aboutsummaryrefslogtreecommitdiffstats
path: root/security/selinux/ss/conditional.c
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2007-11-07 10:08:00 -0500
committerJames Morris <jmorris@namei.org>2007-11-07 16:56:23 -0500
commit45e5421eb5bbcd9efa037d682dd357284e3ef982 (patch)
treeceb24143024fe335d08ac30fb4da9ca25fbeb6e6 /security/selinux/ss/conditional.c
parent6d2b685564ba417f4c6d80c3661f0dfee13fff85 (diff)
SELinux: add more validity checks on policy load
Add more validity checks at policy load time to reject malformed policies and prevent subsequent out-of-range indexing when in permissive mode. Resolves the NULL pointer dereference reported in https://bugzilla.redhat.com/show_bug.cgi?id=357541. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss/conditional.c')
-rw-r--r--security/selinux/ss/conditional.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c
index 45b93a827c80..50ad85d4b77c 100644
--- a/security/selinux/ss/conditional.c
+++ b/security/selinux/ss/conditional.c
@@ -362,7 +362,8 @@ static int cond_read_av_list(struct policydb *p, void *fp, struct cond_av_list *
362 data.head = NULL; 362 data.head = NULL;
363 data.tail = NULL; 363 data.tail = NULL;
364 for (i = 0; i < len; i++) { 364 for (i = 0; i < len; i++) {
365 rc = avtab_read_item(fp, p->policyvers, &p->te_cond_avtab, cond_insertf, &data); 365 rc = avtab_read_item(&p->te_cond_avtab, fp, p, cond_insertf,
366 &data);
366 if (rc) 367 if (rc)
367 return rc; 368 return rc;
368 369