policycoreutils: semanage: verify ports < 65536 We could currently create a rule with a port number of one million. This doesn't make sense. Bounds test it. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Dan Walsh <dwalsh@redhat.com>

commit: 849e7d5be78e1d6264141463562d1da68e5076d8 [log] [tgz]
author: Eric Paris <eparis@redhat.com> Fri Jul 15 15:05:11 2011 +0200
committer: Eric Paris <eparis@redhat.com> Wed Aug 03 18:02:37 2011 -0400
tree: fbed48e7c7497958e485c9aa45277e1edbd7c66d
parent: c3226ebac9edea44bade7f9c8bef0c6f6bad62f9 [diff]
diff --git a/policycoreutils/semanage/seobject.py b/policycoreutils/semanage/seobject.py
index f81ba4a..ef88f82 100644
--- a/policycoreutils/semanage/seobject.py
+++ b/policycoreutils/semanage/seobject.py

@@ -740,6 +740,9 @@
 			low = int(ports[0])
 			high = int(ports[1])
 
+		if high > 65535:
+			raise ValueError(_("Invalid Port"))
+
 		(rc, k) = semanage_port_key_create(self.sh, low, high, proto_d)
 		if rc < 0:
 			raise ValueError(_("Could not create a key for %s/%s") % (proto, port))
commit	849e7d5be78e1d6264141463562d1da68e5076d8	[log] [tgz]
author	Eric Paris <eparis@redhat.com>	Fri Jul 15 15:05:11 2011 +0200
committer	Eric Paris <eparis@redhat.com>	Wed Aug 03 18:02:37 2011 -0400
tree	fbed48e7c7497958e485c9aa45277e1edbd7c66d
parent	c3226ebac9edea44bade7f9c8bef0c6f6bad62f9 [diff]