From patchwork Fri Mar 14 13:10:54 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 14016851 Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id D99BC1FA272 for ; Fri, 14 Mar 2025 13:11:07 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; cv=none; b=RlqIpuCDkR0WMfNFYnl+VY6E3+N5Tjem71rWMV0aea6kWxuOqnmOcchVFb0u7MW4zM5FfbucIO+PSaTRqGgY6Q1PoWT26FfiGVR5ztlSP//j8WXzVfx9EB4XvFjQ8xAoDUnh7FMoePiIcbkQVxn2ahylA2pO80XuhSRT7HInV5g= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; c=relaxed/simple; bh=8Hfhx2JUKrPhHF9vHW43Vvc57gwq/r7NMIp3YKIgezk=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=P6hHiOUdN70PR1N7cG3LRyYE3uM4fZF2bm8XyR0aZOaSd1zPJSt9DqZhFb18napixalYqSeGaz7OjY6lsiWdS6Tg7SeYVFsrS5IjITFpb/ZPbsdbSv2+6aME9ylo+YlKJVSBfMXivq9MwcHr9rgUNqDBMZqWYOU8ONO3wn3PepY= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=n7UCfGBV; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="n7UCfGBV" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1741957859; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=szv4YABbw/t+AMOe0EiF0RtQgjdHHBMeww+FDjrFywY=; b=n7UCfGBV76FBUA9riQKXDOnzY7XEj1MxYiEQ8hDykkiSeiAF2M6pPZLxQA79XfhgRePd+7 0iqXLYjmYXlqLnC4bhWSZiwPy4KjDYhir/1qXpslGfP7mvlY3H+1CwENOiCOGDfM84Zk9P PLEhXMr0qgkfaVfz94qdjRHHiAlTLAOeQ2x89xNhZJFdD2jMGkvO/NpEjA2xnGuo/ldrjL yg3gKWVTuKMpuuzT9TsmjMHa6GNr3gWXC77ehveerG5VJ7MHdluaHjgIAufK3caKkxxs2k 8BmhF6i3yWpoQ1/8QmRgj0enEvbUCeNRzxhHv/IEAViasNQpY3QIO5W0J/AsLw== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH v2 1/4] libselinux: constify global strings Date: Fri, 14 Mar 2025 14:10:54 +0100 Message-ID: <20250314131054.24450-4-cgoettsche@seltendoof.de> In-Reply-To: <20250314131054.24450-1-cgoettsche@seltendoof.de> References: <20250314131054.24450-1-cgoettsche@seltendoof.de> Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Declare the read-only encode table const. Drop the only once used global variable selinux_rootpath. Signed-off-by: Christian Göttsche --- libselinux/src/compute_create.c | 2 +- libselinux/src/selinux_config.c | 3 +-- 2 files changed, 2 insertions(+), 3 deletions(-) diff --git a/libselinux/src/compute_create.c b/libselinux/src/compute_create.c index d19baa0b..ff8553bc 100644 --- a/libselinux/src/compute_create.c +++ b/libselinux/src/compute_create.c @@ -33,7 +33,7 @@ static int object_name_encode(const char *objname, char *buffer, size_t buflen) return -1; buffer[offset++] = '+'; } else { - static const char *table = "0123456789ABCDEF"; + static const char *const table = "0123456789ABCDEF"; int l = (code & 0x0f); int h = (code & 0xf0) >> 4; diff --git a/libselinux/src/selinux_config.c b/libselinux/src/selinux_config.c index 1d8cfb71..75db14ba 100644 --- a/libselinux/src/selinux_config.c +++ b/libselinux/src/selinux_config.c @@ -153,7 +153,6 @@ static int setpolicytype(const char *type) } static char *selinux_policyroot = NULL; -static const char *selinux_rootpath = SELINUXDIR; static void init_selinux_config(void) { @@ -312,7 +311,7 @@ int selinux_set_policy_root(const char *path) const char *selinux_path(void) { - return selinux_rootpath; + return SELINUXDIR; } From patchwork Fri Mar 14 13:10:51 