From patchwork Thu Aug 18 20:54:48 2016
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: "Roberts, William C" <william.c.roberts@intel.com>
X-Patchwork-Id: 9288635
Return-Path: <selinux-bounces@tycho.nsa.gov>
Received: from mail.wl.linuxfoundation.org (pdx-wl-mail.web.codeaurora.org
	[172.30.200.125])
	by pdx-korg-patchwork.web.codeaurora.org (Postfix) with ESMTP id
	1FDB7600CB for <patchwork-selinux@patchwork.kernel.org>;
	Thu, 18 Aug 2016 20:57:49 +0000 (UTC)
Received: from mail.wl.linuxfoundation.org (localhost [127.0.0.1])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 0D1E128F26
	for <patchwork-selinux@patchwork.kernel.org>;
	Thu, 18 Aug 2016 20:57:49 +0000 (UTC)
Received: by mail.wl.linuxfoundation.org (Postfix, from userid 486)
	id F0AF828F2F; Thu, 18 Aug 2016 20:57:48 +0000 (UTC)
X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on
	pdx-wl-mail.web.codeaurora.org
X-Spam-Level: 
X-Spam-Status: No, score=-4.2 required=2.0 tests=BAYES_00, RCVD_IN_DNSWL_MED
	autolearn=ham version=3.3.1
Received: from emsm-gh1-uea11.nsa.gov (emsm-gh1-uea11.nsa.gov [8.44.101.9])
	by mail.wl.linuxfoundation.org (Postfix) with ESMTP id 4186D28F26
	for <patchwork-selinux@patchwork.kernel.org>;
	Thu, 18 Aug 2016 20:57:48 +0000 (UTC)
X-IronPort-AV: E=Sophos;i="5.28,541,1464652800"; d="scan'208";a="18591124"
IronPort-PHdr: =?us-ascii?q?9a23=3AGLSKGRbZwpkGFgYLMwBzrvj/LSx+4OfEezUN459i?=
	=?us-ascii?q?sYplN5qZpM+zbnLW6fgltlLVR4KTs6sC0LuP9fq8EjVduN7B6ClEK80UEUddyI?=
	=?us-ascii?q?0/pE8JOIa9E0r1LfrnPWQRPf9pcxtbxUy9KlVfA83kZlff8TWY5D8WHQjjZ0Iu?=
	=?us-ascii?q?frymUrDbg8n/7e2u4ZqbO1wO32vkJ+kuZ0zr9E2R7pBQ2to6bP5pi1PgmThhQ6?=
	=?us-ascii?q?xu32RmJFaezV7Xx/yb29pdyRlWoO8r7MVaUK/3LOwSRL1cCyk6YShuvJW4/STZ?=
	=?us-ascii?q?SUOzwldUEiBPylsbSzTCuQr3Wpb3rzvSqvt22C7cO9b/C78zR3Dq7bhgQQX00g?=
	=?us-ascii?q?8bJjU59yfRkcU2g6VF5Fq6qhV5z5TTYY3QMPtlYovBbNgaQixHRc8XWCtfRsun?=
	=?us-ascii?q?Y5AnE/sKPeEeqZL04VQJs0iQHw6pUfzuzjtJj3qw1usg1O4sCx3d9A0mA98K9n?=
	=?us-ascii?q?/TqYamfJwOWPy4mfGbhQ7IaOlbjHKksIU=3D?=
X-IPAS-Result: =?us-ascii?q?A2GuDgDUILZX/wHyM5BdHAEBgyWBUqNQgXKUHiCHeEwBAQE?=
	=?us-ascii?q?BAQEBAgECWyeCMgQDEYIcAiQTFCAOAwkCFwgZCAgIAwEtFRgHCwUYBIgQvWQBJ?=
	=?us-ascii?q?Igqhl8RAWQNhQYFjh11ijKPHgKJa4VcSI9rVIQaTgGFdoE2AQEB?=
Received: from unknown (HELO tarius.tycho.ncsc.mil) ([144.51.242.1])
	by emsm-gh1-uea11.nsa.gov with ESMTP; 18 Aug 2016 20:57:45 +0000
Received: from prometheus.infosec.tycho.ncsc.mil (prometheus [192.168.25.40])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7IKvhtt015237;
	Thu, 18 Aug 2016 16:57:44 -0400
Received: from tarius.tycho.ncsc.mil (tarius.infosec.tycho.ncsc.mil
	[144.51.242.1])
	by prometheus.infosec.tycho.ncsc.mil (8.15.2/8.15.2) with ESMTP id
	u7IKssie005941 for <selinux@prometheus.infosec.tycho.ncsc.mil>;
	Thu, 18 Aug 2016 16:54:54 -0400
Received: from goalie.tycho.ncsc.mil (goalie [144.51.242.250])
	by tarius.tycho.ncsc.mil (8.14.4/8.14.4) with ESMTP id u7IKsr4W015013;
	Thu, 18 Aug 2016 16:54:53 -0400
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: 
