From: Chris Wright Date: Tue, 16 May 2006 23:47:13 +0000 (-0700) Subject: selinux check return of kmalloc X-Git-Tag: v2.6.16.17~19 X-Git-Url: http://git.ipfire.org/?a=commitdiff_plain;h=4bc19d8f62dd3a22dad8db5b9d0a21f319dad7c2;p=thirdparty%2Fkernel%2Fstable-queue.git selinux check return of kmalloc --- diff --git a/queue-2.6.16/selinux-check-for-failed-kmalloc-in-security_sid_to_context.patch b/queue-2.6.16/selinux-check-for-failed-kmalloc-in-security_sid_to_context.patch new file mode 100644 index 00000000000..037b633a110 --- /dev/null +++ b/queue-2.6.16/selinux-check-for-failed-kmalloc-in-security_sid_to_context.patch @@ -0,0 +1,31 @@ +From nobody Mon Sep 17 00:00:00 2001 +From: Serge E. Hallyn +Date: Mon, 15 May 2006 09:43:48 -0700 +Subject: [PATCH] selinux: check for failed kmalloc in security_sid_to_context() + +Check for NULL kmalloc return value before writing to it. + +Signed-off-by: Serge E. Hallyn +Acked-by: James Morris +Cc: Stephen Smalley +Signed-off-by: Andrew Morton +Signed-off-by: Linus Torvalds +Signed-off-by: Chris Wright +--- + + security/selinux/ss/services.c | 4 ++++ + 1 file changed, 4 insertions(+) + +--- linux-2.6.16.16.orig/security/selinux/ss/services.c ++++ linux-2.6.16.16/security/selinux/ss/services.c +@@ -592,6 +592,10 @@ int security_sid_to_context(u32 sid, cha + + *scontext_len = strlen(initial_sid_to_string[sid]) + 1; + scontextp = kmalloc(*scontext_len,GFP_ATOMIC); ++ if (!scontextp) { ++ rc = -ENOMEM; ++ goto out; ++ } + strcpy(scontextp, initial_sid_to_string[sid]); + *scontext = scontextp; + goto out; diff --git a/queue-2.6.16/series b/queue-2.6.16/series index 71aac5cdd17..8df69f08e08 100644 --- a/queue-2.6.16/series +++ b/queue-2.6.16/series @@ -8,3 +8,4 @@ smbus-unhiding-kills-thermal-management.patch scx200_acb-fix-resource-name-use-after-free.patch netfilter-do_add_counters-race-possible-info-leak.patch tg3-ethtool-always-report-port-is-tp.patch +selinux-check-for-failed-kmalloc-in-security_sid_to_context.patch