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 14016852 Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFA371F4722 for ; Fri, 14 Mar 2025 13:11:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; cv=none; b=Jm4K9atyUu27olgxbnTOlHL0aAJfXSBlPWV23pcJb3OLhtnEiyWCBThkgXwDzet+YIdBaQoCEe9whsAb+QNATTszCK4PIetzK5bsbw6Sx1MsFLTW/NmpbgaYhsiKXF0ppoty9Yx+g3h3X6eeskp+mdhpv1KZlhohpRerCZCgZQ0= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; c=relaxed/simple; bh=q7rRAqqlQeW7LG80Ex07bSt1LbfFDJe+LlpSTGvSWT0=; h=From:To:Cc:Subject:Date:Message-ID:MIME-Version:Content-Type; b=g6PBo923plin6I9oACV8k6x7KRfNIOA8+9BUrt4HlRvDZ0FxFi3ZFOgDmdYH08BufUIxWaz0LvuebrSj+l4kjiGrpvHZ+vEEwO86dD4IimriH05OfeRTqgnoDl+xOqswqJ4SuyiRPd6R5Bohb1dq49nnTpPKkji9lUuTOxKi02I= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=okLBwkcF; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="okLBwkcF" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1741957858; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding; bh=8dqm5HG3yNURV3/qzDFZrPN99picnYmF3QeLKHxGZpQ=; b=okLBwkcFtSi+uszLlXephtHErrE8JsGOANCqjGtNeH84lneAjKY36q6Q9zTJzrms0d3E2/ Qx2HykrE1kcgoWP7ANml+1ebXyF8oE5DXAqJ3U9pXaavfX7u0P6pdDAUs7YZhEfmgivGIr WPsK74gF3gnMFGm85vQv5wQzuRFO5eYWVMAVO/gfXfiotADMRXV/YeyHa26zK2IXzXofk+ lHRJzjFUcILA19nkajw0OuLcgugJzFuXRHzU+5Vxd0mERjpIhohb5F6koSdUUtYFTYWEsU snZ3mVc8vcGZDsohsTswRPiDB48oGL/tje1eLIRnAHZs9/3AQ5Zntu6v+xdyhg== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH v2 2/4] libselinux: use local instead of global error buffer Date: Fri, 14 Mar 2025 14:10:51 +0100 Message-ID: <20250314131054.24450-1-cgoettsche@seltendoof.de> Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Use a function local, and thus thread-safe, buffer for error messages instead of a shared global one. Signed-off-by: Christian Göttsche --- v2: check for valid error buffer in compile_regex() --- libselinux/src/label_file.c | 4 ++-- libselinux/src/label_file.h | 24 ++++++++++++------------ 2 files changed, 14 insertions(+), 14 deletions(-) diff --git a/libselinux/src/label_file.c b/libselinux/src/label_file.c index 56e20949..85d42ff2 100644 --- a/libselinux/src/label_file.c +++ b/libselinux/src/label_file.c @@ -1662,7 +1662,7 @@ static struct lookup_result *lookup_check_node(struct spec_node *node, const cha for (uint32_t i = n->regex_specs_num; i > 0; i--) { /* search in reverse order */ struct regex_spec *rspec = &n->regex_specs[i - 1]; - const char *errbuf = NULL; + char errbuf[256]; int rc; if (child_regex_match && @@ -1673,7 +1673,7 @@ static struct lookup_result *lookup_check_node(struct spec_node *node, const cha if (file_kind != LABEL_FILE_KIND_ALL && rspec->file_kind != LABEL_FILE_KIND_ALL && file_kind != rspec->file_kind) continue; - if (compile_regex(rspec, &errbuf) < 0) { + if (compile_regex(rspec, errbuf, sizeof(errbuf)) < 0) { COMPAT_LOG(SELINUX_ERROR, "Failed to compile regular expression '%s': %s\n", rspec->regex_str, errbuf); goto fail; diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h index 60ebbb47..470e2385 100644 --- a/libselinux/src/label_file.h +++ b/libselinux/src/label_file.h @@ -388,16 +388,22 @@ static inline void