packages/libselinux
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
libselinux/backport-libselinux-introduce-reallocarray-3.patch
fly_fzc 1adbdc5f45 backport upstream patches 
(cherry picked from commit 0327677f388cddd541515ad3c502b705258fbffc)
2023-12-07 09:35:09 +08:00

130 lines
4.1 KiB
Diff
Raw Permalink Blame History

From cb8289c2b237e5f66e4a7608ecc6c68abeaeaf55 Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
Date: Wed, 1 Nov 2023 17:56:36 +0100
Subject: [PATCH] libselinux: introduce reallocarray(3)
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
Introduce reallocarray(3), a realloc(3) wrapper incorporating a
multiplication overflow check.
Add private implementation in case the function is not provided by the
standard C library.
Use in appropriate locations.
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Acked-by: James Carter <jwcart2@gmail.com>
---
libselinux/src/Makefile | 6 ++++++
libselinux/src/get_context_list.c | 2 +-
libselinux/src/matchpathcon.c | 4 ++--
libselinux/src/selinux_internal.c | 14 ++++++++++++++
libselinux/src/selinux_internal.h | 4 ++++
libselinux/src/selinux_restorecon.c | 3 +--
6 files changed, 28 insertions(+), 5 deletions(-)
diff --git a/src/Makefile b/src/Makefile
index cf830046..7aadb822 100644
--- a/src/Makefile
+++ b/src/Makefile
@@ -108,6 +108,12 @@ ifeq (yes,$(shell printf '${H}include <string.h>\nint main(void){char*d,*s;strlc
override CFLAGS += -DHAVE_STRLCPY
endif
+# check for reallocarray(3) availability
+H := \#
+ifeq (yes,$(shell printf '${H}include <stdlib.h>\nint main(void){reallocarray(NULL, 0, 0);return 0;}' | $(CC) -x c -o /dev/null - >/dev/null 2>&1 && echo yes))
+override CFLAGS += -DHAVE_REALLOCARRAY
+endif
+
SWIG_CFLAGS += -Wno-error -Wno-unused-variable -Wno-unused-but-set-variable -Wno-unused-parameter \
-Wno-shadow -Wno-uninitialized -Wno-missing-prototypes -Wno-missing-declarations \
-Wno-deprecated-declarations
diff --git a/src/get_context_list.c b/src/get_context_list.c
index 0342823c..9dafa519 100644
--- a/src/get_context_list.c
+++ b/src/get_context_list.c
@@ -272,7 +272,7 @@ static int get_context_user(FILE * fp,
continue;
}
if (security_check_context(usercon_str) == 0) {
- new_reachable = realloc(*reachable, (*nreachable + 2) * sizeof(char *));
+ new_reachable = reallocarray(*reachable, *nreachable + 2, sizeof(char *));
if (!new_reachable) {
context_free(usercon);
rc = -1;
diff --git a/src/matchpathcon.c b/src/matchpathcon.c
index b98849d9..e44734c3 100644
--- a/src/matchpathcon.c
+++ b/src/matchpathcon.c
@@ -96,8 +96,8 @@ static int add_array_elt(char *con)
if (con_array_size) {
while (con_array_used >= con_array_size) {
con_array_size *= 2;
- tmp = (char **)realloc(con_array, sizeof(char*) *
- con_array_size);
+ tmp = (char **)reallocarray(con_array, con_array_size,
+ sizeof(char*));
if (!tmp) {
free_array_elts();
return -1;
diff --git a/src/selinux_internal.c b/src/selinux_internal.c
index c2be7c0a..06852359 100644
--- a/src/selinux_internal.c
+++ b/src/selinux_internal.c
@@ -1,5 +1,7 @@
#include "selinux_internal.h"
+#include <errno.h>
+#include <stdlib.h>
#include <string.h>
@@ -16,3 +18,15 @@ size_t strlcpy(char *dest, const char *src, size_t size)
return ret;
}
#endif /* HAVE_STRLCPY */
+
+#ifndef HAVE_REALLOCARRAY
+void *reallocarray(void *ptr, size_t nmemb, size_t size)
+{
+ if (size && nmemb > SIZE_MAX / size) {
+ errno = ENOMEM;
+ return NULL;
+ }
+
+ return realloc(ptr, nmemb * size);
+}
+#endif /* HAVE_REALLOCARRAY */
diff --git a/src/selinux_internal.h b/src/selinux_internal.h
index 06f2c038..af69ff04 100644
--- a/src/selinux_internal.h
+++ b/src/selinux_internal.h
@@ -79,3 +79,7 @@ extern int has_selinux_config ;
size_t strlcpy(char *dest, const char *src, size_t size);
#endif
+#ifndef HAVE_REALLOCARRAY
+void *reallocarray(void *ptr, size_t nmemb, size_t size);
+#endif
+
diff --git a/src/selinux_restorecon.c b/src/selinux_restorecon.c
index 7ef2d45d..38f10f1c 100644
--- a/src/selinux_restorecon.c
+++ b/src/selinux_restorecon.c
@@ -175,8 +175,7 @@ static int add_exclude(const char *directory, bool who)
return -1;
}
- tmp_list = realloc(exclude_lst,
- sizeof(struct edir) * (exclude_count + 1));
+ tmp_list = reallocarray(exclude_lst, exclude_count + 1, sizeof(struct edir));
if (!tmp_list)
goto oom;
--
2.27.0
Reference in New Issue View Git Blame Copy Permalink