 A1BjCADJH7ZX/yNjr8ZdHAEBgyWBUqNQkguEDBSGCYF0TAEBAQEBAQECXoUzUjAZdhKIMb1ZAQEIJ4gqh1UNgXQLgwcFjh11ijKPHgKPR0iPa1SEGk4BhXaBNgEBAQ
X-IPAS-Result: 
 A1BjCADJH7ZX/yNjr8ZdHAEBgyWBUqNQkguEDBSGCYF0TAEBAQEBAQECXoUzUjAZdhKIMb1ZAQEIJ4gqh1UNgXQLgwcFjh11ijKPHgKPR0iPa1SEGk4BhXaBNgEBAQ
X-IronPort-AV: E=Sophos;i="5.28,541,1464667200"; d="scan'208";a="5653256"
Received: from emsm-gh1-uea11.corp.nsa.gov (HELO emsm-gh1-uea11.nsa.gov)
	([10.208.41.37])
	by goalie.tycho.ncsc.mil with ESMTP; 18 Aug 2016 16:54:52 -0400
IronPort-PHdr: =?us-ascii?q?9a23=3An3OpWhxLdLxVUQnXCy+O+j09IxM/srCxBDY+r6Qd?=
	=?us-ascii?q?0O4QIJqq85mqBkHD//Il1AaPBtSCragYwLOL6uigATVGusfZ9ihaMdRlbFwssY?=
	=?us-ascii?q?0uhQsuAcqIWwXQDcXBSGgEJvlET0Jv5HqhMEJYS47UblzWpWCuv3ZJQk2sfTR8?=
	=?us-ascii?q?Kum9IIPOlcP/j7n0oMyKJV8Uz2PgOPsydEzw9lSJ8JFOwMNLEeUY8lPxuHxGeu?=
	=?us-ascii?q?BblytDBGm4uFLC3Pq254Np6C9KuvgspIZqWKT+eLkkH/QDVGx1e0h83sDgtAHC?=
	=?us-ascii?q?QA2T/TNcFzxOylsbSzTCuQr3Wpb3rzvSqvt22C7cO9b/C78zR3Dq7bhgQQX00g?=
	=?us-ascii?q?8bJjU59yfRkcU2g6VF5Fq6qhV5z5TTYY3QMPtlYovBbNgaQixHRc8XWCtfRsun?=
	=?us-ascii?q?Y5AnE/sKPeEeqZL04VQJs0iQHw6pUfzuzjtJj3qw1usg1O4sCx3d9A0mA98K9n?=
	=?us-ascii?q?/TqYamfJwOWPy4mfGbhQ7IaOlbjHKksNDF?=
X-IronPort-Anti-Spam-Filtered: true
X-IronPort-Anti-Spam-Result: =?us-ascii?q?A0GrDgDJH7ZX/yNjr8ZdHAEBgyWBUqNQg?=
	=?us-ascii?q?XKQGYQMFIYJgXRMAQEBAQEBAQIBAlsngjIEARMBgkFSMBl2EogxvVkBAQgCJYg?=
	=?us-ascii?q?qh1UNhQYFjh11ijKPHgKPR0iPa1SEGk4BhXaBNgEBAQ?=
X-IPAS-Result: =?us-ascii?q?A0GrDgDJH7ZX/yNjr8ZdHAEBgyWBUqNQgXKQGYQMFIYJgXR?=
	=?us-ascii?q?MAQEBAQEBAQIBAlsngjIEARMBgkFSMBl2EogxvVkBAQgCJYgqh1UNhQYFjh11i?=
	=?us-ascii?q?jKPHgKPR0iPa1SEGk4BhXaBNgEBAQ?=
X-IronPort-AV: E=Sophos;i="5.28,541,1464652800"; d="scan'208";a="18591049"
Received: from fmsmga002-icc.fm.intel.com ([198.175.99.35])
	by emsm-gh1-uea11.nsa.gov with ESMTP; 18 Aug 2016 20:54:51 +0000
Received: from fmsmga001-icc.fm.intel.com ([198.175.99.7])
	by fmsmga002-icc.fm.intel.com with ESMTP; 18 Aug 2016 13:54:51 -0700
X-ExtLoop1: 1
X-IronPort-AV: E=Sophos; i="5.28,541,1464678000"; d="scan'208";
	a="1027946313"
Received: from lsonntax-mobl1.amr.corp.intel.com (HELO
	wcrobert-MOBL1.amr.corp.intel.com) ([10.254.185.46])
	by fmsmga001.fm.intel.com with ESMTP; 18 Aug 2016 13:54:51 -0700
From: william.c.roberts@intel.com
To: selinux@tycho.nsa.gov, jwcart2@tycho.nsa.gov,
	seandroid-list@tycho.nsa.gov, sds@tycho.nsa.gov
Subject: [PATCH 1/2] libsepol: calloc all the *_to_val_structs
Date: Thu, 18 Aug 2016 13:54:48 -0700
Message-Id: <1471553689-14551-1-git-send-email-william.c.roberts@intel.com>
X-Mailer: git-send-email 1.9.1
X-BeenThere: selinux@tycho.nsa.gov
X-Mailman-Version: 2.1.20
Precedence: list
List-Id: "Security-Enhanced Linux \(SELinux\) mailing list"
	<selinux.tycho.nsa.gov>
List-Post: <mailto:selinux@tycho.nsa.gov>
List-Help: <mailto:selinux-request@tycho.nsa.gov?subject=help>
MIME-Version: 1.0
Errors-To: selinux-bounces@tycho.nsa.gov
Sender: "Selinux" <selinux-bounces@tycho.nsa.gov>
X-Virus-Scanned: ClamAV using ClamSMTP