sort_specs(struct saved_data *data) sort_spec_node(data->root, NULL); } -static inline int compile_regex(struct regex_spec *spec, const char **errbuf) +static inline int compile_regex(struct regex_spec *spec, char *errbuf, size_t errbuf_size) { const char *reg_buf; char *anchored_regex, *cp; struct regex_error_data error_data; - static char regex_error_format_buffer[256]; size_t len; int rc; bool regex_compiled; + if (!errbuf || errbuf_size == 0) { + errno = EINVAL; + return -1; + } + + *errbuf = '\0'; + /* We really want pthread_once() here, but since its * init_routine does not take a parameter, it's not possible * to use, so we generate the same effect with atomics and a @@ -435,9 +441,8 @@ static inline int compile_regex(struct regex_spec *spec, const char **errbuf) len = strlen(reg_buf); cp = anchored_regex = malloc(len + 3); if (!anchored_regex) { - if (errbuf) - *errbuf = "out of memory"; __pthread_mutex_unlock(&spec->regex_lock); + snprintf(errbuf, errbuf_size, "out of memory"); return -1; } @@ -452,12 +457,7 @@ static inline int compile_regex(struct regex_spec *spec, const char **errbuf) rc = regex_prepare_data(&spec->regex, anchored_regex, &error_data); free(anchored_regex); if (rc < 0) { - if (errbuf) { - regex_format_error(&error_data, - regex_error_format_buffer, - sizeof(regex_error_format_buffer)); - *errbuf = ®ex_error_format_buffer[0]; - } + regex_format_error(&error_data, errbuf, errbuf_size); __pthread_mutex_unlock(&spec->regex_lock); errno = EINVAL; return -1; @@ -624,9 +624,9 @@ static int insert_spec(const struct selabel_handle *rec, struct saved_data *data data->num_specs++; if (rec->validating) { - const char *errbuf = NULL; + char errbuf[256]; - if (compile_regex(&node->regex_specs[id], &errbuf)) { + if (compile_regex(&node->regex_specs[id], errbuf, sizeof(errbuf))) { COMPAT_LOG(SELINUX_ERROR, "%s: line %u has invalid regex %s: %s\n", path, lineno, regex, errbuf); From patchwork Fri Mar 14 13:10:52 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 14016853 Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CF9BF33062 for ; Fri, 14 Mar 2025 13:11:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; cv=none; b=M5gfcNwNBMgXAHWLhhKjvgsuV744d/uwe1uTFyH0wCrrdRHrn+08SxIPU3uwvq/Mfx92ia/Bd6MWhue6UpMxttmhb/KkLBtAnZVdGXGIDlRhTHzO3Wb78Q7pqD+K4kp024lM8sAWVuV6YopuqFQfzOmOGQb6QtDhdkCKm51uXow= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957870; c=relaxed/simple; bh=6mJtMCynq3/qFJfbuwBFmL6N1mZMD0UPGwHP82/HUQY=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=XvRv8LUlxt3mx+nBr6Xir205d2N8EiikNlEU9ctoFWkUJPr1keyjljuod563IxsQnybFzfgGGaLthXXAAVxgfgNq+i0pojhugxVjC6cr0Pa7UsTosFS6XgodeedZVrXxH9UI5Okeirg4AFSRCG4t0Izfe4EMA1FOAd/TSCMow7k= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=OBeUqDm1; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="OBeUqDm1" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1741957859; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=W8dcfVRtMjJubp4rsFUjaEOXQkYrlFHgM6nWfwVWiio=; b=OBeUqDm1kxWeIQ+vR0FpFjtjtGNIQmbrLpY5ebbio4oGNtM9cg+xLsvlSP6qAVQh0lZjg2 NoNnQFKJyZJUNykh41CYcAgmHaRyhH/AkhahAFjSigTdSXexpy65emspnyYgQPLiBocdlY