The branch main has been updated by olce:

URL: 
https://cgit.FreeBSD.org/src/commit/?id=fa4352b74580832d7b501d34d09a564438a82c3d

commit fa4352b74580832d7b501d34d09a564438a82c3d
Author:     Olivier Certner <o...@freebsd.org>
AuthorDate: 2024-07-05 11:49:27 +0000
Commit:     Olivier Certner <o...@freebsd.org>
CommitDate: 2024-12-16 14:42:37 +0000

    MAC/do: parse_rule_element(): Bug in parsing the origin ID
    
    The ID field was allowed to be empty, which would be then parsed as 0 by
    strtol().  There remains bugs in this function, where parsing for from-
    or to- IDs accepts spaces and produces 0, but this will conveniently be
    fixed in a later commit introducing strtoui_strict().
    
    Reviewed by:    bapt
    Approved by:    markj (mentor)
    Sponsored by:   The FreeBSD Foundation
    Differential Revision:  https://reviews.freebsd.org/D47612
---
 sys/security/mac_do/mac_do.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

diff --git a/sys/security/mac_do/mac_do.c b/sys/security/mac_do/mac_do.c
index 4ef9b68bf513..edd728ea070a 100644
--- a/sys/security/mac_do/mac_do.c
+++ b/sys/security/mac_do/mac_do.c
@@ -105,7 +105,7 @@ parse_rule_element(char *element, struct rule **rule)
        }
 
        id = strsep(&element, ":");
-       if (id == NULL) {
+       if (id == NULL || *id == '\0') {
                error = EINVAL;
                goto error;
        }

Reply via email to