBJJlHI+P2FZnF25HK4oacUi9M+UVOviGPVD7g5bVBRobBbZ37I1ChAz8Almw0y+nslyxUbYLtwyw== X-Received: by 2002:a17:906:207:b0:988:aeb7:2a37 with SMTP id 7-20020a170906020700b00988aeb72a37mr4350990ejd.33.1689360261630; Fri, 14 Jul 2023 11:44:21 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-078-050-124-229.78.50.pool.telefonica.de. [78.50.124.229]) by smtp.gmail.com with ESMTPSA id s7-20020a1709064d8700b00993004239a4sm5692167eju.215.2023.07.14.11.44.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jul 2023 11:44:21 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 1/4] libsepol: validate: use fixed sized integers Date: Fri, 14 Jul 2023 20:44:11 +0200 Message-Id: <20230714184414.40724-1-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Avoid issues on architectures where unsigned int and uint32_t are not of the same size. Signed-off-by: Christian Göttsche Acked-by: James Carter --- libsepol/src/policydb_validate.c | 12 ++++++------ 1 file changed, 6 insertions(+), 6 deletions(-) diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c index 08b4a477..7db4ad35 100644 --- a/libsepol/src/policydb_validate.c +++ b/libsepol/src/policydb_validate.c @@ -23,7 +23,7 @@ typedef struct map_arg { static int create_gap_ebitmap(char **val_to_name, uint32_t nprim, ebitmap_t *gaps) { - unsigned int i; + uint32_t i; ebitmap_init(gaps); @@ -180,7 +180,7 @@ static int validate_scope(__attribute__ ((unused)) hashtab_key_t k, hashtab_datu { const scope_datum_t *scope_datum = (scope_datum_t *)d; const uint32_t *nprim = (uint32_t *)args; - unsigned int i; + uint32_t i; switch (scope_datum->scope) { case SCOPE_REQ: @@ -205,7 +205,7 @@ static int validate_scopes(sepol_handle_t *handle, const symtab_t scopes[], cons { const avrule_decl_t *decl; unsigned int i; - unsigned int num_decls = 0; + uint32_t num_decls = 0; for (; block != NULL; block = block->next) { for (decl = block->branch_list; decl; decl = decl->next) { @@ -685,7 +685,7 @@ static int validate_bool_datum_wrapper(__attribute__((unused)) hashtab_key_t k, static int validate_datum_array_gaps(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { - unsigned int i; + uint32_t i; for (i = 0; i < p->p_classes.nprim; i++) { if (bool_xnor(p->class_val_to_struct[i], ebitmap_get_bit(&flavors[SYM_CLASSES].gaps, i))) @@ -1377,7 +1377,7 @@ bad: static int validate_permissives(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { ebitmap_node_t *node; - unsigned i; + uint32_t i; ebitmap_for_each_positive_bit(&p->permissive_map, node, i) { if (validate_simpletype(i, p, flavors)) @@ -1429,7 +1429,7 @@ static int validate_range_transitions(sepol_handle_t *handle, const policydb_t * static int validate_typeattr_map(sepol_handle_t *handle, const policydb_t *p, validate_t flavors[]) { const ebitmap_t *maps = p->type_attr_map; - unsigned int i; + uint32_t i; if (p->policy_type == POLICY_KERN) { for (i = 0; i < p->p_types.nprim; i++) { From patchwork Fri Jul 14 18:44:12 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13314169 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 55BD1C001DE for ; Fri, 14 Jul 2023 18:44:28 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236167AbjGNSo1 (ORCPT ); Fri, 14 Jul 2023 14:44:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51476 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236473AbjGNSoZ (ORCPT ); Fri, 14 Jul 2023 14:44:25 -0400 Received: from mail-ed1-x535.google.com (mail-ed1-x535.google.com [IPv6:2a00:1450:4864:20::535]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id CD6942D75 for ; Fri, 14 Jul 2023 11:44:23 -0700 (PDT) Received: by mail-ed1-x535.google.com with SMTP id 4fb4d7f45d1cf-51e28cac164so7198363a12.1 for ; Fri, 14 Jul 2023 11:44:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=9aooVCiHnIacDoOXvzUxoLi7lG615UJA3D4Lrk87dy8=; b=Ozlodnl5xFO+6pIpikmIvOJybPBK2u7RAwuIC/UsMZP0o31h9nHXPEwfG1QNclcov/ P7rgHocbSOLr9BorEKoqhSc3MulkJ6ST3VGlNl4ooUuDE0wZvYhuzKBOUpMUimon1Z3F N6Z7LjCFkf2oeRaS2s+MXloR1wtnXePtF1vGvcYVBZUY7JXE2GU7qNx3RkKuzdnGp2u1 Fzrbu9sDDPTZkmnTYeH2NScMW+qW2nqyEWrbbD8Utrt5X/jz7Mw0Z0XCZRKGaJJyBPRf 0RDfU8Q+JqMd3ypH3tmyhxgrxfs67B2lwhsDLSFWVYo6FUmy2oeOzI94KbIH2rPHBj8A ReyQ== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=9aooVCiHnIacDoOXvzUxoLi7lG615UJA3D4Lrk87dy8=; b=egHpEa+chYBIZUwWgq9Ll+vfAzhaSo8xavE9fa6AvadZBgO0dcqT/M5eyrA+I4znxV pegTRXwObDoHKEyFIoscHRd/Q7Svi38h9eo6sSyj1vnkUki07/ntD9C4yM8eLDKrgqUI fL91VNkrr8mfxPwgh6s++UR2g8SqOdTcpDk8dp2pQiYtFtW743X5O+M6C40qEwLqG4R2 Gfva/8Pg3B1H3EWaK3sjv/ambwk9Q4BAOb1IZ5rXQajlTWJ2i8wzFj/vbnaHY7a7O1iA Z77rndefcU7swKXGmGDV/FsM734R/3zzMNi+kTVVreNqw7yhVDkipH7UBJCuTe+aMYP1 GVWg== X-Gm-Message-State: ABy/qLYVmJQNHuyVbGkzouNtfb4bq1f2H5kHfZPGYcFrmtW5JYBzZQXV rTb3GcjDuV9U/kdbtok75oKKqy5oU/bkxQ== X-Google-Smtp-Source: APBJJlG20jk0usQ0hirH6DeLqCm8XdK3BAfkeuVIeimMmZDzosFAdrNG3fX4C+me/IgXsd67gNr7bA== X-Received: by 2002:a17:907:3c1e:b0:98d:4ae:8db9 with SMTP id gh30-20020a1709073c1e00b0098d04ae8db9mr3731970ejc.19.1689360262076; Fri, 14 Jul 2023 11:44:22 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-078-050-124-229.78.50.pool.telefonica.de. [78.50.124.229]) by smtp.gmail.com with ESMTPSA id s7-20020a1709064d8700b00993004239a4sm5692167eju.215.2023.07.14.11.44.21 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jul 2023 11:44:21 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 2/4] hashtab: update Date: Fri, 14 Jul 2023 20:44:12 +0200 Message-Id: <20230714184414.40724-2-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230714184414.40724-1-cgzones@googlemail.com> References: <20230714184414.40724-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Avoid overflowing number of elements in hashtab_insert(). Use identical type for hashed values to avoid implicit conversions. Declare tag parameter of hashtab_hash_eval() const since it is only printed. Signed-off-by: Christian Göttsche --- Might be related to oss-fuzz issue 60583, but could not reproduce. --- libsepol/include/sepol/policydb/hashtab.h | 2 +- libsepol/src/hashtab.c | 14 +++++++------- 2 files changed, 8 insertions(+), 8 deletions(-) diff --git