| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20201125121043.107662-1-zhengzengkai@huawei.com>
Date: Wed, 25 Nov 2020 20:10:43 +0800
From: Zheng Zengkai <zhengzengkai@...wei.com>
To: <takedakn@...data.co.jp>, <penguin-kernel@...ove.SAKURA.ne.jp>,
<jmorris@...ei.org>, <serge@...lyn.com>
CC: <linux-security-module@...r.kernel.org>,
<linux-kernel@...r.kernel.org>, <zhengzengkai@...wei.com>
Subject: [PATCH] tomoyo: Avoid potential null pointer access
Calls to kzalloc() should be null-checked in order to avoid
any potential failures or unnecessary code execution.
Fix this by adding null checks for _entry_ right after allocation.
Fixes: 57c2590fb7fd ("TOMOYO: Update profile structure")
Reported-by: Hulk Robot <hulkci@...wei.com>
Signed-off-by: Zheng Zengkai <zhengzengkai@...wei.com>
---
security/tomoyo/common.c | 2 ++
1 file changed, 2 insertions(+)
diff --git a/security/tomoyo/common.c b/security/tomoyo/common.c
index 4bee32bfe16d..99b4fafcb100 100644
--- a/security/tomoyo/common.c
+++ b/security/tomoyo/common.c
@@ -499,6 +499,8 @@ static struct tomoyo_profile *tomoyo_assign_profile
if (ptr)
return ptr;
entry = kzalloc(sizeof(*entry), GFP_NOFS);
+ if (!entry)
+ return NULL;
if (mutex_lock_interruptible(&tomoyo_policy_lock))
goto out;
ptr = ns->profile_ptr[profile];
--
2.20.1
Powered by blists - more mailing lists