K1NEc2AOAWRZ+NrM/YgR92Oupx53I+kSGgUQCy6JHs2rdn8vM6NcINI292JHrCpFED+RK6 2PvSxvzTVMSUZdqHlkk/LmKp29JKT8sfdCQEjfLE0hBVkZwtVYeW0VwPRflU5aYZ5FSijy 8jeJYRkDQeQD6dqOvJoTr/9dR18bjI+KM/yb89UFv4TdrMRxBflmuiBawfV3YA== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH v2 3/4] libselinux: initialize regex arch string in a thread safe way Date: Fri, 14 Mar 2025 14:10:52 +0100 Message-ID: <20250314131054.24450-2-cgoettsche@seltendoof.de> In-Reply-To: <20250314131054.24450-1-cgoettsche@seltendoof.de> References: <20250314131054.24450-1-cgoettsche@seltendoof.de> Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Synchronize the initialization of the regex architecture string. Signed-off-by: Christian Göttsche --- libselinux/src/regex.c | 46 ++++++++++++++++++++++++------------------ 1 file changed, 26 insertions(+), 20 deletions(-) diff --git a/libselinux/src/regex.c b/libselinux/src/regex.c index 182c8c89..976f00d4 100644 --- a/libselinux/src/regex.c +++ b/libselinux/src/regex.c @@ -30,32 +30,38 @@ #endif #ifdef USE_PCRE2 -char const *regex_arch_string(void) +static pthread_once_t once = PTHREAD_ONCE_INIT; +static char arch_string_buffer[32]; + +static void regex_arch_string_init(void) { - static char arch_string_buffer[32]; - static char const *arch_string = ""; - char const *endianness = NULL; + char const *endianness; int rc; - if (arch_string[0] == '\0') { - if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) - endianness = "el"; - else if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) - endianness = "eb"; + if (__BYTE_ORDER__ == __ORDER_LITTLE_ENDIAN__) + endianness = "el"; + else if (__BYTE_ORDER__ == __ORDER_BIG_ENDIAN__) + endianness = "eb"; + else { + arch_string_buffer[0] = '\0'; + return; + } - if (!endianness) - return NULL; + rc = snprintf(arch_string_buffer, sizeof(arch_string_buffer), + "%zu-%zu-%s", sizeof(void *), + sizeof(REGEX_ARCH_SIZE_T), + endianness); + if (rc < 0 || (size_t)rc >= sizeof(arch_string_buffer)) { + arch_string_buffer[0] = '\0'; + return; + } +} - rc = snprintf(arch_string_buffer, sizeof(arch_string_buffer), - "%zu-%zu-%s", sizeof(void *), - sizeof(REGEX_ARCH_SIZE_T), - endianness); - if (rc < 0) - abort(); +const char *regex_arch_string(void) +{ + __selinux_once(once, regex_arch_string_init); - arch_string = &arch_string_buffer[0]; - } - return arch_string; + return arch_string_buffer[0] != '\0' ? arch_string_buffer : NULL; } struct regex_data { From patchwork Fri Mar 14 13:10:53 2025 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 8bit X-Patchwork-Submitter: =?utf-8?q?Christian_G=C3=B6ttsche?= X-Patchwork-Id: 14016850 Received: from server02.seltendoof.de (server02.seltendoof.de [168.119.48.163]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by smtp.subspace.kernel.org (Postfix) with ESMTPS id CFACB1FE44B for ; Fri, 14 Mar 2025 13:11:06 +0000 (UTC) Authentication-Results: smtp.subspace.kernel.org; arc=none smtp.client-ip=168.119.48.163 ARC-Seal: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957869; cv=none; b=gEx/a2dflXz+kBx+mm+oQXTzunoa/GtL9/NEgvVFM2/cRPShMERZcaRCRdrATK/EP+gh4sSI7tvbvLmXfuwbC/f22LsdFcOh+Qo3aMIzxg4ersUaprUc20fOu2FrsbAZtU+IaMyrE/KghsGSE4kx4re3zEXSaw+V7LafMEhoowQ= ARC-Message-Signature: i=1; a=rsa-sha256; d=subspace.kernel.org; s=arc-20240116; t=1741957869; c=relaxed/simple; bh=CzqM19HI39OADDIN139XONvl9a0xm0JaIlHVuF1Tpjo=; h=From:To:Cc:Subject:Date:Message-ID:In-Reply-To:References: MIME-Version:Content-Type; b=A77zz3VN6Wc9+qkrAbHqP2dcqWHCR2RRtgy2H8c9N8AZkdTGwoLEjloHoTDguwiFnrv+oslGRmFYiUxINkjETkitbyKZCcKcN9INgJOZ3sYgcrvMbT94DGZiNXHX5GnMhA+TJdYTvPxf2ITRiiC+oi7nSUOMrUo4XA+xIyVRm4Q= ARC-Authentication-Results: i=1; smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de; spf=pass smtp.mailfrom=seltendoof.de; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b=AePkzX3G; arc=none smtp.client-ip=168.119.48.163 Authentication-Results: smtp.subspace.kernel.org; dmarc=pass (p=reject dis=none) header.from=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; spf=pass smtp.mailfrom=seltendoof.de Authentication-Results: smtp.subspace.kernel.org; dkim=pass (2048-bit key) header.d=seltendoof.de header.i=@seltendoof.de header.b="AePkzX3G" From: =?utf-8?q?Christian_G=C3=B6ttsche?= DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=seltendoof.de; s=2023072701; t=1741957859; h=from:from:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=Yig+9lWJV06N3VM45MScijRxGZq0oSskrgcn2u7SJ84=; b=AePkzX3GxODUEa91+KLJt4shvkf2PvUuIZSXxgohw13WppgV1SAinBqin3cHQlqfo+wK6X CwwndDntGI9cy/Ih91xESj+H5ukF71ChQxGXWVkPnb/+w6KU6Vr2674GwmZujGYFUX5a1s xFSLG526535CfIO1v8k4iiO9ZfAMhPFCZEmVXZl7ohGQYmJ7R6kGFl3Lg80ZnLQqfFGk2e MeP/YF3QR4d/2vfDgqxydw8j/pMhPeew91vfKzZ5idjfvm5URy/TiZsGcQp5cMhuRbturD e45Yqmd6aa1B1fdsDllJwGQCZG9ip7D4huTU4dKbwIOI3Zcs3hovjk+UUIyS4Q== To: selinux@vger.kernel.org Cc: =?utf-8?q?Christian_G=C3=B6ttsche?= Subject: [PATCH v2 4/4] libselinux: limit fcontext regex path length Date: Fri, 14 Mar 2025 14:10:53 +0100 Message-ID: <20250314131054.24450-3-cgoettsche@seltendoof.de> In-Reply-To: <20250314131054.24450-1-cgoettsche@seltendoof.de> References: <20250314131054.24450-1-cgoettsche@seltendoof.de> Reply-To: =?utf-8?q?Christian_G=C3=B6ttsche?= Precedence: bulk X-Mailing-List: selinux@vger.kernel.org List-Id: List-Subscribe: List-Unsubscribe: MIME-Version: 1.0 From: Christian Göttsche Limit the length of regular expression paths in fcontext source definitions to reduce the worst case regex compilation time for abnormal inputs. Reported-by: oss-fuzz (issue 393203212) Signed-off-by: Christian Göttsche --- libselinux/src/label_file.h | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/libselinux/src/label_file.h b/libselinux/src/label_file.h index 470e2385..5fc76b7e 100644 --- a/libselinux/src/label_file.h +++ b/libselinux/src/label_file.h @@ -439,6 +439,12 @@ static inline int compile_regex(struct regex_spec *spec, char *errbuf, size_t er reg_buf = spec->regex_str; /* Anchor the regular expression. */ len = strlen(reg_buf); + if (len >= 4096) { + __pthread_mutex_unlock(&spec->regex_lock); + snprintf(errbuf, errbuf_size, "regex of length %zu too long", len); + errno = EINVAL; + return -1; + } cp = anchored_regex = malloc(len + 3); if (!anchored_regex) { __pthread_mutex_unlock(&spec->regex_lock);