[PATCH 5/5] libsepol: expand: skip invalid cat

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 

Bail out on expanding levels with invalid low category.

UBSAN report:

    expand.c:952:21: runtime error: unsigned integer overflow: 0 - 1 cannot be represented in type 'uint32_t' (aka 'unsigned int')

Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 libsepol/src/expand.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsepol/src/expand.c b/libsepol/src/expand.c
index c08d3a35..8795229a 100644
--- a/libsepol/src/expand.c
+++ b/libsepol/src/expand.c
@@ -943,7 +943,7 @@ int mls_semantic_level_expand(mls_semantic_level_t * sl, mls_level_t * l,
 		return -1;
 	}
 	for (cat = sl->cat; cat; cat = cat->next) {
-		if (cat->low > cat->high) {
+		if (!cat->low || cat->low > cat->high) {
 			ERR(h, "Category range is not valid %s.%s",
 			    p->p_cat_val_to_name[cat->low - 1],
 			    p->p_cat_val_to_name[cat->high - 1]);
-- 
2.40.1
[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux