Since the role datums have not been validated yet, they might be invalid
and set to an enormous high value. Inverting such an ebitmap will take
excessive amount of memory and time.
Found by oss-fuzz (#43709)
---
libsepol/src/expand.c | 4 ++++
1 file changed, 4 insertions(+)
diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index 898e6b87..3fc54af6 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -2481,6 +2481,10 @@ int role_set_expand(role_set_t * x, ebitmap_t * r, policydb_t * out, policydb_t
/* if role is to be complimented, invert the entire bitmap here */
if (x->flags & ROLE_COMP) {
+ /* inverting an ebitmap with an invalid highbit will take aeons */
+ if (ebitmap_length(r) > p->p_roles.nprim)
+ return -1;
+
for (i = 0; i < ebitmap_length(r); i++) {
if (ebitmap_get_bit(r, i)) {
if (ebitmap_set_bit(r, i, 0))
--
2.34.1
