Uploaded image for project: 'RHEL'
  1. RHEL
  2. RHEL-28966

cil_resolve_ast.c:3157: assignment: Assigning: "sym_index" = "CIL_SYM_UNKNOWN".

Linking RHIVOS CVEs to...Migration: Automation ...SWIFT: POC ConversionSync from "Extern...XMLWordPrintable

    • Icon: Bug Bug
    • Resolution: Done-Errata
    • Icon: Normal Normal
    • rhel-9.7
    • rhel-9.4
    • libsepol
    • libsepol-3.6-3.el9
    • None
    • Low
    • 2
    • rhel-security-selinux
    • ssg_security
    • 5
    • 3
    • QE ack
    • False
    • False
    • Hide

      None

      Show
      None
    • No
    • CY24Q2, SELINUX 250402: 4
    • Unspecified Release Note Type - Unknown
    • None 

      Error: OVERRUN (CWE-119): [#def51] [important]
libsepol-3.6/cil/src/cil_resolve_ast.c:3157: assignment: Assigning: "sym_index" = "CIL_SYM_UNKNOWN".
libsepol-3.6/cil/src/cil_resolve_ast.c:3189: overrun-call: Overrunning callee's array of size 19 by passing argument "sym_index" (which evaluates to 20) in call to "cil_resolve_name".
# 3187|   		switch (curr->flavor) {
# 3188|   		case CIL_STRING:
# 3189|-> 			rc = cil_resolve_name(parent, curr->data, sym_index, db, &res_datum);
# 3190|   			if (rc != SEPOL_OK) {
# 3191|   				goto exit;

              rhn-engineering-plautrba Petr Lautrbach
              rhn-engineering-plautrba Petr Lautrbach
              Petr Lautrbach Petr Lautrbach
              Milos Malik Milos Malik
              Votes:
              0 Vote for this issue
              Watchers:
              5 Start watching this issue

                Created:
                Updated:
                Resolved: