From: Serge E. Hallyn <serue@us.ibm.com>
Date: Mon, 15 May 2006 16:43:48 +0000 (-0700)
Subject: [PATCH] selinux: check for failed kmalloc in security_sid_to_context()
X-Git-Tag: v2.6.16.17~13
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=3220ee4a7afa92cc7315f9f74b64bb8a7f9b1320;p=thirdparty%2Fkernel%2Fstable.git

[PATCH] selinux: check for failed kmalloc in security_sid_to_context()

Check for NULL kmalloc return value before writing to it.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
Signed-off-by: Chris Wright <chrisw@sous-sol.org>
Signed-off-by: Greg Kroah-Hartman <gregkh@suse.de>
---

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 8a764928ff4be..6375dd578b39c 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -592,6 +592,10 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
 
 			*scontext_len = strlen(initial_sid_to_string[sid]) + 1;
 			scontextp = kmalloc(*scontext_len,GFP_ATOMIC);
+			if (!scontextp) {
+				rc = -ENOMEM;
+				goto out;
+			}
 			strcpy(scontextp, initial_sid_to_string[sid]);
 			*scontext = scontextp;
 			goto out;