On Wed, Jan 15, 2025 at 8:13 AM Christian Göttsche
<cgoettsche@xxxxxxxxxxxxx> wrote:
>
> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> In case an entry read from a textual fcontext definition is too long set
> errno and the error string accordingly.
>
> Fixes: 92306daf ("libselinux: rework selabel_file(5) database")
> Reported-by: oss-fuzz (issue 389974971)
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
For these five patches:
Acked-by: James Carter <jwcart2@xxxxxxxxx>
> ---
> libselinux/src/label_support.c | 5 ++++-
> 1 file changed, 4 insertions(+), 1 deletion(-)
>
> diff --git a/libselinux/src/label_support.c b/libselinux/src/label_support.c
> index 978ba828..57e191c8 100644
> --- a/libselinux/src/label_support.c
> +++ b/libselinux/src/label_support.c
> @@ -45,8 +45,11 @@ static inline int read_spec_entry(char **entry, const char **ptr, size_t *len, c
> }
>
> if (*len) {
> - if (*len >= UINT16_MAX)
> + if (*len >= UINT16_MAX) {
> + errno = EINVAL;
> + *errbuf = "Spec entry too long";
> return -1;
> + }
>
> *entry = strndup(tmp_buf, *len);
> if (!*entry)
> --
> 2.47.1
>
>
