Page MenuHomeFreeBSD
Differential D16527

Require MAC labels to be non-zero in length.
ClosedPublic
Actions

Authored by markj on Jul 31 2018, 3:18 PM.
Tags
None
Referenced Files
F111875428: D16527.id46116.diff
Sun, Mar 9, 4:27 PM
Unknown Object (File)
Tue, Mar 4, 9:56 AM
Unknown Object (File)
Tue, Mar 4, 7:47 AM
Unknown Object (File)
Tue, Mar 4, 7:43 AM
Unknown Object (File)
Feb 1 2025, 4:03 AM
Unknown Object (File)
Jan 25 2025, 7:46 PM
Unknown Object (File)
Jan 25 2025, 5:32 PM
Unknown Object (File)
Jan 18 2025, 10:20 PM
View All 61 Files
Subscribers
delphij
emaste
imp
pho

Details

Reviewers
rwatson
delphij
Group Reviewers
secteam
Commits
rS337031: Require that MAC label buffers be able to store a non-empty string.
Summary

In MAC_POLICY_EXTERNALIZE, the buffer length is used to create a
fixed-size sbuf. When creating such an sbuf, the code has a minimum
buffer size of 2. Thus, filter smaller buffers out when performing
validation.

Test Plan

Peter found the bug while doing syscall fuzz testing.

https://people.freebsd.org/~pho/stress/log/mark051.txt

Diff Detail

Lint
Lint Passed
Unit
No Test Coverage
Build Status
Buildable 18458
Build 18163: arc lint + arc unit

Event Timeline

markj created this revision.Jul 31 2018, 3:18 PM
Harbormaster completed remote builds in B18458: Diff 46072.Jul 31 2018, 3:18 PM
markj edited the test plan for this revision. (Show Details)Jul 31 2018, 3:28 PM
markj added reviewers: rwatson, secteam.
markj added a subscriber: pho.
emaste added a subscriber: emaste.Jul 31 2018, 8:51 PM

I dislike the magic 2 without a comment or #define

markj updated this revision to Diff 46108.Jul 31 2018, 10:10 PM

Add a comment and compare with 1 instead of 2.

Harbormaster completed remote builds in B18474: Diff 46108.Jul 31 2018, 10:10 PM
delphij accepted this revision.Aug 1 2018, 2:43 AM
delphij added a subscriber: delphij.
delphij added inline comments.
sys/security/mac/mac_framework.c
590

LGTM as-is. If I was you I'd probably use sizeof("") in place of 1 because it would imply that the buffer would hold a nul-terminated string.

This revision is now accepted and ready to land.Aug 1 2018, 2:43 AM
Closed by commit rS337031: Require that MAC label buffers be able to store a non-empty string. (authored by markj). · Explain WhyAug 1 2018, 3:46 AM
This revision was automatically updated to reflect the committed changes.
Herald added a subscriber: imp. · View Herald TranscriptAug 1 2018, 3:46 AM

Revision Contents
Changeset List

PathSize
sys/
security/
mac/
2 lines

Diff 46072

View Options

sys/security/mac/mac_framework.c

Loading...