| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Sun, 15 Jan 2017 16:39:11 +0100
From: SF Markus Elfring <elfring@...rs.sourceforge.net>
To: linux-security-module@...r.kernel.org, selinux@...ho.nsa.gov,
Eric Paris <eparis@...isplace.org>,
James Morris <james.l.morris@...cle.com>,
Paul Moore <paul@...l-moore.com>,
"Serge E. Hallyn" <serge@...lyn.com>,
Stephen Smalley <sds@...ho.nsa.gov>,
William Roberts <william.c.roberts@...el.com>
Cc: LKML <linux-kernel@...r.kernel.org>,
kernel-janitors@...r.kernel.org
Subject: [PATCH 39/46] selinux: Move two assignments for the variable "rc" in
ocontext_read()
From: Markus Elfring <elfring@...rs.sourceforge.net>
Date: Sun, 15 Jan 2017 11:30:12 +0100
One local variable was set to an error code in two cases before
a concrete error situation was detected. Thus move the corresponding
assignments into if branches to indicate a software failure there.
Signed-off-by: Markus Elfring <elfring@...rs.sourceforge.net>
---
security/selinux/ss/policydb.c | 13 +++++++------
1 file changed, 7 insertions(+), 6 deletions(-)
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 88730b372277..8b9ed3f1b132 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -2121,10 +2121,11 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info,
l = NULL;
for (j = 0; j < nel; j++) {
- rc = -ENOMEM;
c = kzalloc(sizeof(*c), GFP_KERNEL);
- if (!c)
+ if (!c) {
+ rc = -ENOMEM;
goto out;
+ }
if (l)
l->next = c;
else
@@ -2186,13 +2187,13 @@ static int ocontext_read(struct policydb *p, struct policydb_compat_info *info,
if (rc)
goto out;
- rc = -EINVAL;
c->v.behavior = le32_to_cpu(buf[0]);
/* Determined at runtime, not in policy DB. */
- if (c->v.behavior == SECURITY_FS_USE_MNTPOINT)
- goto out;
- if (c->v.behavior > SECURITY_FS_USE_MAX)
+ if (c->v.behavior == SECURITY_FS_USE_MNTPOINT ||
+ c->v.behavior > SECURITY_FS_USE_MAX) {
+ rc = -EINVAL;
goto out;
+ }
len = le32_to_cpu(buf[1]);
rc = str_read(&c->u.name, GFP_KERNEL, fp, len);
--
2.11.0
Powered by blists - more mailing lists