On Tue, Aug 23, 2016 at 4:49 PM, <[email protected]> wrote: > From: William Roberts <[email protected]> > > libsepol pointed out an issue where its possible to have > an unitialized jmp and invalid dereference, fix this. > While we're here, zero allocate all the *_val_to_struct > structures. > > Signed-off-by: William Roberts <[email protected]> > --- > security/selinux/ss/policydb.c | 8 ++++---- > 1 file changed, 4 insertions(+), 4 deletions(-)
Merged, thanks. > diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c > index 992a315..4b24385 100644 > --- a/security/selinux/ss/policydb.c > +++ b/security/selinux/ss/policydb.c > @@ -541,21 +541,21 @@ static int policydb_index(struct policydb *p) > > rc = -ENOMEM; > p->class_val_to_struct = > - kmalloc(p->p_classes.nprim * > sizeof(*(p->class_val_to_struct)), > + kzalloc(p->p_classes.nprim * > sizeof(*(p->class_val_to_struct)), > GFP_KERNEL); > if (!p->class_val_to_struct) > goto out; > > rc = -ENOMEM; > p->role_val_to_struct = > - kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)), > + kzalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)), > GFP_KERNEL); > if (!p->role_val_to_struct) > goto out; > > rc = -ENOMEM; > p->user_val_to_struct = > - kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)), > + kzalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)), > GFP_KERNEL); > if (!p->user_val_to_struct) > goto out; > @@ -964,7 +964,7 @@ int policydb_context_isvalid(struct policydb *p, struct > context *c) > * Role must be authorized for the type. > */ > role = p->role_val_to_struct[c->role - 1]; > - if (!ebitmap_get_bit(&role->types, c->type - 1)) > + if (!role || !ebitmap_get_bit(&role->types, c->type - 1)) > /* role may not be associated with type */ > return 0; > > -- > 1.9.1 > > _______________________________________________ > Selinux mailing list > [email protected] > To unsubscribe, send email to [email protected]. > To get help, send an email containing "help" to [email protected]. -- paul moore www.paul-moore.com _______________________________________________ Seandroid-list mailing list [email protected] To unsubscribe, send email to [email protected]. To get help, send an email containing "help" to [email protected].
