From 7dd60f75ac0702547b5947b8f3b93c31ba279174 Mon Sep 17 00:00:00 2001
From: Mohamadreza <71815035+mpzanoosi@users.noreply.github.com>
Date: Mon, 2 Sep 2024 15:56:51 -0400
Subject: [PATCH] add additional memory access validation in seccomp.c

function sc_must_read_filter_from_file is changed to be checked against memory length validation
---
 seccomp.c | 26 +++++++++++++++++++++++++-
 1 file changed, 25 insertions(+), 1 deletion(-)

diff --git a/seccomp.c b/seccomp.c
index 27c5971..2a63a7d 100644
--- a/seccomp.c
+++ b/seccomp.c
@@ -47,17 +47,41 @@ FILE* sc_must_read_and_validate_header_from_file(const char *profile_path, struc
 void sc_must_read_filter_from_file(FILE *file, uint32_t len_bytes, struct sock_fprog *prog)
 {
 	prog->len = len_bytes / sizeof(struct sock_filter);
-	prog->filter = (struct sock_filter *)malloc(MAX_BPF_SIZE);
+	// When reading syscall numbers or other data, ensure they are within valid ranges. This should be done in the loop where the file is being read:
+	if (prog->len > MAX_BPF_SIZE / sizeof(struct sock_filter)) {
+	    die("seccomp filter too large");
+	    fclose(file); // Add this line to close the file on error
+	    return NULL; // Add this line to handle the error properly
+	}
+	
+	// Ensure any dynamically allocated memory is properly managed. For example, if you allocate memory for a buffer, make sure to free it:
+	// prog->filter = (struct sock_filter *)malloc(MAX_BPF_SIZE);
+	prog->filter = malloc(len_bytes);
+	if (prog->filter == NULL) {
+	    die("cannot allocate %u bytes of memory for seccomp filter", len_bytes);
+	    fclose(file); // Add this line to close the file on error
+	    return NULL; // Add this line to handle the error properly
+	}
+
 	if (prog->filter == NULL) {
 		die("cannot allocate %u bytes of memory for seccomp filter ", len_bytes);
 	}
+	// When reading data into buffers, ensure boundary checks are in place to prevent buffer overflows:
 	size_t num_read = fread(prog->filter, 1, len_bytes, file);
+	if (num_read != len_bytes) {
+	    die("short read for filter %zu != %zu\n", num_read, len_bytes);
+	    fclose(file); // Add this line to close the file on error
+	    return NULL; // Add this line to handle the error properly
+	}
+
 	if (ferror(file)) {
 		die("cannot read filter");
 	}
 	if (num_read != len_bytes) {
 		die("short read for filter %zu != %i", num_read, len_bytes);
 	}
+	
+	free(prog->filter); // Add this line to free the allocated memory
 }
 
 int seccomp(unsigned int operation, unsigned int flags, void *args) {