diff options
author | Ondrej Mosnacek <omosnace@redhat.com> | 2019-07-23 08:50:59 +0200 |
---|---|---|
committer | Greg Kroah-Hartman <gregkh@linuxfoundation.org> | 2019-07-31 07:24:58 +0200 |
commit | 117d3b1d5e3150064b5c83db8eb879f950cb7e05 (patch) | |
tree | 3a29890e6551626c13672e302cf01edfbff78a9b /security/selinux | |
parent | e459c059b044f8f91c43eb0612e98e85a73a1c41 (diff) | |
download | linux-stable-117d3b1d5e3150064b5c83db8eb879f950cb7e05.tar.gz linux-stable-117d3b1d5e3150064b5c83db8eb879f950cb7e05.tar.bz2 linux-stable-117d3b1d5e3150064b5c83db8eb879f950cb7e05.zip |
selinux: check sidtab limit before adding a new entry
commit acbc372e6109c803cbee4733769d02008381740f upstream.
We need to error out when trying to add an entry above SIDTAB_MAX in
sidtab_reverse_lookup() to avoid overflow on the odd chance that this
happens.
Cc: stable@vger.kernel.org
Fixes: ee1a84fdfeed ("selinux: overhaul sidtab to fix bug and improve performance")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
Diffstat (limited to 'security/selinux')
-rw-r--r-- | security/selinux/ss/sidtab.c | 5 |
1 files changed, 5 insertions, 0 deletions
diff --git a/security/selinux/ss/sidtab.c b/security/selinux/ss/sidtab.c index e63a90ff2728..1f0a6eaa2d6a 100644 --- a/security/selinux/ss/sidtab.c +++ b/security/selinux/ss/sidtab.c @@ -286,6 +286,11 @@ static int sidtab_reverse_lookup(struct sidtab *s, struct context *context, ++count; } + /* bail out if we already reached max entries */ + rc = -EOVERFLOW; + if (count >= SIDTAB_MAX) + goto out_unlock; + /* insert context into new entry */ rc = -ENOMEM; dst = sidtab_do_lookup(s, count, 1); |