diff mbox

[2/3] selinux: initialize structures

Message ID 1471985365-1197-2-git-send-email-william.c.roberts@intel.com (mailing list archive)
State Accepted
Headers show

Commit Message

Roberts, William C Aug. 23, 2016, 8:49 p.m. UTC
From: William Roberts <william.c.roberts@intel.com>

libsepol pointed out an issue where its possible to have
an unitialized jmp and invalid dereference, fix this.
While we're here, zero allocate all the *_val_to_struct
structures.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
---
 security/selinux/ss/policydb.c | 8 ++++----
 1 file changed, 4 insertions(+), 4 deletions(-)

Comments

Paul Moore Aug. 29, 2016, 11:46 p.m. UTC | #1
On Tue, Aug 23, 2016 at 4:49 PM,  <william.c.roberts@intel.com> wrote:
> From: William Roberts <william.c.roberts@intel.com>
>
> libsepol pointed out an issue where its possible to have
> an unitialized jmp and invalid dereference, fix this.
> While we're here, zero allocate all the *_val_to_struct
> structures.
>
> Signed-off-by: William Roberts <william.c.roberts@intel.com>
> ---
>  security/selinux/ss/policydb.c | 8 ++++----
>  1 file changed, 4 insertions(+), 4 deletions(-)

Merged, thanks.

> diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
> index 992a315..4b24385 100644
> --- a/security/selinux/ss/policydb.c
> +++ b/security/selinux/ss/policydb.c
> @@ -541,21 +541,21 @@ static int policydb_index(struct policydb *p)
>
>         rc = -ENOMEM;
>         p->class_val_to_struct =
> -               kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
> +               kzalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
>                         GFP_KERNEL);
>         if (!p->class_val_to_struct)
>                 goto out;
>
>         rc = -ENOMEM;
>         p->role_val_to_struct =
> -               kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
> +               kzalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
>                         GFP_KERNEL);
>         if (!p->role_val_to_struct)
>                 goto out;
>
>         rc = -ENOMEM;
>         p->user_val_to_struct =
> -               kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
> +               kzalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
>                         GFP_KERNEL);
>         if (!p->user_val_to_struct)
>                 goto out;
> @@ -964,7 +964,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
>                  * Role must be authorized for the type.
>                  */
>                 role = p->role_val_to_struct[c->role - 1];
> -               if (!ebitmap_get_bit(&role->types, c->type - 1))
> +               if (!role || !ebitmap_get_bit(&role->types, c->type - 1))
>                         /* role may not be associated with type */
>                         return 0;
>
> --
> 1.9.1
>
> _______________________________________________
> Selinux mailing list
> Selinux@tycho.nsa.gov
> To unsubscribe, send email to Selinux-leave@tycho.nsa.gov.
> To get help, send an email containing "help" to Selinux-request@tycho.nsa.gov.
diff mbox

Patch

diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 992a315..4b24385 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -541,21 +541,21 @@  static int policydb_index(struct policydb *p)
 
 	rc = -ENOMEM;
 	p->class_val_to_struct =
-		kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
+		kzalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
 			GFP_KERNEL);
 	if (!p->class_val_to_struct)
 		goto out;
 
 	rc = -ENOMEM;
 	p->role_val_to_struct =
-		kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
+		kzalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
 			GFP_KERNEL);
 	if (!p->role_val_to_struct)
 		goto out;
 
 	rc = -ENOMEM;
 	p->user_val_to_struct =
-		kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
+		kzalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
 			GFP_KERNEL);
 	if (!p->user_val_to_struct)
 		goto out;
@@ -964,7 +964,7 @@  int policydb_context_isvalid(struct policydb *p, struct context *c)
 		 * Role must be authorized for the type.
 		 */
 		role = p->role_val_to_struct[c->role - 1];
-		if (!ebitmap_get_bit(&role->types, c->type - 1))
+		if (!role || !ebitmap_get_bit(&role->types, c->type - 1))
 			/* role may not be associated with type */
 			return 0;