aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2009-02-27 15:00:03 -0500
committerJames Morris <jmorris@namei.org>2009-03-01 17:30:04 -0500
commitd7f59dc4642ce2fc7b79fcd4ec02ffce7f21eb02 (patch)
tree1557550ed6478a38cc04ad480a5977580d97b5cd
parent778ef1e6cbb049c9bcbf405936ee6f2b6e451892 (diff)
selinux: Fix a panic in selinux_netlbl_inode_permission()
Rick McNeal from LSI identified a panic in selinux_netlbl_inode_permission() caused by a certain sequence of SUNRPC operations. The problem appears to be due to the lack of NULL pointer checking in the function; this patch adds the pointer checks so the function will exit safely in the cases where the socket is not completely initialized. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/selinux/netlabel.c5
1 files changed, 3 insertions, 2 deletions
diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c
index 3f4b26647386..350794ab9b42 100644
--- a/security/selinux/netlabel.c
+++ b/security/selinux/netlabel.c
@@ -386,11 +386,12 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask)
386 if (!S_ISSOCK(inode->i_mode) || 386 if (!S_ISSOCK(inode->i_mode) ||
387 ((mask & (MAY_WRITE | MAY_APPEND)) == 0)) 387 ((mask & (MAY_WRITE | MAY_APPEND)) == 0))
388 return 0; 388 return 0;
389
390 sock = SOCKET_I(inode); 389 sock = SOCKET_I(inode);
391 sk = sock->sk; 390 sk = sock->sk;
391 if (sk == NULL)
392 return 0;
392 sksec = sk->sk_security; 393 sksec = sk->sk_security;
393 if (sksec->nlbl_state != NLBL_REQUIRE) 394 if (sksec == NULL || sksec->nlbl_state != NLBL_REQUIRE)
394 return 0; 395 return 0;
395 396
396 local_bh_disable(); 397 local_bh_disable();