From patchwork Fri Jun 3 15:17:56 2016 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Joshua Brindle X-Patchwork-Id: 9153341 Return-Path: Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org [172.30.200.125]) by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id 934E760221 for ; Fri, 3 Jun 2016 15:23:34 +0000 (UTC) Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1]) by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 857C328304 for ; Fri, 3 Jun 2016 15:23:34 +0000 (UTC) Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486) id 7ABAB28327; Fri, 3 Jun 2016 15:23:34 +0000 (UTC) X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on pdx-wl-mail.web.codeaurora.org X-Spam-Level: X-Spam-Status: No, score=-1.8 required=2.0 tests=BAYES_00,DKIM_SIGNED, T_DKIM_INVALID autolearn=no version=3.3.1 Received: from emsm-gh1-uea11.nsa.gov (smtp.nsa.gov [8.44.101.9]) (using TLSv1.2 with cipher DHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by mail.wl.linuxfoundation.org (Postfix) with ESMTPS id 9B6F828304 for ; Fri, 3 Jun 2016 15:23:33 +0000 (UTC) X-IronPort-AV: E=Sophos;i="5.26,412,1459814400"; d="scan'208";a="16633222" IronPort-PHdr: =?us-ascii?q?9a23=3AYtEveBNOKfFxkGAvuXMl6mtUPXoX/o7sNwtQ0KIM?= =?us-ascii?q?zox0KPr5rarrMEGX3/hxlliBBdydsKIVzbSN+PC7EUU7or+/81k6OKRWUBEEjc?= =?us-ascii?q?hE1ycBO+WiTXPBEfjxciYhF95DXlI2t1uyMExSBdqsLwaK+i760zceF13FOBZv?= =?us-ascii?q?IaytQ8iJ35Xxibv5q8abSj4LrQT+SIs6FA+xowTVu5teqqpZAYF19CH0pGBVcf?= =?us-ascii?q?9d32JiKAHbtR/94sCt4MwrqHwI6Loc7coIbYHWN+R9FOQZX3waNDUu6cnqswTT?= =?us-ascii?q?ZRee7XsbFGMNm1xHBBaWwgv9W8LTtTD6q+M18jObO8HyQPhgUy6j6atvRTfxlS?= =?us-ascii?q?4dNCU0+3zNi9BhyqlcpUTy9FRE34fIbdTNZ7JFdaTHcIZfHDJM?= X-IPAS-Result: =?us-ascii?q?A2F9AwBwoFFX/wHyM5BcHoMcgVO2J4YgIoc0TAEBAQEBAQI?= =?us-ascii?q?CYieCMH4sCEgBGwIBAwECDxUTBgEBDCAMAgMJAQEXKQgIAwEtAwEFAQsRDgsFG?= =?us-ascii?q?AQBiA2jX4ExPjGKVIUoAQEFjRAIEIQLimkCEQFohQ4BmEmOJokxJYVCAkWNTjC?= =?us-ascii?q?BD1SEClKITg8XgR4BAQE?= Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/DHE-RSA-AES256-GCM-SHA384; 03 Jun 2016 15:23:24 +0000 Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u53FN4JB017583; Fri, 3 Jun 2016 11:23:05 -0400 Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil [144.51.242.1]) by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id u53FIGND081917 for ; Fri, 3 Jun 2016 11:18:16 -0400 Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250]) by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u53FIGdF016707 for ; Fri, 3 Jun 2016 11:18:16 -0400 X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: A1B2AwAMn1FXdyvAVdFcHQGEb7YngiOECIYSAoE3TAEBAQEBARMBCgsLCR+EdwIBAxIVGQEBNwEPUTQBBQEcGSKIDaNegTE+MYpUhSgBAQWMZwEBAQEBAQQCARwIEIQLiml8hQ6YSo4miTGFZwJFjU4wgQ+CToIQUohOgUQBAQE X-IPAS-Result: A1B2AwAMn1FXdyvAVdFcHQGEb7YngiOECIYSAoE3TAEBAQEBARMBCgsLCR+EdwIBAxIVGQEBNwEPUTQBBQEcGSKIDaNegTE+MYpUhSgBAQWMZwEBAQEBAQQCARwIEIQLiml8hQ6YSo4miTGFZwJFjU4wgQ+CToIQUohOgUQBAQE X-IronPort-AV: E=Sophos;i="5.26,412,1459828800"; d="scan'208";a="5488280" Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov) ([10.208.41.37]) by goalie.tycho.ncsc.mil with ESMTP; 03 Jun 2016 11:18:15 -0400 IronPort-PHdr: =?us-ascii?q?9a23=3AWlgfQBd5E6VVSTOEZBHHTCr/lGMj4u6mDksu8pMi?= =?us-ascii?q?zoh2WeGdxc6+Yx7h7PlgxGXEQZ/co6odzbGG4ua+AidQut6oizMrTt9lb1c9k8?= =?us-ascii?q?IYnggtUoauKHbQC7rUVRE8B9lIT1R//nu2YgB/Ecf6YEDO8DXptWZBUiv2OQc9?= =?us-ascii?q?HOnpAIma153xjLDjvcOIKFUTzBOGIppMbzyO5T3LsccXhYYwYo0Q8TDu5kVyRu?= =?us-ascii?q?JN2GlzLkiSlRuvru25/Zpk7jgC86l5r50IAu3GePEjQLhZCik2G3wk783s8x/Y?= =?us-ascii?q?RE2A4WVPfH8Rl09qBBPF8RiydI3wtCf+u6Ip0jObO8HyQJgtRD247LxmQwLyiT?= =?us-ascii?q?sWcTU+9TeE2YRLkKtHrUf59FREyInObdTNOQ=3D=3D?= X-IronPort-Anti-Spam-Filtered: true X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0FvAgA7n1FXdyvAVdFcHQGEb7YngiOEC?= =?us-ascii?q?IYSAoE3TAEBAQEBAQICDwEKCwsJHzGCMH4sCEgBARoCAQMSFRkBATcBD1E0AQU?= =?us-ascii?q?BHBkiiA2jXoExPjGKVIUoAQEFjGcBAQEBAQEEAgEcCBCEC4ppfIUOmEqOJokxh?= =?us-ascii?q?WcCRY1OMIEPgk6CEFKIToFEAQEB?= X-IPAS-Result: =?us-ascii?q?A0FvAgA7n1FXdyvAVdFcHQGEb7YngiOECIYSAoE3TAEBAQE?= =?us-ascii?q?BAQICDwEKCwsJHzGCMH4sCEgBARoCAQMSFRkBATcBD1E0AQUBHBkiiA2jXoExP?= =?us-ascii?q?jGKVIUoAQEFjGcBAQEBAQEEAgEcCBCEC4ppfIUOmEqOJokxhWcCRY1OMIEPgk6?= =?us-ascii?q?CEFKIToFEAQEB?= X-IronPort-AV: E=Sophos;i="5.26,412,1459814400"; d="scan'208";a="16633053" Received: from mail-qg0-f43.google.com ([209.85.192.43]) by emsm-gh1-uea11.nsa.gov with ESMTP/TLS/AES128-GCM-SHA256; 03 Jun 2016 15:18:11 +0000 Received: by mail-qg0-f43.google.com with SMTP id p34so13234734qgp.1 for ; Fri, 03 Jun 2016 08:18:11 -0700 (PDT) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=quarksecurity.com; s=google; h=from:to:cc:subject:date:message-id:in-reply-to:references; bh=Tzjm6/+BJHnQdy5sgj8cwqFhVqpp/ENE5gta+QvEpX8=; b=WbixlBmk9qN25tMsmAhGEIGmjwW+jqdnM2xwdizqs8iVMV9ivyFhmAXmEeoXj1iQ6T HDY6Lj7ddZbEDjGptD2VrK0/kAgrtZ98mshu1T+7uxciIv1Z5LK+XCM56a+jaVF3hKs0 JbG9rz16NgQPeoXtrSfRTgdQK8cu/bUG3MGSc= X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20130820; h=x-gm-message-state:from:to:cc:subject:date:message-id:in-reply-to :references; bh=Tzjm6/+BJHnQdy5sgj8cwqFhVqpp/ENE5gta+QvEpX8=; b=Ia+F0hTKuLuUsaL29F21Nsi/LZQeDTeuCAUzDnWK8TVuUyM/AC6XDENdjaXxpaeMUl uZCNJig+utQLfcSQtHl4o2DxjkqDiSFjcFfMvjmJmXbtklbX105qvCHnUU2qaqKE4SI4 5W8CvTJ5HpvtS3jtx5dRRu6VKa+JLiugclBmfclMShm+peuKWD668h46LrVg/3WlTEAo OmOUwhB2Ktph1qk1qhdLA8Em9obAgmdP9G/G3YuIfQdcAUop8ng4dOBEybq5YZahlQmH pkgGb/r2hdwPeyIuTb8g4HeXhs5HHBoJK4lrXvkSfKyHCxbpCVPhlhOsgGr2QDr4lQSH zXpg== X-Gm-Message-State: ALyK8tIKg5RYOi1Bfeg/ZzMsXM/G+rxbSP9rd9RXxL+NGF2//Ln832INN5ffkAUPNOSTc+gX X-Received: by 10.140.19.5 with SMTP id 5mr3602888qgg.98.1464967090243; Fri, 03 Jun 2016 08:18:10 -0700 (PDT) Received: from charmzilla.localdomain ([50.253.7.1]) by smtp.gmail.com with ESMTPSA id d93sm1157305qga.39.2016.06.03.08.18.09 (version=TLS1_2 cipher=ECDHE-RSA-AES128-GCM-SHA256 bits=128/128); Fri, 03 Jun 2016 08:18:09 -0700 (PDT) From: Joshua Brindle To: selinux@tycho.nsa.gov Subject: [PATCH] Correctly detect unknown classes in sepol_string_to_security_class Date: Fri, 3 Jun 2016 11:17:56 -0400 Message-Id: <1464967076-24170-1-git-send-email-brindle@quarksecurity.com> X-Mailer: git-send-email 2.1.0 In-Reply-To: <1464966566-14597-2-git-send-email-brindle@quarksecurity.com> References: <1464966566-14597-2-git-send-email-brindle@quarksecurity.com> X-BeenThere: selinux@tycho.nsa.gov X-Mailman-Version: 2.1.20 Precedence: list List-Id: "Security-Enhanced Linux \(SELinux\) mailing list" List-Post: List-Help: MIME-Version: 1.0 Errors-To: selinux-bounces@tycho.nsa.gov Sender: "Selinux" X-Virus-Scanned: ClamAV using ClamSMTP Bail before running off the end of the class index Change-Id: I47c4eaac3c7d789f8d85047e34e37e3f0bb38b3a Signed-off-by: Joshua Brindle --- libsepol/src/services.c | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/libsepol/src/services.c b/libsepol/src/services.c index d64a8e8..665fcaa 100644 --- a/libsepol/src/services.c +++ b/libsepol/src/services.c @@ -1155,7 +1155,7 @@ int hidden sepol_string_to_security_class(const char *class_name, char *class = NULL; sepol_security_class_t id; - for (id = 1;; id++) { + for (id = 1; id <= policydb->p_classes.nprim; id++) { class = policydb->p_class_val_to_name[id - 1]; if (class == NULL) { ERR(NULL, "could not convert %s to class id", class_name); @@ -1166,6 +1166,8 @@ int hidden sepol_string_to_security_class(const char *class_name, return STATUS_SUCCESS; } } + ERR(NULL, "unrecognized class %s", class_name); + return -EINVAL; } /*