From 88719dbb7b908443808c76867a153ddce5984dce Mon Sep 17 00:00:00 2001
From: Ryan Lee <ryan.lee@canonical.com>
Date: Wed, 13 Nov 2024 15:46:38 -0800
Subject: [PATCH] Fix infinite loop in chfa.cc:weld_file_to_policy

This is simple enough to fix even if weld_file_to_policy isn't used in practice
with the compat layer that uses it being a target for deletion

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
---
 parser/libapparmor_re/chfa.cc | 7 +++++--
 1 file changed, 5 insertions(+), 2 deletions(-)

diff --git a/parser/libapparmor_re/chfa.cc b/parser/libapparmor_re/chfa.cc
index f6e103681..b340c5130 100644
--- a/parser/libapparmor_re/chfa.cc
+++ b/parser/libapparmor_re/chfa.cc
@@ -25,6 +25,8 @@
 #include <iostream>
 #include <fstream>
 
+#include <limits>
+
 #include <arpa/inet.h>
 #include <stdio.h>
 #include <string.h>
@@ -587,10 +589,11 @@ void CHFA::weld_file_to_policy(CHFA &file_chfa, size_t &new_start,
 		//           to repeat
 		assert(accept.size() == old_base_size);
 		accept.resize(accept.size() + file_chfa.accept.size());
-		size_t size = policy_perms.size();
+		assert(policy_perms.size() < std::numeric_limits<ssize_t>::max());
+		ssize_t size = (ssize_t) policy_perms.size();
 		policy_perms.resize(size*2 + file_perms.size());
 		// shift and double the policy perms
-		for (size_t i = size - 1; size >= 0; i--) {
+		for (ssize_t i = size - 1; i >= 0; i--) {
 			policy_perms[i*2] = policy_perms[i];
 			policy_perms[i*2 + 1] = policy_perms[i];
 		}