This is the fourth in a series of eight patches to the BSD Secure
Levels LSM. It adds a check for a memory allocation failure
condition. Thanks to Vesa-Matti J Kari for pointing out this problem.
Signed off by: Michael Halcrow <[EMAIL PROTECTED]>
Index: linux-2.6.11-rc2-mm1-modules/security/seclvl.c
===================================================================
--- linux-2.6.11-rc2-mm1-modules.orig/security/seclvl.c 2005-02-03
15:37:26.231252048 -0600
+++ linux-2.6.11-rc2-mm1-modules/security/seclvl.c 2005-02-03
15:39:35.786556648 -0600
@@ -310,7 +310,7 @@
static int
plaintext_to_sha1(unsigned char *hash, const char *plaintext, int len)
{
- char *pgVirtAddr;
+ char *pg_virt_addr;
struct crypto_tfm *tfm;
struct scatterlist sg[1];
if (len > PAGE_SIZE) {
@@ -327,16 +327,20 @@
}
// Just get a new page; don't play around with page boundaries
// and scatterlists.
- pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
- sg[0].page = virt_to_page(pgVirtAddr);
+ pg_virt_addr = (char *)__get_free_page(GFP_KERNEL);
+ if (!pg_virt_addr) {
+ seclvl_printk(0, KERN_ERR "%s: Out of memory\n", __FUNCTION__);
+ return -ENOMEM;
+ }
+ sg[0].page = virt_to_page(pg_virt_addr);
sg[0].offset = 0;
sg[0].length = len;
- strncpy(pgVirtAddr, plaintext, len);
+ strncpy(pg_virt_addr, plaintext, len);
crypto_digest_init(tfm);
crypto_digest_update(tfm, sg, 1);
crypto_digest_final(tfm, hash);
crypto_free_tfm(tfm);
- free_page((unsigned long)pgVirtAddr);
+ free_page((unsigned long)pg_virt_addr);
return 0;
}
