Re: [PATCH v3] selinux: lsm: fix a missing-check bug in selinux_add_mnt_opt( )

2019-06-10 Thread Gen Zhang
On Mon, Jun 10, 2019 at 03:31:50PM -0400, Paul Moore wrote: > On Fri, Jun 7, 2019 at 8:11 AM Gen Zhang wrote: > > > > On Fri, Jun 07, 2019 at 10:39:05AM +0200, Ondrej Mosnacek wrote: > > > On Thu, Jun 6, 2019 at 11:23 AM Gen Zhang > > > wrote: > > > > In selinux_add_mnt_opt(), 'val' is

Re: [PATCH v3] selinux: lsm: fix a missing-check bug in selinux_add_mnt_opt( )

2019-06-10 Thread Paul Moore
On Fri, Jun 7, 2019 at 8:11 AM Gen Zhang wrote: > > On Fri, Jun 07, 2019 at 10:39:05AM +0200, Ondrej Mosnacek wrote: > > On Thu, Jun 6, 2019 at 11:23 AM Gen Zhang wrote: > > > In selinux_add_mnt_opt(), 'val' is allocated by kmemdup_nul(). It returns > > > NULL when fails. So 'val' should be

Re: [PATCH v3] selinux: lsm: fix a missing-check bug in selinux_add_mnt_opt( )

2019-06-07 Thread Gen Zhang
On Fri, Jun 07, 2019 at 10:39:05AM +0200, Ondrej Mosnacek wrote: > On Thu, Jun 6, 2019 at 11:23 AM Gen Zhang wrote: > > In selinux_add_mnt_opt(), 'val' is allocated by kmemdup_nul(). It returns > > NULL when fails. So 'val' should be checked. And 'mnt_opts' should be > > freed when error. > > > >

Re: [PATCH v3] selinux: lsm: fix a missing-check bug in selinux_add_mnt_opt( )

2019-06-07 Thread Ondrej Mosnacek
On Thu, Jun 6, 2019 at 11:23 AM Gen Zhang wrote: > In selinux_add_mnt_opt(), 'val' is allocated by kmemdup_nul(). It returns > NULL when fails. So 'val' should be checked. And 'mnt_opts' should be > freed when error. > > Signed-off-by: Gen Zhang > Fixes: 757cbe597fe8 ("LSM: new method:

[PATCH v3] selinux: lsm: fix a missing-check bug in selinux_add_mnt_opt( )

2019-06-06 Thread Gen Zhang
In selinux_add_mnt_opt(), 'val' is allocated by kmemdup_nul(). It returns NULL when fails. So 'val' should be checked. And 'mnt_opts' should be freed when error. Signed-off-by: Gen Zhang Fixes: 757cbe597fe8 ("LSM: new method: ->sb_add_mnt_opt()") --- diff --git a/security/selinux/hooks.c