c59879b8aa
Rebase on upstream commit 32611aea6543
See
$ cd SELinuxProject/selinux
$ git log --pretty=oneline libsepol-3.2..32611aea6543 -- libsepol
41 lines
1.4 KiB
Diff
41 lines
1.4 KiB
Diff
From d9433692c782b65e5397234950c6d9993fbcaa70 Mon Sep 17 00:00:00 2001
|
|
From: James Carter <jwcart2@gmail.com>
|
|
Date: Wed, 28 Apr 2021 16:07:09 -0400
|
|
Subject: [PATCH] libsepol/cil: Return an error if a call argument fails to
|
|
resolve
|
|
|
|
Return an error if a call argument fails to resolve so that
|
|
the resolution phase stops and returns an error.
|
|
|
|
This problem was found by the secilc-fuzzer.
|
|
|
|
Signed-off-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
libsepol/cil/src/cil_resolve_ast.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libsepol/cil/src/cil_resolve_ast.c b/libsepol/cil/src/cil_resolve_ast.c
|
|
index b081d45d4cb5..f251ed1582fc 100644
|
|
--- a/libsepol/cil/src/cil_resolve_ast.c
|
|
+++ b/libsepol/cil/src/cil_resolve_ast.c
|
|
@@ -3277,6 +3277,7 @@ int cil_resolve_call2(struct cil_tree_node *current, void *extra_args)
|
|
if (sym_index != CIL_SYM_UNKNOWN) {
|
|
rc = cil_resolve_name(current, arg->arg_str, sym_index, extra_args, &(arg->arg));
|
|
if (rc != SEPOL_OK) {
|
|
+ cil_tree_log(current, CIL_ERR, "Failed to resolve %s in call argument list", arg->arg_str);
|
|
goto exit;
|
|
}
|
|
}
|
|
@@ -3308,7 +3309,7 @@ int cil_resolve_name_call_args(struct cil_call *call, char *name, enum cil_sym_i
|
|
if (param_index == sym_index) {
|
|
if (name == arg->param_str) {
|
|
*datum = arg->arg;
|
|
- rc = SEPOL_OK;
|
|
+ rc = *datum ? SEPOL_OK : SEPOL_ERR;
|
|
goto exit;
|
|
}
|
|
}
|
|
--
|
|
2.32.0
|
|
|