All of lore.kernel.org
 help / color / mirror / Atom feed
* [PATCH 1/2] libsepol/cil: Add function to get number of items in a stack
@ 2021-09-07 19:58 James Carter
  2021-09-07 19:58 ` [PATCH 2/2] libsepol/cil: Limit the number of active line marks James Carter
  0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2021-09-07 19:58 UTC (permalink / raw)
  To: selinux; +Cc: nicolas.iooss, James Carter

Add the function, cil_stack_number_of_items(), to return the number
of items in the stack.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_stack.c | 5 +++++
 libsepol/cil/src/cil_stack.h | 1 +
 2 files changed, 6 insertions(+)

diff --git a/libsepol/cil/src/cil_stack.c b/libsepol/cil/src/cil_stack.c
index bbfb961a..70a77bc1 100644
--- a/libsepol/cil/src/cil_stack.c
+++ b/libsepol/cil/src/cil_stack.c
@@ -67,6 +67,11 @@ int cil_stack_is_empty(struct cil_stack *stack)
 	return (stack->pos == -1);
 }
 
+int cil_stack_number_of_items(struct cil_stack *stack)
+{
+	return stack->pos + 1;
+}
+
 void cil_stack_push(struct cil_stack *stack, enum cil_flavor flavor, void *data)
 {
 	stack->pos++;
diff --git a/libsepol/cil/src/cil_stack.h b/libsepol/cil/src/cil_stack.h
index b78535ac..0e3eff66 100644
--- a/libsepol/cil/src/cil_stack.h
+++ b/libsepol/cil/src/cil_stack.h
@@ -52,6 +52,7 @@ void cil_stack_destroy(struct cil_stack **stack);
 
 void cil_stack_empty(struct cil_stack *stack);
 int cil_stack_is_empty(struct cil_stack *stack);
+int cil_stack_number_of_items(struct cil_stack *stack);
 
 void cil_stack_push(struct cil_stack *stack, enum cil_flavor flavor, void *data);
 struct cil_stack_item *cil_stack_pop(struct cil_stack *stack);
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* [PATCH 2/2] libsepol/cil: Limit the number of active line marks
  2021-09-07 19:58 [PATCH 1/2] libsepol/cil: Add function to get number of items in a stack James Carter
@ 2021-09-07 19:58 ` James Carter
  2021-09-08  7:10   ` Nicolas Iooss
  0 siblings, 1 reply; 3+ messages in thread
From: James Carter @ 2021-09-07 19:58 UTC (permalink / raw)
  To: selinux; +Cc: nicolas.iooss, James Carter

A line mark functions like an open parenthesis, so the number of
active line marks should be limited like the number of open
parenthesis.

This issue was found by the secilc-fuzzer.

Signed-off-by: James Carter <jwcart2@gmail.com>
---
 libsepol/cil/src/cil_parser.c | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c
index a967b9ed..5375d49a 100644
--- a/libsepol/cil/src/cil_parser.c
+++ b/libsepol/cil/src/cil_parser.c
@@ -131,6 +131,10 @@ static int add_hll_linemark(struct cil_tree_node **current, uint32_t *hll_offset
 		*current = (*current)->parent;
 	} else {
 		push_hll_info(stack, *hll_offset, *hll_expand);
+		if (cil_stack_number_of_items(stack) > CIL_PARSER_MAX_EXPR_DEPTH) {
+			cil_log(CIL_ERR, "Number of active line marks exceeds limit of %d\n", CIL_PARSER_MAX_EXPR_DEPTH);
+			goto exit;
+		}
 
 		create_node(&node, *current, tok.line, *hll_offset, NULL);
 		insert_node(node, *current);
-- 
2.31.1


^ permalink raw reply related	[flat|nested] 3+ messages in thread
* Re: [PATCH 2/2] libsepol/cil: Limit the number of active line marks
  2021-09-07 19:58 ` [PATCH 2/2] libsepol/cil: Limit the number of active line marks James Carter
@ 2021-09-08  7:10   ` Nicolas Iooss
  0 siblings, 0 replies; 3+ messages in thread
From: Nicolas Iooss @ 2021-09-08  7:10 UTC (permalink / raw)
  To: James Carter; +Cc: SElinux list

On Tue, Sep 7, 2021 at 9:58 PM James Carter <jwcart2@gmail.com> wrote:
>
> A line mark functions like an open parenthesis, so the number of
> active line marks should be limited like the number of open
> parenthesis.
>
> This issue was found by the secilc-fuzzer.
>
> Signed-off-by: James Carter <jwcart2@gmail.com>

For both patches:

Acked-by: Nicolas Iooss <nicolas.iooss@m4x.org>

Thanks,
Nicolas

> ---
>  libsepol/cil/src/cil_parser.c | 4 ++++
>  1 file changed, 4 insertions(+)
>
> diff --git a/libsepol/cil/src/cil_parser.c b/libsepol/cil/src/cil_parser.c
> index a967b9ed..5375d49a 100644
> --- a/libsepol/cil/src/cil_parser.c
> +++ b/libsepol/cil/src/cil_parser.c
> @@ -131,6 +131,10 @@ static int add_hll_linemark(struct cil_tree_node **current, uint32_t *hll_offset
>                 *current = (*current)->parent;
>         } else {
>                 push_hll_info(stack, *hll_offset, *hll_expand);
> +               if (cil_stack_number_of_items(stack) > CIL_PARSER_MAX_EXPR_DEPTH) {
> +                       cil_log(CIL_ERR, "Number of active line marks exceeds limit of %d\n", CIL_PARSER_MAX_EXPR_DEPTH);
> +                       goto exit;
> +               }
>
>                 create_node(&node, *current, tok.line, *hll_offset, NULL);
>                 insert_node(node, *current);
> --
> 2.31.1
>


^ permalink raw reply	[flat|nested] 3+ messages in thread
end of thread, other threads:[~2021-09-08  7:10 UTC | newest]

Thread overview: 3+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2021-09-07 19:58 [PATCH 1/2] libsepol/cil: Add function to get number of items in a stack James Carter
2021-09-07 19:58 ` [PATCH 2/2] libsepol/cil: Limit the number of active line marks James Carter
2021-09-08  7:10   ` Nicolas Iooss

This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.