selinux: check sidtab limit before adding a new entry - openslx/kernel-qcow2-linux.git

diff options

author	Ondrej Mosnacek	2019-07-23 08:50:59 +0200
committer	Paul Moore	2019-07-24 17:13:34 +0200
commit	acbc372e6109c803cbee4733769d02008381740f (patch)
tree	4bccf1658aa986fd09d5d602a0b3073fdd44f6c5 /security/selinux/ss/policydb.c
parent	selinux: format all invalid context as untrusted (diff)
download	kernel-qcow2-linux-acbc372e6109c803cbee4733769d02008381740f.tar.gz kernel-qcow2-linux-acbc372e6109c803cbee4733769d02008381740f.tar.xz kernel-qcow2-linux-acbc372e6109c803cbee4733769d02008381740f.zip

selinux: check sidtab limit before adding a new entry

We need to error out when trying to add an entry above SIDTAB_MAX in sidtab_reverse_lookup() to avoid overflow on the odd chance that this happens. Cc: stable@vger.kernel.org Fixes: ee1a84fdfeed ("selinux: overhaul sidtab to fix bug and improve performance") Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com> Reviewed-by: Kees Cook <keescook@chromium.org> Signed-off-by: Paul Moore <paul@paul-moore.com>

Diffstat (limited to 'security/selinux/ss/policydb.c')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: