[2/3] checkpolicy: abort on mismatched declarations

Message ID	20250225143312.47755-1-cgoettsche@seltendoof.de (mailing list archive)
State	New
Delegated to:	Petr Lautrbach
Headers	show Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id 317D71FCFD9 for <selinux@vger.kernel.org>; Tue, 25 Feb 2025 14:33:27 +0000 (UTC) From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgoettsche@seltendoof.de> To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> Subject: [PATCH 2/3] checkpolicy: abort on mismatched declarations Date: Tue, 25 Feb 2025 15:33:10 +0100 Message-ID: <20250225143312.47755-1-cgoettsche@seltendoof.de> Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com> Precedence: bulk MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit
Series	[1/3] checkpolicy: free left hand conditional expression on error \| expand [2/3] checkpolicy: abort on mismatched declarations [3/3] checkpolicy: perform cleanup on error in define_filename_trans() [1/3] checkpolicy: free left hand conditional expression on error

Message ID

20250225143312.47755-1-cgoettsche@seltendoof.de (mailing list archive)

State

New

Delegated to:

Petr Lautrbach

Headers

From: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgoettsche@seltendoof.de>
To: selinux@vger.kernel.org
Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
Subject: [PATCH 2/3] checkpolicy: abort on mismatched declarations
Date: Tue, 25 Feb 2025 15:33:10 +0100
Message-ID: <20250225143312.47755-1-cgoettsche@seltendoof.de>
Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= <cgzones@googlemail.com>
Precedence: bulk
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit

Series

[1/3] checkpolicy: free left hand conditional expression on error | expand

Commit Message

Christian Göttsche Feb. 25, 2025, 2:33 p.m. UTC

From: Christian Göttsche <cgzones@googlemail.com>

In case a type or role gets re-declared as an attribute abort parsing
immediately. Since yyerror() is called the variable policydb_errors is
increased and will signal an error later on.

Reported-by: oss-fuzz (issue 398527873)
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
---
 checkpolicy/module_compiler.c | 2 ++
 1 file changed, 2 insertions(+)

diff --git a/checkpolicy/module_compiler.c b/checkpolicy/module_compiler.c
index 3a7ad1bb..efbcfa7d 100644
--- a/checkpolicy/module_compiler.c
+++ b/checkpolicy/module_compiler.c
@@ -291,6 +291,7 @@  static int create_role(uint32_t scope, unsigned char isattr, role_datum_t **role
 		if (*role && (isattr != (*role)->flavor)) {
 			yyerror2("Identifier %s used as both an attribute and a role",
 				 id);
+			*role = NULL;
 			free(id);
 			role_datum_destroy(datum);
 			free(datum);
@@ -428,6 +429,7 @@  static int create_type(uint32_t scope, unsigned char isattr, type_datum_t **type
 		if (*type && (isattr != (*type)->flavor)) {
 			yyerror2("Identifier %s used as both an attribute and a type",
 				 id);
+			*type = NULL;
 			free(id);
 			return -1;
 		}

[2/3] checkpolicy: abort on mismatched declarations

Commit Message

Patch