From: William Roberts <william.c.roberts@intel.com>

The usage patterns between these structures seem similair
to role_val_to_struct usages. Calloc these up to prevent
any unitialized usages.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
 libsepol/src/mls.c      | 2 +-
 libsepol/src/policydb.c | 6 +++---
 libsepol/src/users.c    | 9 ++++++++-
 3 files changed, 12 insertions(+), 5 deletions(-)

diff --git a/libsepol/src/mls.c b/libsepol/src/mls.c
index 2dc5f2b..8047d91 100644
--- a/libsepol/src/mls.c
+++ b/libsepol/src/mls.c
@@ -312,7 +312,7 @@ int mls_context_isvalid(const policydb_t * p, const context_struct_t * c)
 	if (!c->user || c->user > p->p_users.nprim)
 		return 0;
 	usrdatum = p->user_val_to_struct[c->user - 1];
-	if (!mls_range_contains(usrdatum->exp_range, c->range))
+	if (!usrdatum || !mls_range_contains(usrdatum->exp_range, c->range))
 		return 0;	/* user may not be associated with range */
 
 	return 1;
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
index c225ac6..5f888d3 100644
--- a/libsepol/src/policydb.c
+++ b/libsepol/src/policydb.c
@@ -1074,7 +1074,7 @@ int policydb_index_others(sepol_handle_t * handle,
 
 	free(p->user_val_to_struct);
 	p->user_val_to_struct = (user_datum_t **)
-	    malloc(p->p_users.nprim * sizeof(user_datum_t *));
+	    calloc(p->p_users.nprim, sizeof(user_datum_t *));
 	if (!p->user_val_to_struct)
 		return -1;
 
@@ -4006,12 +4006,12 @@ int policydb_reindex_users(policydb_t * p)
 		free(p->sym_val_to_name[i]);
 
 	p->user_val_to_struct = (user_datum_t **)
-	    malloc(p->p_users.nprim * sizeof(user_datum_t *));
+	    calloc(p->p_users.nprim, sizeof(user_datum_t *));
 	if (!p->user_val_to_struct)
 		return -1;
 
 	p->sym_val_to_name[i] = (char **)
-	    malloc(p->symtab[i].nprim * sizeof(char *));
+	    calloc(p->symtab[i].nprim, sizeof(char *));
 	if (!p->sym_val_to_name[i])
 		return -1;
 
diff --git a/libsepol/src/users.c b/libsepol/src/users.c
index ce54c2b..3ffb166 100644
--- a/libsepol/src/users.c
+++ b/libsepol/src/users.c
@@ -19,12 +19,17 @@ static int user_to_record(sepol_handle_t * handle,
 
 	const char *name = policydb->p_user_val_to_name[user_idx];
 	user_datum_t *usrdatum = policydb->user_val_to_struct[user_idx];
-	ebitmap_t *roles = &(usrdatum->roles.roles);
+	ebitmap_t *roles;
 	ebitmap_node_t *rnode;
 	unsigned bit;
 
 	sepol_user_t *tmp_record = NULL;
 
+	if (!usrdatum)
+		goto err;
+
+	roles = &(usrdatum->roles.roles);
+
 	if (sepol_user_create(handle, &tmp_record) < 0)
 		goto err;
 
@@ -234,6 +239,7 @@ int sepol_user_modify(sepol_handle_t * handle,
 		if (!tmp_ptr)
 			goto omem;
 		policydb->user_val_to_struct = tmp_ptr;
+		policydb->user_val_to_struct[policydb->p_users.nprim] = NULL;
 
 		tmp_ptr = realloc(policydb->sym_val_to_name[SYM_USERS],
 				  (policydb->p_users.nprim +
@@ -241,6 +247,7 @@ int sepol_user_modify(sepol_handle_t * handle,
 		if (!tmp_ptr)
 			goto omem;
 		policydb->sym_val_to_name[SYM_USERS] = tmp_ptr;
+		policydb->p_user_val_to_name[policydb->p_users.nprim] = NULL;
 
 		/* Need to copy the user name */
 		name = strdup(cname);