Require that MAC label buffers be able to store a non-empty string.

The buffer size may be used to initialize an sbuf in MAC_POLICY_EXTERNALIZE, and without this constraint it's possible to trigger an assertion failure in the sbuf code. With INVARIANTS disabled, the first attempt to write to the sbuf will fail. Reported by: pho Reviewed by: delphij MFC after: 1 week Differential Revision: https://reviews.freebsd.org/D16527
2018-08-01 03:46:07 +00:00 · 2018-08-01 03:46:07 +00:00 · 6324de037c
commit 6324de037c
parent 3c09eaee95
1 changed files with 3 additions and 1 deletions
--- a/sys/security/mac/mac_framework.c
+++ b/sys/security/mac/mac_framework.c
@ -586,7 +586,9 @@ int
 mac_check_structmac_consistent(struct mac *mac)
 {

-	if (mac->m_buflen > MAC_MAX_LABEL_BUF_LEN)
+	/* Require that labels have a non-zero length. */
+	if (mac->m_buflen > MAC_MAX_LABEL_BUF_LEN ||
+	    mac->m_buflen <= sizeof(""))
 		return (EINVAL);

 	return (0);