Re: [RFC PATCH v2 12/27] libselinux: avoid regex serialization truncations

James Carter <jwcart2@xxxxxxxxx> · Thu, 5 Oct 2023 10:44:41 -0400



On Mon, Aug 14, 2023 at 9:42 AM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> Check (for the probably impossible) case the serialized data is longer
> than the compiled fcontext format supports.
>
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>

Acked-by: James Carter <jwcart2@xxxxxxxxx>

> ---
>  libselinux/src/regex.c | 2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/libselinux/src/regex.c b/libselinux/src/regex.c
> index 16df6790..88d82fed 100644
> --- a/libselinux/src/regex.c
> +++ b/libselinux/src/regex.c
> @@ -176,7 +176,7 @@ int regex_writef(struct regex_data *regex, FILE *fp, int do_write_precompregex)
>                 /* encode the pattern for serialization */
>                 rc = pcre2_serialize_encode((const pcre2_code **)&regex->regex,
>                                             1, &bytes, &serialized_size, NULL);
> -               if (rc != 1) {
> +               if (rc != 1 || serialized_size >= UINT32_MAX) {
>                         rc = -1;
>                         goto out;
>                 }
> --
> 2.40.1
>