diff options
-rw-r--r-- | security/selinux/xfrm.c | 13 |
1 files changed, 7 insertions, 6 deletions
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index 36a191e7004e..e07603969033 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
@@ -211,26 +211,27 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
211 | if (uctx->ctx_doi != XFRM_SC_ALG_SELINUX) | 211 | if (uctx->ctx_doi != XFRM_SC_ALG_SELINUX) |
212 | return -EINVAL; | 212 | return -EINVAL; |
213 | 213 | ||
214 | if (uctx->ctx_len >= PAGE_SIZE) | 214 | str_len = uctx->ctx_len; |
215 | if (str_len >= PAGE_SIZE) | ||
215 | return -ENOMEM; | 216 | return -ENOMEM; |
216 | 217 | ||
217 | *ctxp = ctx = kmalloc(sizeof(*ctx) + | 218 | *ctxp = ctx = kmalloc(sizeof(*ctx) + |
218 | uctx->ctx_len + 1, | 219 | str_len + 1, |
219 | GFP_KERNEL); | 220 | GFP_KERNEL); |
220 | 221 | ||
221 | if (!ctx) | 222 | if (!ctx) |
222 | return -ENOMEM; | 223 | return -ENOMEM; |
223 | 224 | ||
224 | ctx->ctx_doi = uctx->ctx_doi; | 225 | ctx->ctx_doi = uctx->ctx_doi; |
225 | ctx->ctx_len = uctx->ctx_len; | 226 | ctx->ctx_len = str_len; |
226 | ctx->ctx_alg = uctx->ctx_alg; | 227 | ctx->ctx_alg = uctx->ctx_alg; |
227 | 228 | ||
228 | memcpy(ctx->ctx_str, | 229 | memcpy(ctx->ctx_str, |
229 | uctx+1, | 230 | uctx+1, |
230 | ctx->ctx_len); | 231 | str_len); |
231 | ctx->ctx_str[ctx->ctx_len] = 0; | 232 | ctx->ctx_str[str_len] = 0; |
232 | rc = security_context_to_sid(ctx->ctx_str, | 233 | rc = security_context_to_sid(ctx->ctx_str, |
233 | ctx->ctx_len, | 234 | str_len, |
234 | &ctx->ctx_sid); | 235 | &ctx->ctx_sid); |
235 | 236 | ||
236 | if (rc) | 237 | if (rc) |