a/libsepol/include/sepol/policydb/hashtab.h b/libsepol/include/sepol/policydb/hashtab.h index 354ebb43..583ac08e 100644 --- a/libsepol/include/sepol/policydb/hashtab.h +++ b/libsepol/include/sepol/policydb/hashtab.h @@ -108,7 +108,7 @@ extern int hashtab_map(hashtab_t h, hashtab_datum_t d, void *args), void *args); -extern void hashtab_hash_eval(hashtab_t h, char *tag); +extern void hashtab_hash_eval(hashtab_t h, const char *tag); /* Returns number of elements in the hashtab h or 0 is h is NULL */ static inline uint32_t hashtab_nel(hashtab_t h) diff --git a/libsepol/src/hashtab.c b/libsepol/src/hashtab.c index 922a8a4a..6f01d094 100644 --- a/libsepol/src/hashtab.c +++ b/libsepol/src/hashtab.c @@ -103,10 +103,10 @@ static void hashtab_check_resize(hashtab_t h) int hashtab_insert(hashtab_t h, hashtab_key_t key, hashtab_datum_t datum) { - int hvalue; + unsigned int hvalue; hashtab_ptr_t prev, cur, newnode; - if (!h) + if (!h || h->nel == UINT32_MAX) return SEPOL_ENOMEM; hashtab_check_resize(h); @@ -144,7 +144,7 @@ int hashtab_remove(hashtab_t h, hashtab_key_t key, void (*destroy) (hashtab_key_t k, hashtab_datum_t d, void *args), void *args) { - int hvalue; + unsigned int hvalue; hashtab_ptr_t cur, last; if (!h) @@ -176,7 +176,7 @@ int hashtab_remove(hashtab_t h, hashtab_key_t key, hashtab_datum_t hashtab_search(hashtab_t h, const_hashtab_key_t key) { - int hvalue; + unsigned int hvalue; hashtab_ptr_t cur; if (!h) @@ -240,10 +240,10 @@ int hashtab_map(hashtab_t h, return SEPOL_OK; } -void hashtab_hash_eval(hashtab_t h, char *tag) +void hashtab_hash_eval(hashtab_t h, const char *tag) { unsigned int i; - int chain_len, slots_used, max_chain_len; + size_t chain_len, slots_used, max_chain_len; hashtab_ptr_t cur; slots_used = 0; @@ -264,6 +264,6 @@ void hashtab_hash_eval(hashtab_t h, char *tag) } printf - ("%s: %d entries and %d/%d buckets used, longest chain length %d\n", + ("%s: %d entries and %zu/%d buckets used, longest chain length %zu\n", tag, h->nel, slots_used, h->size, max_chain_len); } From patchwork Fri Jul 14 18:44:13 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13314168 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id CCFAAC0015E for ; Fri, 14 Jul 2023 18:44:27 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S235463AbjGNSo1 (ORCPT ); Fri, 14 Jul 2023 14:44:27 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51478 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236478AbjGNSoZ (ORCPT ); Fri, 14 Jul 2023 14:44:25 -0400 Received: from mail-ej1-x634.google.com (mail-ej1-x634.google.com [IPv6:2a00:1450:4864:20::634]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 0D8D730DA for ; Fri, 14 Jul 2023 11:44:24 -0700 (PDT) Received: by mail-ej1-x634.google.com with SMTP id a640c23a62f3a-9891c73e0fbso449935066b.1 for ; Fri, 14 Jul 2023 11:44:23 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=GSdWxf980IDFfEMO7NEtxOJcw/hdc8ebbLMd1MVW6uw=; b=UcvP7dovPNEf92YH4t5uXtqb7SoQqi2sJa029sYI3gLSb8yk6upaCVOMIUK4x/j7+G IB8AUnF9qjR1m1UOcnwQ6JJftY1bGgGY3567tGzDYDI1Y1+xapf4mz1ABHzLoNR1GsiS uXTNwGcpsJZu2kXM+HQGr11PlypW1l4WRC+LCuqubXL59MA8mnKaF1SDKBlfq4A+o+Y2 TBO1ukH/XiU3DOOP4SoObe7MgaE3oLaKXu3Y1CzrGBjbC8r9CFnAt1ecUuJa5Z4fQp8R qCQS4LXHGtlooDCKL0Zfc16Sfd758IirzMZOBpMVrE+dPYaZkKzZS3g5HGubHc4NGLSi g9/Q== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689360262; x=1691952262; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=GSdWxf980IDFfEMO7NEtxOJcw/hdc8ebbLMd1MVW6uw=; b=a6jmQCAoQVo+HNp4yly132PWR3ewc7lemm8PIhLnoptMtCfqBNDMUksXfciJlhjEfa k36BKh6T2dkviqtZ01EOG99057bskw6hCTeDvd+iTUPXLOp3Jz+VZet2Pjjx6D1J7gYY YjJhLMxAjDymm3s8lSB/gwNAtQf4nfni1VCb2LPXd8truKRBQWFmdA+KzUJFzCMoW2st kQ7W79Et/L5tgCW77oG0OhCItxS4jx98UPgUxzBI2XXglyV4+UyVTV9rDck0MvO+o6TD WM+pOcRNiiSDG+b10Nsv16h+3pI9ovYjOAJEmqOMyrnr0biDylz38MK+jQ7AHz7CmRHq 8J8w== X-Gm-Message-State: ABy/qLZp2gPwxv9xIFGE4HSmfgGY2OxJRcNJ4dC8tuW1HOFLHco5H6Kx ARjHxRpFoBJi/Fcyvxqu++zubiPQDNPMow== X-Google-Smtp-Source: APBJJlFPP/ZeTZe0j8puT2ueO1q/zZZVab2gqkuzcLDu+1vUvvtamkrKV33jX68vT7Sv+BqCbiXSJA== X-Received: by 2002:a17:906:7a5b:b0:98e:370c:be69 with SMTP id i27-20020a1709067a5b00b0098e370cbe69mr4465685ejo.6.1689360262513; Fri, 14 Jul 2023 11:44:22 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-078-050-124-229.78.50.pool.telefonica.de. [78.50.124.229]) by smtp.gmail.com with ESMTPSA id s7-20020a1709064d8700b00993004239a4sm5692167eju.215.2023.07.14.11.44.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jul 2023 11:44:22 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 3/4] libsepol: expand: use identical type to avoid implicit conversion Date: Fri, 14 Jul 2023 20:44:13 +0200 Message-Id: <20230714184414.40724-3-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230714184414.40724-1-cgzones@googlemail.com> References: <20230714184414.40724-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche --- libsepol/src/expand.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c index 7a011508..2ff06cd7 100644 --- a/libsepol/src/expand.c +++ b/libsepol/src/expand.c @@ -2314,7 +2314,7 @@ static int type_attr_map(hashtab_key_t key policydb_t *p = state->out; unsigned int i; ebitmap_node_t *tnode; - int value; + uint32_t value; type = (type_datum_t *) datum; value = type->s.value; From patchwork Fri Jul 14 18:44:14 2023 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 13314170 X-Patchwork-Delegate: plautrba@redhat.com Return-Path: X-Spam-Checker-Version: SpamAssassin 3.4.0 (2014-02-07) on aws-us-west-2-korg-lkml-1.web.codeaurora.org Received: from vger.kernel.org (vger.kernel.org [23.128.96.18]) by smtp.lore.kernel.org (Postfix) with ESMTP id 341D5C001DC for ; Fri, 14 Jul 2023 18:44:29 +0000 (UTC) Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S236319AbjGNSo2 (ORCPT ); Fri, 14 Jul 2023 14:44:28 -0400 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:51494 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S236606AbjGNSo0 (ORCPT ); Fri, 14 Jul 2023 14:44:26 -0400 Received: from mail-ed1-x52a.google.com (mail-ed1-x52a.google.com [IPv6:2a00:1450:4864:20::52a]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 98DFB1FF1 for ; Fri, 14 Jul 2023 11:44:24 -0700 (PDT) Received: by mail-ed1-x52a.google.com with SMTP id 4fb4d7f45d1cf-5216754c3edso769578a12.0 for ; Fri, 14 Jul 2023 11:44:24 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=googlemail.com; s=20221208; t=1689360263; x=1691952263; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:from:to:cc:subject:date:message-id :reply-to; bh=aXcOKJHtH1JY7H+s1D2v7FKYWGX0jLNnXa6CbbqfvmI=; b=UAeSE7QZcuyLUhHsgf228vbZrnilMLd5eKl8H8RzSjwoFHDFBj0lEephaZOLlz+Da3 udA5Et8FspQwS1VBa5Y047XlBEYtl/XBQmzYbCbh+RRKCD5VK0ZtkL/xH8kJvq7GFcPQ gIKCDHHtjBtL8UDW/hnm8Ke4I8FqLdDFYTnj1/tpwZdX/NQCMBy/nOVnkBjNqEb8m8Fd EvHjrdFBbbnJjcBUZR5rq/CQX9KKhMKy1L5WYuoejLOOgcGSHUbZdYeSiCFaGlWz4Db7 MG1AGokPm59+H3hV3CdeJPGqZj0OV5ZoAron4zhgclfKaimnwOT9POFNJ0U8k24aYzF0 lrBA== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20221208; t=1689360263; x=1691952263; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=aXcOKJHtH1JY7H+s1D2v7FKYWGX0jLNnXa6CbbqfvmI=; b=g8UmSdZ5gqNRm27pOxYuZnqpEWtIzjtWyWc9WjClbx9I+K5IgQ+pNkrr8LMzZn5owA 94Rztt2uy4DDfE6MIPV7eZyazllz4ga+bk7pxB9fNIYPJDF7TUvSwwWuRSFhWLrW0232 TRCQuKA9tqP3/OqxbdUMmTwUk0Prw8hU/9mcYz07zrZcWM6nOZF9X92AVK2JBxuRKFbH 9fgLwJ2m0F8pVySP8auMZUJfKL7TmyI4AUJHw3Eex4nCiu4XwbwRbTsf8u5NqkghUCu/ AozICbd7RHFXndP/CV4xS68VLtC+LvlUyKmC4JZE36Iu0egdTaUyl0US4kowxQZtif/v r9LQ== X-Gm-Message-State: ABy/qLYgcos6THAYMbtd5oPJhmcps9Jr1BjcZlmbsu9+u0HMbFh2vKFw KgYNMVEToF5uWvzpMOBugNYwDjgDH54veg== X-Google-Smtp-Source: APBJJlHakyH1Bd3e3ph+rgeC+g/hf3AV1QgbEpcEnkKhlVbJbCNYpkDAo7qO2xzoQWbaULkf+j54+A== X-Received: by 2002:a17:907:3e8a:b0:989:1a52:72b5 with SMTP id hs10-20020a1709073e8a00b009891a5272b5mr6045737ejc.45.1689360262970; Fri, 14 Jul 2023 11:44:22 -0700 (PDT) Received: from debian_development.DebianHome (dynamic-078-050-124-229.78.50.pool.telefonica.de. [78.50.124.229]) by smtp.gmail.com with ESMTPSA id s7-20020a1709064d8700b00993004239a4sm5692167eju.215.2023.07.14.11.44.22 for (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 14 Jul 2023 11:44:22 -0700 (PDT) From: =?utf-8?q?Christian_G=C3=B6ttsche?= To: selinux@vger.kernel.org Subject: [PATCH 4/4] libsepol: expand: check for memory allocation failure Date: Fri, 14 Jul 2023 20:44:14 +0200 Message-Id: <20230714184414.40724-4-cgzones@googlemail.com> X-Mailer: git-send-email 2.40.1 In-Reply-To: <20230714184414.40724-1-cgzones@googlemail.com> References: <20230714184414.40724-1-cgzones@googlemail.com> MIME-Version: 1.0 Precedence: bulk List-ID: X-Mailing-List: selinux@vger.kernel.org Signed-off-by: Christian Göttsche --- libsepol/src/expand.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c index 2ff06cd7..5c20b806 100644 --- a/libsepol/src/expand.c +++ b/libsepol/src/expand.c @@ -2954,6 +2954,10 @@ int expand_module(sepol_handle_t * handle, state.out->policyvers = POLICYDB_VERSION_MAX; if (state.base->name) { state.out->name = strdup(state.base->name); + if (!state.out->name) { + ERR(handle, "Out of memory!"); + goto cleanup; + } } /* Copy mls state from base to out */