rpms/libsepol
5
0
Fork 0
Code Issues Pull Requests Releases Activity
ed61d9f2c1
libsepol/0008-libsepol-silence-potential-NULL-pointer-dereference-.patch
Petr Lautrbach 13eae1c266 Rebase on db0f2f382e31 at SELinuxProject 
- drop deprecated functions and duplicated symbols
- change library version to libsepol.so.2
- temporary ship -compat with libsepol.so.1
- based on upstream db0f2f382e31
- re-enable lto flags
2020-10-23 23:19:02 +02:00

67 lines
2.2 KiB
Diff
Raw Blame History

From c97d63c6b40c71c693d3b5bb25628869a95dff24 Mon Sep 17 00:00:00 2001
From: Nicolas Iooss <nicolas.iooss@m4x.org>
Date: Sat, 3 Oct 2020 15:56:58 +0200
Subject: [PATCH] libsepol: silence potential NULL pointer dereference warning
When find_avtab_node() is called with key->specified & AVTAB_XPERMS and
xperms=NULL, xperms is being dereferenced. This is detected as a
"NULL pointer dereference issue" by static analyzers.
Even though it does not make much sense to call find_avtab_node() in a
way which triggers the NULL pointer dereference issue, static analyzers
have a hard time with calls such as:
node = find_avtab_node(handle, avtab, &avkey, cond, NULL);
... where xperms=NULL.
So, make the function report an error instead of crashing.
Here is an example of report from clang's static analyzer:
https://558-118970575-gh.circle-artifacts.com/0/output-scan-build/2020-10-02-065849-6375-1/report-d86a57.html#EndPath
Signed-off-by: Nicolas Iooss <nicolas.iooss@m4x.org>
---
libsepol/src/expand.c | 23 ++++++++++++++---------
1 file changed, 14 insertions(+), 9 deletions(-)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 19e48c507236..eac7e4507d02 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -1570,17 +1570,22 @@ static avtab_ptr_t find_avtab_node(sepol_handle_t * handle,
/* AVTAB_XPERMS entries are not necessarily unique */
if (key->specified & AVTAB_XPERMS) {
- node = avtab_search_node(avtab, key);
- while (node) {
- if ((node->datum.xperms->specified == xperms->specified) &&
- (node->datum.xperms->driver == xperms->driver)) {
- match = 1;
- break;
+ if (xperms == NULL) {
+ ERR(handle, "searching xperms NULL");
+ node = NULL;
+ } else {
+ node = avtab_search_node(avtab, key);
+ while (node) {
+ if ((node->datum.xperms->specified == xperms->specified) &&
+ (node->datum.xperms->driver == xperms->driver)) {
+ match = 1;
+ break;
+ }
+ node = avtab_search_node_next(node, key->specified);
}
- node = avtab_search_node_next(node, key->specified);
+ if (!match)
+ node = NULL;
}
- if (!match)
- node = NULL;
} else {
node = avtab_search_node(avtab, key);
}
--
2.29.0.rc2
Reference in New Issue View Git Blame Copy Permalink