forked from luck/tmp_suning_uos_patched
SELinux: possible NULL deref in context_struct_to_string
It's possible that the caller passed a NULL for scontext. However if this is a defered mapping we might still attempt to call *scontext=kstrdup(). This is bad. Instead just return the len. Signed-off-by: Eric Paris <eparis@redhat.com>
This commit is contained in:
parent
d6ea83ec68
commit
bb7081ab93
|
@ -1018,9 +1018,11 @@ static int context_struct_to_string(struct context *context, char **scontext, u3
|
||||||
|
|
||||||
if (context->len) {
|
if (context->len) {
|
||||||
*scontext_len = context->len;
|
*scontext_len = context->len;
|
||||||
|
if (scontext) {
|
||||||
*scontext = kstrdup(context->str, GFP_ATOMIC);
|
*scontext = kstrdup(context->str, GFP_ATOMIC);
|
||||||
if (!(*scontext))
|
if (!(*scontext))
|
||||||
return -ENOMEM;
|
return -ENOMEM;
|
||||||
|
}
|
||||||
return 0;
|
return 0;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
Loading…
Reference in New Issue
Block a user