diff mbox series

[v3,32/36] libsepol: validate permissive types

Message ID	20211209164928.87459-33-cgzones@googlemail.com (mailing list archive)
State	Accepted
Headers	show Return-Path: <selinux-owner@kernel.org> From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> To: selinux@vger.kernel.org Subject: [PATCH v3 32/36] libsepol: validate permissive types Date: Thu, 9 Dec 2021 17:49:24 +0100 Message-Id: <20211209164928.87459-33-cgzones@googlemail.com> In-Reply-To: <20211209164928.87459-1-cgzones@googlemail.com> References: <20211105154542.38434-1-cgzones@googlemail.com> <20211209164928.87459-1-cgzones@googlemail.com> MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Precedence: bulk
Series	libsepol: add fuzzer for reading binary policies \| expand [v3,00/36] libsepol: add fuzzer for reading binary policies [v3,01/36] cifuzz: enable report-unreproducible-crashes [v3,02/36] cifuzz: use the default runtime of 600 seconds [v3,03/36] libsepol/fuzz: silence secilc-fuzzer [v3,04/36] libsepol: add libfuzz based fuzzer for reading binary policies [v3,05/36] libsepol/fuzz: limit element sizes for fuzzing [v3,06/36] libsepol: use logging framework in conditional.c [v3,07/36] libsepol: use logging framework in ebitmap.c [v3,08/36] libsepol: use mallocarray wrapper to avoid overflows [v3,09/36] libsepol: use reallocarray wrapper to avoid overflows [v3,10/36] libsepol: add checks for read sizes [v3,11/36] libsepol: enforce avtab item limit [v3,12/36] libsepol: clean memory on conditional insertion failure [v3,13/36] libsepol: reject abnormal huge sid ids [v3,14/36] libsepol: reject invalid filetrans source type [v3,15/36] libsepol: zero member before potential dereference [v3,16/36] libsepol: use size_t for indexes in strs helpers [v3,17/36] libsepol: do not underflow on short format arguments [v3,18/36] libsepol: do not crash on class gaps [v3,19/36] libsepol: do not crash on user gaps [v3,20/36] libsepol: use correct size for initial string list [v3,21/36] libsepol: do not create a string list with initial size zero [v3,22/36] libsepol: split validation of datum array gaps and entries [v3,23/36] libsepol: validate MLS levels [v3,24/36] libsepol: validate expanded user range and level [v3,25/36] libsepol: validate permission count of classes [v3,26/36] libsepol: resolve log message mismatch [v3,27/36] libsepol: validate avtab and avrule types [v3,28/36] libsepol: validate constraint expression operators and attributes [v3,29/36] libsepol: validate type of avtab type rules [v3,30/36] libsepol: validate ocontexts [v3,31/36] libsepol: validate genfs contexts [v3,32/36] libsepol: validate permissive types [v3,33/36] libsepol: validate policy properties [v3,34/36] libsepol: validate categories [v3,35/36] libsepol: validate fsuse types [v3,36/36] libsepol: validate class default targets

Commit Message

Christian Göttsche Dec. 9, 2021, 4:49 p.m. UTC

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 libsepol/src/policydb_validate.c | 20 ++++++++++++++++++++
 1 file changed, 20 insertions(+)

diff mbox series

Patch

diff --git a/libsepol/src/policydb_validate.c b/libsepol/src/policydb_validate.c
index 11f13d65..d9968a8e 100644
--- a/libsepol/src/policydb_validate.c
+++ b/libsepol/src/policydb_validate.c
@@ -961,6 +961,23 @@  bad:
 	return -1;
 }
 
+static int validate_permissives(sepol_handle_t *handle, policydb_t *p, validate_t flavors[])
+{
+	ebitmap_node_t *node;
+	unsigned i;
+
+	ebitmap_for_each_positive_bit(&p->permissive_map, node, i) {
+		if (validate_value(i, &flavors[SYM_TYPES]))
+			goto bad;
+	}
+
+	return 0;
+
+bad:
+	ERR(handle, "Invalid permissive type");
+	return -1;
+}
+
 static void validate_array_destroy(validate_t flavors[])
 {
 	unsigned int i;
@@ -1013,6 +1030,9 @@  int validate_policydb(sepol_handle_t *handle, policydb_t *p)
 	if (validate_datum_array_entries(handle, p, flavors))
 		goto bad;
 
+	if (validate_permissives(handle, p, flavors))
+		goto bad;
+
 	validate_array_destroy(flavors);
 
 	return 0;