On Wed, 2 Sep 2020 08:09:53 -0600, Tycho Andersen wrote:
> Christian and Kees both pointed out that this is a bit sloppy to open-code
> both places, and Christian points out that we leave a dangling pointer to
> ->notif if file allocation fails. Since we check ->notif for null in order
> to determine if it's ok to install a filter, this means people won't be
> able to install a filter if the file allocation fails for some reason, even
> if they subsequently should be able to.
>
> [...]
Applied, thanks!
[1/1] seccomp: don't leave dangling ->notif if file allocation fails
https://git.kernel.org/kees/c/e839317900e9
as featured on my Twitch stream! ;)
--
Kees Cook
