From: Micah Morton <mortonm@chromium.org>
Date: Tue, 17 Sep 2019 18:27:05 +0000 (-0700)
Subject: LSM: SafeSetID: Stop releasing uninitialized ruleset
X-Git-Tag: v5.4-rc1~67^2
X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=21ab8580b383f27b7f59b84ac1699cb26d6c3d69;p=thirdparty%2Fkernel%2Flinux.git

LSM: SafeSetID: Stop releasing uninitialized ruleset

The first time a rule set is configured for SafeSetID, we shouldn't be
trying to release the previously configured ruleset, since there isn't
one. Currently, the pointer that would point to a previously configured
ruleset is uninitialized on first rule set configuration, leading to a
crash when we try to call release_ruleset with that pointer.

Acked-by: Jann Horn <jannh@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
---

diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c
index d568e17dd7739..74a13d432ed80 100644
--- a/security/safesetid/securityfs.c
+++ b/security/safesetid/securityfs.c
@@ -187,7 +187,8 @@ out_free_rule:
 out_free_buf:
 	kfree(buf);
 out_free_pol:
-	release_ruleset(pol);
+	if (pol)
+                release_ruleset(pol);
 	return err;
 }