回合上游社区补丁,补丁数量：17

【是否新引入rpm包，是否进行了安全编译选项扫描】

否

【定位分析】

合入17个补丁：

<table><tbody><tr><td>软件包</td><td>CommitId</td><td>描述</td><td>分析人</td></tr><tr><td>openEuler:checkpolicy</td><td>39b3cc51350a4ba670f9f38493311ec316e4d84d</td><td>checkpolicy: handle unprintable token
In case the erroneous token is unprintable, e.g. a control character,print its hex value instead.

Include the necessary header for isprint to avoid an implicitfunction declaration:
policy_scan.l: In function ‘yyerror’:policy_scan.l:342:13: warning: implicit declaration of function ‘isprint’ [-Wimplicit-function-declaration]342 | if  {| ^~~~~~~policy_scan.l:36:1: note: include ‘’ or provide a declaration of ‘isprint’35 | #include y.tab.h+++ |+#include36 | #endif
This does not currently break the build cause -Werror is stripped forthe parsing code to avoid breakage on old flex/bison versions that mightnot generate warning free code.

The special error value YYerror is only available since bison 3.6. For example the version used by oss-fuzz does notsupport it.
Use a special token in case YYerror is not available. Only downside isa duplicate error message, one from the manual yyerror.

Free the temporary bounds type in the error branches.

Free the ebitmaps inside the rolesets on error.

Close the input file and free all memory by the queue and lexer on asyntax or parse error.

Inform bison about an invalid character by returning YYerror, so theparser can cleanup internal state and return the failure via yyparse.Currently the error is only observable via the global variablepolicydb_errors, which needs to be checked separately.

Free the two identifiers on an invalid typebounds in the error branch,similar to the success branch.

The passed expression needs to be transferred into the policy or free'dby the sink functions define_constraint.

Free identifiers removed from the queue but not yet owned by the policyon errors.

The lower 64 bits of the subnet prefix for an ibpkeycon rule shouldall be 0's. Unfortunately the check uses the s6_addr macro which refersto the 16 entry array of 8-bit values in the union and does not referto the correct bits.
Use the s6_addr32 macro instead which refers to the 4 entry array of32-bit values in the union and refers to the lower 64 bits.

If declare_symbol returns 1 the id and the datum are already definedand not consumed by the function, so it they must be free'd by thecaller.
Example policy :
class s sid e class s{i}optional{require{bool K;}bool K true;

Example policy generated by fuzzer:
class ssid kclass s { i }optional{require{attribute i;}}type m;typealias m alias i;
typeai

When a user is created in an optional block, a user datum is addedto both the avrule_decl's symtab and the policydb's symtab, butthe semantic MLS information is only added to the avrule_decl'suser datum. This causes an error to occur during policy expansionwhen user_copy_callback is called. If this error did not occurthen the policydb's user datum would be written without any MLSinfo and the policy would fail validation when read later.
When creating a user datum, search for a user datum with the samekey in the policydb's symtab. If that datum has no MLS information,then copy the MLS information from the avrule_decl's datum. If itdoes, then compare the default level, low level, and high levelsensitivities and give an error if they do not match. There is notenough information to expand the categories for the high and lowlevels, so merge the semantic categories. If the two category setsare not equal an error will occur during the expansion phase.

Avoid calling strdup with a NULL pointer, which can happen with aninvalid policy context, e.g.:
class Csid Sclass C { P };user U roles j;sid S s:l:q:q:q

【对外部是否有影响】

否

【是否修改引入】

<table><tbody><tr><td>该问题在当前版本是否修改引入可填写</td><td>写明引入单的DTS号并在此单关联，且立即知会版本经理或测试经理可填写</td></tr><tr><td>否</td><td>
</td></tr></tbody></table>

**二、缺陷分析结构反馈**
影响性分析说明：

缺陷严重等级:(Critical/High/Moderate/Low)

缺陷根因说明:

受影响版本排查(受影响/不受影响):
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS-SP3
openEuler-22.03-LTS-SP4
openEuler-24.03-LTS
openEuler-24.03-LTS-SP1

修复是否涉及abi变化(是/否):
openEuler-20.03-LTS-SP4
openEuler-22.03-LTS-SP3
openEuler-22.03-LTS-SP4
openEuler-24.03-LTS
openEuler-24.03-LTS-SP1

src-openEuler/checkpolicy

内容风险标识

评论 (4)

src-openEuler/checkpolicy .gitee-modal { width: 500px !important; }

内容风险标识