On the first loop iteration the variables `r_buf` and `reason_buf_used`
are NULL respective 0. Please UBSAN by not adding them but instead
directly assign NULL.
services.c:800:16: runtime error: applying zero offset to null pointer
#0 0x4d4fce in constraint_expr_eval_reason ./libsepol/src/services.c:800:16
#1 0x4cf31a in sepol_validate_transition_reason_buffer ./libsepol/src/services.c:1079:8
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libsepol/src/services.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/libsepol/src/services.c b/libsepol/src/services.c
index 7becfd1b..29723729 100644
--- a/libsepol/src/services.c
+++ b/libsepol/src/services.c
@@ -797,7 +797,7 @@ mls_ops:
for (x = 0; buffers[x] != NULL; x++) {
while (1) {
- p = *r_buf + reason_buf_used;
+ p = *r_buf ? (*r_buf + reason_buf_used) : NULL;
len = snprintf(p, reason_buf_len - reason_buf_used,
"%s", buffers[x]);
if (len < 0 || len >= reason_buf_len - reason_buf_used) {
--
2.35.1
