packages/libsepol
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix NULL pointer dereference in cil_fill_ipaddr

Browse Source
This commit is contained in:
Liquor 2021-03-04 15:59:53 +08:00
parent 1bac535b64
commit f509e4f5d1
2 changed files with 40 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

33
backport-libsepol-cil-fix-NULL-pointer-dereference-in-cil_fil.patch Normal file
View File

@ -0,0 +1,33 @@
From 6238e025714b18db41354629dd40e70e27b7c37e Mon Sep 17 00:00:00 2001
From: lutianxiong <lutianxiong@huawei.com>
Date: Thu, 25 Feb 2021 18:40:02 +0800
Subject: [PATCH] libsepol/cil: fix NULL pointer dereference in cil_fill_ipaddr
Found a NULL pointer dereference by fuzzing, reproducing:
$ echo "(nodecon(())o(e()))" > tmp.cil
$ secilc tmp.cil
Segmentation fault (core dumped)
Add NULL check for addr_node->data in cil_fill_ipaddr.
Signed-off-by: lutianxiong <lutianxiong@huawei.com>
---
libsepol/cil/src/cil_build_ast.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsepol/cil/src/cil_build_ast.c b/libsepol/cil/src/cil_build_ast.c
index 726f46cd..4e53f06a 100644
--- a/libsepol/cil/src/cil_build_ast.c
+++ b/libsepol/cil/src/cil_build_ast.c
@@ -5660,7 +5660,7 @@ int cil_fill_ipaddr(struct cil_tree_node *addr_node, struct cil_ipaddr *addr)
{
int rc = SEPOL_ERR;
- if (addr_node == NULL || addr == NULL) {
+ if (addr_node == NULL || addr_node->data == NULL || addr == NULL) {
goto exit;
}
--
2.27.0

9
libsepol.spec
View File

@ -1,11 +1,13 @@
Name: libsepol
Version: 3.1
Release: 1
Release: 2
Summary: SELinux binary policy manipulation library
License: LGPLv2+
URL: https://github.com/SELinuxProject/selinux/wiki/Releases
Source0: https://github.com/SELinuxProject/selinux/releases/download/20200710/libsepol-3.1.tar.gz
Patch1: backport-libsepol-cil-fix-NULL-pointer-dereference-in-cil_fil.patch
BuildRequires: gcc flex
%description
@ -26,7 +28,7 @@ Header files and libraries for %{name}
%package_help
%prep
%autosetup -n %{name}-%{version} -p1
%autosetup -n %{name}-%{version} -p2
%build
make clean
@ -67,6 +69,9 @@ exit 0
%{_mandir}/man3/*
%changelog
* Thu Mar 4 2021 Lirui <lirui130@huawei.com> - 3.1-2
- fix NULL pointer dereference in cil_fill_ipaddr
* Fri Jul 17 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.1-1
- update to 3.1