[PATCH 2/3] libsepol: avoid integer overflow in add_i_to_a()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 libsepol/src/util.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/libsepol/src/util.c b/libsepol/src/util.c
index 571f6c93..4a6f7d11 100644
--- a/libsepol/src/util.c
+++ b/libsepol/src/util.c
@@ -44,7 +44,7 @@ int add_i_to_a(uint32_t i, uint32_t * cnt, uint32_t ** a)
 {
 	uint32_t *new;
 
-	if (cnt == NULL || a == NULL)
+	if (cnt == NULL || *cnt == UINT32_MAX || a == NULL)
 		return -1;
 
 	/* FIX ME: This is not very elegant! We use an array that we
-- 
2.43.0





[Index of Archives]     [Selinux Refpolicy]     [Linux SGX]     [Fedora Users]     [Fedora Desktop]     [Yosemite Photos]     [Yosemite Camping]     [Yosemite Campsites]     [KDE Users]     [Gnome Users]

  Powered by Linux