Libsepol uses cdefs which will cause compiling against anything but glibc to fail. #19
Assignees
Comments
|
Submit to selinux AT tycho.nsa.gov |
|
ratbert90 I don't see this submitted to the mailing list, if you would like it reviewed, please submit a patch to the mailing list. Instructions can be found here: https://www.nsa.gov/what-we-do/research/selinux/mailing-list.shtml |
stephensmalley
added a commit
that referenced
this issue
Nov 29, 2016
ratbert90 submitted this patch via #19. Apparently musl does not provide sys/cdefs.h, see http://wiki.musl-libc.org/wiki/FAQ#Q:_I.27m_trying_to_compile_something_against_musl_and_I_get_error_messages_about_sys.2Fcdefs.h. Signed-off-by: Stephen Smalley <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Oct 9, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Oct 11, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
fishilico
pushed a commit
to fishilico/selinux
that referenced
this issue
Oct 11, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
fishilico
pushed a commit
to fishilico/selinux
that referenced
this issue
Oct 16, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Oct 20, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Oct 21, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Nov 5, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
fishilico
pushed a commit
to fishilico/selinux
that referenced
this issue
Nov 8, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
fishilico
pushed a commit
to fishilico/selinux
that referenced
this issue
Nov 11, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
cgzones
added a commit
to cgzones/selinux
that referenced
this issue
Dec 9, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
SELinuxProject#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
jwcart2
pushed a commit
to jwcart2/selinux
that referenced
this issue
Dec 15, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
SELinuxProject#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
SELinuxProject#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
SELinuxProject#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
SELinuxProject#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
SELinuxProject#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
SELinuxProject#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
SELinuxProject#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
SELinuxProject#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
SELinuxProject#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
SELinuxProject#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
SELinuxProject#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
SELinuxProject#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
SELinuxProject#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
SELinuxProject#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
SELinuxProject#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
SELinuxProject#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
SELinuxProject#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
SELinuxProject#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
jwcart2
pushed a commit
that referenced
this issue
Dec 17, 2021
Check if the sid value is saturated to guard dependent allocations.
==19967== ERROR: libFuzzer: out-of-memory (malloc(7784628224))
#0 0x52dc61 in __sanitizer_print_stack_trace (./out/binpolicy-fuzzer+0x52dc61)
#1 0x475618 in fuzzer::PrintStackTrace() fuzzer.o
#2 0x458855 in fuzzer::Fuzzer::HandleMalloc(unsigned long) fuzzer.o
#3 0x45876a in fuzzer::MallocHook(void const volatile*, unsigned long) fuzzer.o
#4 0x534557 in __sanitizer::RunMallocHooks(void const*, unsigned long) (./out/binpolicy-fuzzer+0x534557)
#5 0x4aa7d7 in __asan::Allocator::Allocate(unsigned long, unsigned long, __sanitizer::BufferedStackTrace*, __asan::AllocType, bool) (./out/binpolicy-fuzzer+0x4aa7d7)
#6 0x4aabe3 in __asan::Allocator::Reallocate(void*, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aabe3)
#7 0x4aaa32 in __asan::asan_reallocarray(void*, unsigned long, unsigned long, __sanitizer::BufferedStackTrace*) (./out/binpolicy-fuzzer+0x4aaa32)
#8 0x525f8e in __interceptor_reallocarray (./out/binpolicy-fuzzer+0x525f8e)
#9 0x5ebad3 in strs_add_at_index ./libsepol/src/kernel_to_common.c:224:9
#10 0x5680eb in write_sids_to_conf ./libsepol/src/kernel_to_conf.c:466:8
#11 0x55c1c0 in write_sid_decl_rules_to_conf ./libsepol/src/kernel_to_conf.c:498:8
#12 0x55ad36 in sepol_kernel_policydb_to_conf ./libsepol/src/kernel_to_conf.c:3083:7
#13 0x55a34f in LLVMFuzzerTestOneInput ./libsepol/fuzz/binpolicy-fuzzer.c:38:9
#14 0x45aed3 in fuzzer::Fuzzer::ExecuteCallback(unsigned char const*, unsigned long) fuzzer.o
#15 0x446a12 in fuzzer::RunOneTest(fuzzer::Fuzzer*, char const*, unsigned long) fuzzer.o
#16 0x44c93b in fuzzer::FuzzerDriver(int*, char***, int (*)(unsigned char const*, unsigned long)) fuzzer.o
#17 0x475dd2 in main (./out/binpolicy-fuzzer+0x475dd2)
#18 0x7f085ac657ec in __libc_start_main csu/../csu/libc-start.c:332:16
#19 0x423689 in _start (./out/binpolicy-fuzzer+0x423689)
Signed-off-by: Christian Göttsche <[email protected]>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Libsepol uses cdefs.h which is a internal glibc header.
This header is not intended to be used by any program and will cause
compiling against musl (and possibly other c libraries) to fail.
This patch fixed this issue and replaces all references of
#include <sys/cdefs.h> and __BEGIN/END_DECLS with the appropriate #ifdefs.
libsepol-remove-cdefs-references.patch.zip
The text was updated successfully, but these errors were encountered: