| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20220614021449.39255-1-xiujianfeng@huawei.com>
Date: Tue, 14 Jun 2022 10:14:49 +0800
From: Xiu Jianfeng <xiujianfeng@...wei.com>
To: <paul@...l-moore.com>, <stephen.smalley.work@...il.com>,
<eparis@...isplace.org>
CC: <selinux@...r.kernel.org>, <linux-kernel@...r.kernel.org>
Subject: [PATCH -next] selinux: Add boundary check in put_entry()
Just like next_entry(), boundary check is necessary to prevent memory
out-of-bound access.
Signed-off-by: Xiu Jianfeng <xiujianfeng@...wei.com>
---
security/selinux/ss/policydb.h | 2 ++
1 file changed, 2 insertions(+)
diff --git a/security/selinux/ss/policydb.h b/security/selinux/ss/policydb.h
index c24d4e1063ea..ffc4e7bad205 100644
--- a/security/selinux/ss/policydb.h
+++ b/security/selinux/ss/policydb.h
@@ -370,6 +370,8 @@ static inline int put_entry(const void *buf, size_t bytes, int num, struct polic
{
size_t len = bytes * num;
+ if (len > fp->len)
+ return -EINVAL;
memcpy(fp->data, buf, len);
fp->data += len;
fp->len -= len;
--
2.17.1
Powered by blists - more mailing lists