aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2005-10-23 15:57:15 -0400
committerLinus Torvalds <torvalds@g5.osdl.org>2005-10-23 19:38:38 -0400
commit282c1f5eba150d0b156ffa9e6b064f1d92f8315f (patch)
tree1b4446dc0a2651a340be0c0485c8e053cdb27407
parent8766ce41018a0cb80fbe0ce7dbf747f357c752da (diff)
[PATCH] selinux: Fix NULL deref in policydb_destroy
This patch fixes a possible NULL dereference in policydb_destroy, where p->type_attr_map can be NULL if policydb_destroy is called to clean up a partially loaded policy upon an error during policy load. Please apply. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Andrew Morton <akpm@osdl.org> Signed-off-by: Linus Torvalds <torvalds@osdl.org>
-rw-r--r--security/selinux/ss/policydb.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 0a758323a9cf..8e6262d12aa9 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -650,8 +650,10 @@ void policydb_destroy(struct policydb *p)
650 } 650 }
651 if (lrt) kfree(lrt); 651 if (lrt) kfree(lrt);
652 652
653 for (i = 0; i < p->p_types.nprim; i++) 653 if (p->type_attr_map) {
654 ebitmap_destroy(&p->type_attr_map[i]); 654 for (i = 0; i < p->p_types.nprim; i++)
655 ebitmap_destroy(&p->type_attr_map[i]);
656 }
655 kfree(p->type_attr_map); 657 kfree(p->type_attr_map);
656 658
657 return; 659 return;