Nicolas Iooss reports that fuzzing /usr/libexec/hll/pp with the American Fuzzy Lop revealed that inconsistent policy modules could be created that caused NULL dereferences and other problems. This patch validates the policydb when reading in the binary policy. See the description of the second patch for more details. The validation requires a negligible amount of time to complete. James Carter (2): libsepol: Create function ebitmap_highest_set_bit() libsepol: Validate policydb values when reading binary policy libsepol/include/sepol/policydb/ebitmap.h | 1 + libsepol/src/ebitmap.c | 20 + libsepol/src/policydb.c | 35 +- libsepol/src/policydb_validate.c | 764 ++++++++++++++++++++++ libsepol/src/policydb_validate.h | 7 + 5 files changed, 815 insertions(+), 12 deletions(-) create mode 100644 libsepol/src/policydb_validate.c create mode 100644 libsepol/src/policydb_validate.h -- 2.26.2
