Error out instead of silently converting too big integer values in
policy sources.
policy_parse.y:893:41: runtime error: implicit conversion from type 'unsigned long' of value 18446744073709551615 (64-bit, unsigned) to type 'unsigned int' changed the value to 4294967295 (32-bit, unsigned)
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
v2:
- only check usigned long against UINT_MAX, if ULONG_MAX is actually
bigger
checkpolicy/policy_parse.y | 20 ++++++++++++++++++--
1 file changed, 18 insertions(+), 2 deletions(-)
diff --git a/checkpolicy/policy_parse.y b/checkpolicy/policy_parse.y
index 6098eb50..45f973ff 100644
--- a/checkpolicy/policy_parse.y
+++ b/checkpolicy/policy_parse.y
@@ -890,10 +890,26 @@ filename : FILENAME
{ yytext[strlen(yytext) - 1] = '\0'; if (insert_id(yytext + 1,0)) return -1; }
;
number : NUMBER
- { $$ = strtoul(yytext,NULL,0); }
+ { unsigned long x;
+ errno = 0;
+ x = strtoul(yytext, NULL, 0);
+ if (errno)
+ return -1;
+#if ULONG_MAX > UINT_MAX
+ if (x > UINT_MAX)
+ return -1;
+#endif
+ $$ = (unsigned int) x;
+ }
;
number64 : NUMBER
- { $$ = strtoull(yytext,NULL,0); }
+ { unsigned long long x;
+ errno = 0;
+ x = strtoull(yytext, NULL, 0);
+ if (errno)
+ return -1;
+ $$ = (uint64_t) x;
+ }
;
ipv6_addr : IPV6_ADDR
{ if (insert_id(yytext,0)) return -1; }
--
2.33.0
