Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

sepol_av_to_string does not NULL-terminate string if av == 0 #23

Closed
chenxiaolong opened this issue Nov 3, 2016 · 3 comments
Closed

sepol_av_to_string does not NULL-terminate string if av == 0 #23

chenxiaolong opened this issue Nov 3, 2016 · 3 comments
Assignees
@stephensmalley

Comments

@chenxiaolong
Copy link

chenxiaolong commented Nov 3, 2016
edited
Loading

The current implementation of sepol_av_to_string does not NULL-terminate avbuf if av == 0 or if none of the bits match a permission.

char *sepol_av_to_string(policydb_t * policydbp, uint32_t tclass,
			 sepol_access_vector_t av)
{
	// ...
	static char avbuf[1024];
	// ...
	for (i = 0; i < cladatum->permissions.nprim; i++) {
		if (av & (1 << i)) {
			// ...
			if (perm) {
				len =
				    snprintf(p, sizeof(avbuf) - avlen, " %s",
					     perm);
				// ...
			}
		}
	}

	return avbuf;
}

This may not be an issue if av is validated elsewhere. I'm personally using libsepol to disable all the auditdeny/dontaudit rules by removing the permission bits (ie. av_cur->datum.data = ~0U) and ran into this issue trying to print the result.

EDIT: The buffer may be NULL-terminated since static arrays are zero-initialized, but with the inputs mentioned above, the result is still incorrect.
@stephensmalley
Copy link
Member

Thanks, want to submit a patch to selinux AT tycho.nsa.gov?

@chenxiaolong
Copy link
Author

@stephensmalley Sure, I'll get approval from my employer to contribute outside of work and then I'll submit a patch.

@stephensmalley stephensmalley self-assigned this Nov 29, 2016
stephensmalley added a commit that referenced this issue Nov 29, 2016
@stephensmalley
libsepol: sepol_av_to_string: clear static buffer
fff90bd 
chenxiaolong reported this via
#23

A nicer fix would be to rework the interface to be more
like security_av_string() in libselinux, but that requires
updating all callers.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
@chenxiaolong
Copy link
Author

@stephensmalley Thanks for fixing this! I was not able to get an approval in time.

@muyu888 muyu888 mentioned this issue Jul 12, 2023
Open
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees

@stephensmalley stephensmalley

Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@chenxiaolong @stephensmalley