[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Message-ID: <CAEjxPJ4nT3LFqNNh7PRP5DuuJeVfOh_JQiDboskbpBATgoJkOQ@mail.gmail.com>
Date: Tue, 14 Dec 2021 11:14:10 -0500
From: Stephen Smalley <stephen.smalley.work@...il.com>
To: xkernel.wang@...mail.com
Cc: Paul Moore <paul@...l-moore.com>,
Eric Paris <eparis@...isplace.org>,
SElinux list <selinux@...r.kernel.org>,
linux-kernel <linux-kernel@...r.kernel.org>
Subject: Re: [PATCH] selinux: fix a wrong check condition of strcmp()
On Tue, Dec 14, 2021 at 4:34 AM <xkernel.wang@...mail.com> wrote:
>
> From: Xiaoke Wang <xkernel.wang@...mail.com>
>
> strcmp() will return 0 when two strings(s1, s2 for example) are equal.
> And if a negative number means s1 < s2. Here seems should use == 0 as
> the condition. Otherwise, the value of genfs->fstype can not be
> guaranteed.
>
> Signed-off-by: Xiaoke Wang <xkernel.wang@...mail.com>
NAK. Look more closely at the code that follows, and understand that
the list is ordered to avoid needing to traverse all of it.
> ---
> security/selinux/ss/services.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
> index 759d878..c9f6c3a 100644
> --- a/security/selinux/ss/services.c
> +++ b/security/selinux/ss/services.c
> @@ -2883,7 +2883,7 @@ static inline int __security_genfs_sid(struct selinux_policy *policy,
>
> for (genfs = policydb->genfs; genfs; genfs = genfs->next) {
> cmp = strcmp(fstype, genfs->fstype);
> - if (cmp <= 0)
> + if (cmp == 0)
> break;
> }
>
> --
Powered by blists - more mailing lists