[PATCH 2/5] checkpolicy: check identifier before copying

Christian Göttsche <cgoettsche@xxxxxxxxxxxxx> · Wed, 15 Jan 2025 14:13:25 +0100

From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>

Avoid calling strdup(3) with a NULL pointer, which can happen with an
invalid policy context, e.g.:

    class C
    sid S
    class C { P }
    ;
    user U roles j;
    sid S s:l:q:q:q

Fixes: 6f2b689f ("checkpolicy: Fix MLS users in optional blocks")
Reported-by: oss-fuzz (issue 390004173)
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
 checkpolicy/policy_define.c | 9 ++++++++-
 1 file changed, 8 insertions(+), 1 deletion(-)

diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index 2f811b67..96a481f7 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -4437,6 +4437,7 @@ static int parse_semantic_categories(char *id, level_datum_t * levdatum __attrib
 
 int define_user(void)
 {
+	const char *username;
 	char *id;
 	user_datum_t *usrdatum, *usr_global;
 	level_datum_t *levdatum;
@@ -4463,7 +4464,13 @@ int define_user(void)
 		return 0;
 	}
 
-	id = strdup(queue_head(id_queue));
+	username = queue_head(id_queue);
+	if (!username) {
+		yyerror("no user name");
+		return -1;
+	}
+
+	id = strdup(username);
 
 	if ((usrdatum = declare_user()) == NULL) {
 		free(id);
-- 
2.47.1








