93 lines
2.5 KiB
Diff
93 lines
2.5 KiB
Diff
From 994b9b205e36f3cc849b75f075e057686f3f9cd8 Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Wed, 13 Mar 2024 12:10:23 +0100
|
|
Subject: [PATCH] libselinux/utils/selabel_digest: avoid buffer overflow
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
In case the specfiles have very long paths or there are too many abort
|
|
instead of writing past the stack buffer.
|
|
|
|
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
Acked-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
utils/selabel_digest.c | 45 ++++++++++++++++++++++++-------
|
|
1 file changed, 36 insertions(+), 9 deletions(-)
|
|
|
|
diff --git a/utils/selabel_digest.c b/utils/selabel_digest.c
|
|
index db0d443a..64051070 100644
|
|
--- a/utils/selabel_digest.c
|
|
+++ b/utils/selabel_digest.c
|
|
@@ -66,7 +66,7 @@ int main(int argc, char **argv)
|
|
|
|
char cmd_buf[4096];
|
|
char *cmd_ptr;
|
|
- char *sha1_buf;
|
|
+ char *sha1_buf = NULL;
|
|
|
|
struct selabel_handle *hnd;
|
|
struct selinux_opt selabel_option[] = {
|
|
@@ -167,23 +167,50 @@ int main(int argc, char **argv)
|
|
printf("calculated using the following specfile(s):\n");
|
|
|
|
if (specfiles) {
|
|
- cmd_ptr = &cmd_buf[0];
|
|
- sprintf(cmd_ptr, "/usr/bin/cat ");
|
|
- cmd_ptr = &cmd_buf[0] + strlen(cmd_buf);
|
|
+ size_t cmd_rem = sizeof(cmd_buf);
|
|
+ int ret;
|
|
+
|
|
+ if (validate) {
|
|
+ cmd_ptr = &cmd_buf[0];
|
|
+ ret = snprintf(cmd_ptr, cmd_rem, "/usr/bin/cat ");
|
|
+ if (ret < 0 || (size_t)ret >= cmd_rem) {
|
|
+ fprintf(stderr, "Could not format validate command\n");
|
|
+ rc = -1;
|
|
+ goto err;
|
|
+ }
|
|
+ cmd_ptr += ret;
|
|
+ cmd_rem -= ret;
|
|
+ }
|
|
|
|
for (i = 0; i < num_specfiles; i++) {
|
|
- sprintf(cmd_ptr, "%s ", specfiles[i]);
|
|
- cmd_ptr += strlen(specfiles[i]) + 1;
|
|
+ if (validate) {
|
|
+ ret = snprintf(cmd_ptr, cmd_rem, "%s ", specfiles[i]);
|
|
+ if (ret < 0 || (size_t)ret >= cmd_rem) {
|
|
+ fprintf(stderr, "Could not format validate command\n");
|
|
+ rc = -1;
|
|
+ goto err;
|
|
+ }
|
|
+ cmd_ptr += ret;
|
|
+ cmd_rem -= ret;
|
|
+ }
|
|
+
|
|
printf("%s\n", specfiles[i]);
|
|
}
|
|
- sprintf(cmd_ptr, "| /usr/bin/openssl dgst -sha1 -hex");
|
|
|
|
- if (validate)
|
|
+ if (validate) {
|
|
+ ret = snprintf(cmd_ptr, cmd_rem, "| /usr/bin/openssl dgst -sha1 -hex");
|
|
+ if (ret < 0 || (size_t)ret >= cmd_rem) {
|
|
+ fprintf(stderr, "Could not format validate command\n");
|
|
+ rc = -1;
|
|
+ goto err;
|
|
+ }
|
|
+
|
|
rc = run_check_digest(cmd_buf, sha1_buf);
|
|
+ }
|
|
}
|
|
|
|
- free(sha1_buf);
|
|
err:
|
|
+ free(sha1_buf);
|
|
selabel_close(hnd);
|
|
return rc;
|
|
}
|
|
--
|
|
2.33.0
|
|
|