James Carter <jwcart2@xxxxxxxxx> writes:
> On Wed, Jan 15, 2025 at 8:13 AM Christian Göttsche
> <cgoettsche@xxxxxxxxxxxxx> wrote:
>>
>> From: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>>
>> In case an entry read from a textual fcontext definition is too long set
>> errno and the error string accordingly.
>>
>> Fixes: 92306daf ("libselinux: rework selabel_file(5) database")
>> Reported-by: oss-fuzz (issue 389974971)
>> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
>
> For these five patches:
> Acked-by: James Carter <jwcart2@xxxxxxxxx>
Merged. Thanks!
>> ---
>> libselinux/src/label_support.c | 5 ++++-
>> 1 file changed, 4 insertions(+), 1 deletion(-)
>>
>> diff --git a/libselinux/src/label_support.c b/libselinux/src/label_support.c
>> index 978ba828..57e191c8 100644
>> --- a/libselinux/src/label_support.c
>> +++ b/libselinux/src/label_support.c
>> @@ -45,8 +45,11 @@ static inline int read_spec_entry(char **entry, const char **ptr, size_t *len, c
>> }
>>
>> if (*len) {
>> - if (*len >= UINT16_MAX)
>> + if (*len >= UINT16_MAX) {
>> + errno = EINVAL;
>> + *errbuf = "Spec entry too long";
>> return -1;
>> + }
>>
>> *entry = strndup(tmp_buf, *len);
>> if (!*entry)
>> --
>> 2.47.1
>>
>>
