packages/libsepol
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libsepol/backport-libsepol-avoid-integer-overflow-in-add_i_to_a.patch
markeryang 977186bea8 sync backport patches from upstream
2024-10-15 01:36:33 +00:00

33 lines
1.0 KiB
Diff
Raw Permalink Blame History

From a55cd37461f2e1ef4cec3b09aa8b99f2d12a529d Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Mon, 11 Dec 2023 15:48:25 +0100
Subject: [PATCH] libsepol: avoid integer overflow in add_i_to_a()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
Reference: https://github.com/SELinuxProject/selinux/commit/a55cd37461f2e1ef4cec3b09aa8b99f2d12a529d
Conflict: NA
---
libsepol/src/util.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsepol/src/util.c b/libsepol/src/util.c
index 571f6c93..4a6f7d11 100644
--- a/libsepol/src/util.c
+++ b/libsepol/src/util.c
@@ -44,7 +44,7 @@ int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a)
{
uint32_t *new;
- if (cnt == NULL || a == NULL)
+ if (cnt == NULL || *cnt == UINT32_MAX || a == NULL)
return -1;
/* FIX ME: This is not very elegant! We use an array that we
--
2.33.0
Reference in New Issue View Git Blame Copy Permalink