From: Petr Lautrbach <plautrba@redhat.com>
To: SElinux list <selinux@vger.kernel.org>
Cc: "James Carter" <jwcart2@gmail.com>,
"Christian Göttsche" <cgzones@googlemail.com>
Subject: Re: [PATCH] libsepol: add missing oom checks
Date: Wed, 06 Apr 2022 11:26:21 +0200 [thread overview]
Message-ID: <87k0c2pnpe.fsf@redhat.com> (raw)
In-Reply-To: <CAP+JOzSXbEZuEy_oMgWPbu_mcTZo_HBb6-YVR1ULKpY36z2nkQ@mail.gmail.com>
James Carter <jwcart2@gmail.com> writes:
> On Thu, Mar 31, 2022 at 11:34 AM Christian Göttsche
> <cgzones@googlemail.com> wrote:
>>
>> Check return values of memory allocation functions and propagate their
>> failure.
>>
>> Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
>
> Acked-by: James Carter <jwcart2@gmail.com>
Merged.
>> ---
>> libsepol/src/kernel_to_cil.c | 9 +++++++++
>> libsepol/src/kernel_to_conf.c | 4 ++++
>> libsepol/src/module_to_cil.c | 11 +++++++++++
>> libsepol/src/policydb.c | 3 ++-
>> 4 files changed, 26 insertions(+), 1 deletion(-)
>>
>> diff --git a/libsepol/src/kernel_to_cil.c b/libsepol/src/kernel_to_cil.c
>> index 869f6940..9128ac55 100644
>> --- a/libsepol/src/kernel_to_cil.c
>> +++ b/libsepol/src/kernel_to_cil.c
>> @@ -190,6 +190,10 @@ static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr
>> }
>> if (!names) {
>> names = strdup("NO_IDENTIFIER");
>> + if (!names) {
>> + sepol_log_err("Out of memory");
>> + goto exit;
>> + }
>> }
>> if (strchr(names, ' ')) {
>> new_val = create_str("(%s %s (%s))", 3, op, attr1, names);
>> @@ -568,6 +572,11 @@ static int write_sids_to_cil(FILE *out, const char *const *sid_to_str,
>> } else {
>> snprintf(unknown, 18, "%s%u", "UNKNOWN", i);
>> sid = strdup(unknown);
>> + if (!sid) {
>> + sepol_log_err("Out of memory");
>> + rc = -1;
>> + goto exit;
>> + }
>> }
>> rc = strs_add_at_index(strs, sid, i);
>> if (rc != 0) {
>> diff --git a/libsepol/src/kernel_to_conf.c b/libsepol/src/kernel_to_conf.c
>> index 3544f73d..63dffd9b 100644
>> --- a/libsepol/src/kernel_to_conf.c
>> +++ b/libsepol/src/kernel_to_conf.c
>> @@ -187,6 +187,10 @@ static char *constraint_expr_to_str(struct policydb *pdb, struct constraint_expr
>> }
>> if (!names) {
>> names = strdup("NO_IDENTIFIER");
>> + if (!names) {
>> + sepol_log_err("Out of memory");
>> + goto exit;
>> + }
>> }
>> if (strchr(names, ' ')) {
>> new_val = create_str("%s %s { %s }", 3, attr1, op, names);
>> diff --git a/libsepol/src/module_to_cil.c b/libsepol/src/module_to_cil.c
>> index c9e88f1e..f2e8aff0 100644
>> --- a/libsepol/src/module_to_cil.c
>> +++ b/libsepol/src/module_to_cil.c
>> @@ -393,6 +393,8 @@ static int typealias_list_create(struct policydb *pdb)
>> }
>>
>> typealias_lists = calloc(max_decl_id + 1, sizeof(*typealias_lists));
>> + if (!typealias_lists)
>> + goto exit;
>> typealias_lists_len = max_decl_id + 1;
>>
>> rc = hashtab_map(pdb->p_types.table, typealiases_gather_map, pdb);
>> @@ -1792,6 +1794,10 @@ static int constraint_expr_to_string(struct policydb *pdb, struct constraint_exp
>> }
>> if (num_names == 0) {
>> names = strdup("NO_IDENTIFIER");
>> + if (!names) {
>> + rc = -1;
>> + goto exit;
>> + }
>> } else {
>> rc = name_list_to_string(name_list, num_names, &names);
>> if (rc != 0) {
>> @@ -2556,6 +2562,11 @@ static int ocontext_isid_to_cil(struct policydb *pdb, const char *const *sid_to_
>> goto exit;
>> }
>> item->sid_key = strdup(sid);
>> + if (!item->sid_key) {
>> + log_err("Out of memory");
>> + rc = -1;
>> + goto exit;
>> + }
>> item->next = head;
>> head = item;
>> }
>> diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
>> index fc71463e..5c7e35e8 100644
>> --- a/libsepol/src/policydb.c
>> +++ b/libsepol/src/policydb.c
>> @@ -1252,7 +1252,8 @@ int policydb_index_others(sepol_handle_t * handle,
>> if (!p->type_val_to_struct)
>> return -1;
>>
>> - cond_init_bool_indexes(p);
>> + if (cond_init_bool_indexes(p))
>> + return -1;
>>
>> for (i = SYM_ROLES; i < SYM_NUM; i++) {
>> free(p->sym_val_to_name[i]);
>> --
>> 2.35.1
>>
prev parent reply other threads:[~2022-04-06 13:00 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2022-03-31 14:44 [PATCH] libsepol: add missing oom checks Christian Göttsche
2022-04-01 14:41 ` James Carter
2022-04-06 9:26 ` Petr Lautrbach [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=87k0c2pnpe.fsf@redhat.com \
--to=plautrba@redhat.com \
--cc=cgzones@googlemail.com \
--cc=jwcart2@gmail.com \
--cc=selinux@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.