Require MAC labels to be non-zero in length.
ClosedPublic
Actions

Authored by markj on Jul 31 2018, 3:18 PM.

Details

Reviewers

rwatson
delphij

Group Reviewers

secteam

Commits

rS337031: Require that MAC label buffers be able to store a non-empty string.

Summary

In MAC_POLICY_EXTERNALIZE, the buffer length is used to create a
fixed-size sbuf. When creating such an sbuf, the code has a minimum
buffer size of 2. Thus, filter smaller buffers out when performing
validation.

Test Plan

Peter found the bug while doing syscall fuzz testing.

https://people.freebsd.org/~pho/stress/log/mark051.txt

Diff Detail

Repository

rS FreeBSD src repository - subversion

Lint

Lint Not Applicable

Unit

Tests Not Applicable

Event Timeline

markj created this revision.Jul 31 2018, 3:18 PM

Harbormaster completed remote builds in B18458: Diff 46072.Jul 31 2018, 3:18 PM

markj edited the test plan for this revision. (Show Details)Jul 31 2018, 3:28 PM

markj added reviewers: rwatson, secteam.

markj added a subscriber: pho.

I dislike the magic 2 without a comment or #define

Add a comment and compare with 1 instead of 2.

Harbormaster completed remote builds in B18474: Diff 46108.Jul 31 2018, 10:10 PM

delphij accepted this revision.Aug 1 2018, 2:43 AM

delphij added a subscriber: delphij.

delphij added inline comments.

sys/security/mac/mac_framework.c
590 ↗	(On Diff #46108)	LGTM as-is. If I was you I'd probably use sizeof("") in place of 1 because it would imply that the buffer would hold a nul-terminated string.