diff options
Diffstat (limited to 'security/selinux/ss/conditional.c')
| -rw-r--r-- | security/selinux/ss/conditional.c | 20 |
1 files changed, 12 insertions, 8 deletions
diff --git a/security/selinux/ss/conditional.c b/security/selinux/ss/conditional.c index aac40c7ff28c..a2b3b298e604 100644 --- a/security/selinux/ss/conditional.c +++ b/security/selinux/ss/conditional.c | |||
| @@ -392,24 +392,25 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
| 392 | struct cond_expr *expr = NULL, *last = NULL; | 392 | struct cond_expr *expr = NULL, *last = NULL; |
| 393 | 393 | ||
| 394 | rc = next_entry(buf, fp, sizeof(u32)); | 394 | rc = next_entry(buf, fp, sizeof(u32)); |
| 395 | if (rc < 0) | 395 | if (rc) |
| 396 | return -1; | 396 | return rc; |
| 397 | 397 | ||
| 398 | node->cur_state = le32_to_cpu(buf[0]); | 398 | node->cur_state = le32_to_cpu(buf[0]); |
| 399 | 399 | ||
| 400 | len = 0; | 400 | len = 0; |
| 401 | rc = next_entry(buf, fp, sizeof(u32)); | 401 | rc = next_entry(buf, fp, sizeof(u32)); |
| 402 | if (rc < 0) | 402 | if (rc) |
| 403 | return -1; | 403 | return rc; |
| 404 | 404 | ||
| 405 | /* expr */ | 405 | /* expr */ |
| 406 | len = le32_to_cpu(buf[0]); | 406 | len = le32_to_cpu(buf[0]); |
| 407 | 407 | ||
| 408 | for (i = 0; i < len; i++) { | 408 | for (i = 0; i < len; i++) { |
| 409 | rc = next_entry(buf, fp, sizeof(u32) * 2); | 409 | rc = next_entry(buf, fp, sizeof(u32) * 2); |
| 410 | if (rc < 0) | 410 | if (rc) |
| 411 | goto err; | 411 | goto err; |
| 412 | 412 | ||
| 413 | rc = -ENOMEM; | ||
| 413 | expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL); | 414 | expr = kzalloc(sizeof(struct cond_expr), GFP_KERNEL); |
| 414 | if (!expr) | 415 | if (!expr) |
| 415 | goto err; | 416 | goto err; |
| @@ -418,6 +419,7 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
| 418 | expr->bool = le32_to_cpu(buf[1]); | 419 | expr->bool = le32_to_cpu(buf[1]); |
| 419 | 420 | ||
| 420 | if (!expr_isvalid(p, expr)) { | 421 | if (!expr_isvalid(p, expr)) { |
| 422 | rc = -EINVAL; | ||
| 421 | kfree(expr); | 423 | kfree(expr); |
| 422 | goto err; | 424 | goto err; |
| 423 | } | 425 | } |
| @@ -429,14 +431,16 @@ static int cond_read_node(struct policydb *p, struct cond_node *node, void *fp) | |||
| 429 | last = expr; | 431 | last = expr; |
| 430 | } | 432 | } |
| 431 | 433 | ||
| 432 | if (cond_read_av_list(p, fp, &node->true_list, NULL) != 0) | 434 | rc = cond_read_av_list(p, fp, &node->true_list, NULL); |
| 435 | if (rc) | ||
| 433 | goto err; | 436 | goto err; |
| 434 | if (cond_read_av_list(p, fp, &node->false_list, node->true_list) != 0) | 437 | rc = cond_read_av_list(p, fp, &node->false_list, node->true_list); |
| 438 | if (rc) | ||
| 435 | goto err; | 439 | goto err; |
| 436 | return 0; | 440 | return 0; |
| 437 | err: | 441 | err: |
| 438 | cond_node_destroy(node); | 442 | cond_node_destroy(node); |
| 439 | return -1; | 443 | return rc; |
| 440 | } | 444 | } |
| 441 | 445 | ||
| 442 | int cond_read_list(struct policydb *p, void *fp) | 446 | int cond_read_list(struct policydb *p, void *fp) |