On Thu, Apr 4, 2019 at 3:22 PM Joshua Brindle <joshua.brindle@xxxxxxxxxxxxxxx> wrote: > > On Thu, Apr 4, 2019 at 2:43 PM William Roberts <bill.c.roberts@xxxxxxxxx> wrote: > > > > On Thu, Apr 4, 2019 at 8:37 AM Joshua Brindle > > <joshua.brindle@xxxxxxxxxxxxxxx> wrote: > > > > > > It seems validatetrans support was never added to libselinux, despite being added to > > > selinuxfs in kernel version 4.5 > > > > > > Signed-off-by: Joshua Brindle <joshua.brindle@xxxxxxxxxxxxxxx> > > > --- > > > > > I see things like selinux_status_open() not doing it, also it doesn't > > use selinux_page_size but calls > > sysconf() directly, so that might not be the best example. I just > > wonder if we're glossing over truncation > > bugs that might be hard to debug if they ever crop up without explicit errors. > > Hrm.. I started off with a copy of compute_relabel.c or something, it > looks like none of these functions check. Checking the snprintf for > the path is probably not helpful, but now that you mention it, a > truncation of the last context could remove some categories and cause > an erroneous decision, and since we don't get the answer back from the > file like the compute_ functions it could cause a vulnerability. > > Thanks, will update and resend. Well, this was wrong anyway, I trusted the commit message from when validatetrans was exposed in selinuxfs: https://github.com/torvalds/linux/commit/f9df6458218f4fe8a1c3bf0af89c1fa9eaf0db39 but It was incorrect, 0 is not returned on success, the length written is returned. Will resend soon. Thanks again.
