tequilaOS/platform_external_selinux
2
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity

libsepol/cil: Properly check for parameter when inserting name

Browse source 
File names for typetransition rules are stored in their own datums.
This allows them to be passed as a parameter, but there needs to be
a check in __cil_insert_name() so that parameter names are not
mistaken for file name strings. This check did not verify that a
matching parameter name had the flavor of CIL_NAME.

Check that the parameter flavor is CIL_NAME and that the paramter
name matches the file name to be stored in the datum.

This bug was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
This commit is contained in:
James Carter 2021-08-27 10:12:42 -04:00
parent b57535318a
commit 05d1c66aaa
1 changed files with 2 additions and 1 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

3
libsepol/cil/src/cil_resolve_ast.c
View file

@ -87,7 +87,8 @@ static struct cil_name * __cil_insert_name(struct cil_db *db, hashtab_key_t key,
if (macro != NULL && macro->params != NULL) { if (macro != NULL && macro->params != NULL) {
struct cil_list_item *item; struct cil_list_item *item;
cil_list_for_each(item, macro->params) { cil_list_for_each(item, macro->params) {
if (((struct cil_param*)item->data)->str == key) { struct cil_param *param = item->data;
if (param->flavor == CIL_NAME && param->str == key) {
return NULL; return NULL;
} }
} }