34 lines
1.1 KiB
Diff
34 lines
1.1 KiB
Diff
From 4eea9948d3cca9729fac693a06c554468ca1dc8c Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Wed, 9 Aug 2023 19:55:17 +0200
|
|
Subject: [PATCH] libselinux: avoid regex serialization truncations
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
|
|
Check (for the probably impossible) case the serialized data is longer
|
|
than the compiled fcontext format supports.
|
|
|
|
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
Acked-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
libselinux/src/regex.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/src/regex.c b/src/regex.c
|
|
index 16df6790..88d82fed 100644
|
|
--- a/src/regex.c
|
|
+++ b/src/regex.c
|
|
@@ -176,7 +176,7 @@ int regex_writef(struct regex_data *regex, FILE *fp, int do_write_precompregex)
|
|
/* encode the patter for serialization */
|
|
rc = pcre2_serialize_encode((const pcre2_code **)®ex->regex,
|
|
1, &bytes, &serialized_size, NULL);
|
|
- if (rc != 1) {
|
|
+ if (rc != 1 || serialized_size >= UINT32_MAX) {
|
|
rc = -1;
|
|
goto out;
|
|
}
|
|
--
|
|
2.27.0
|
|
|