libsepol: replace an assert with an error message

When fuzzing hll/pp inputs, a policy module where the value of scope->decl_ids_len has been modified to zero makes the program abort (when it has been compiled without -DNDEBUG). Change the behavior to report an error message instead. This eases fuzzing functions like policydb_read(). Signed-off-by: Nicolas Iooss <[email protected]>
nkeuning · Nov 16, 2016 · 784b43b · 784b43b
1 parent a96184b
commit 784b43b
Showing 1 changed file with 4 additions and 1 deletion.
diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c
@@ -3635,7 +3635,10 @@ static int scope_read(policydb_t * p, int symnum, struct policy_file *fp)
 		goto cleanup;
 	scope->scope = le32_to_cpu(buf[0]);
 	scope->decl_ids_len = le32_to_cpu(buf[1]);
-	assert(scope->decl_ids_len > 0);
+	if (scope->decl_ids_len == 0) {
+		ERR(fp->handle, "invalid scope with no declaration");
+		goto cleanup;
+	}
 	if ((scope->decl_ids =
 	     malloc(scope->decl_ids_len * sizeof(uint32_t))) == NULL) {
 		goto cleanup;