From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
In case an entry read from a textual fcontext definition is too long set
errno and the error string accordingly.
Fixes: 92306daf ("libselinux: rework selabel_file(5) database")
Reported-by: oss-fuzz (issue 389974971)
Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
---
libselinux/src/label_support.c | 5 ++++-
1 file changed, 4 insertions(+), 1 deletion(-)
diff --git a/libselinux/src/label_support.c b/libselinux/src/label_support.c
index 978ba828..57e191c8 100644
--- a/libselinux/src/label_support.c
+++ b/libselinux/src/label_support.c
@@ -45,8 +45,11 @@ static inline int read_spec_entry(char **entry, const char **ptr, size_t *len, c
}
if (*len) {
- if (*len >= UINT16_MAX)
+ if (*len >= UINT16_MAX) {
+ errno = EINVAL;
+ *errbuf = "Spec entry too long";
return -1;
+ }
*entry = strndup(tmp_buf, *len);
if (!*entry)
--
2.47.1
