selinux: detect invalid ebitmap

When count is 0 and the highbit is not zero, the ebitmap is not valid and the internal node is not allocated. This causes issues when routines, like mls_context_isvalid() attempt to use the ebitmap_for_each_bit() and ebitmap_node_get_bit() as they assume a highbit > 0 will have a node allocated. Signed-off-by: N William Roberts <william.c.roberts@intel.com> Signed-off-by: N Paul Moore <paul@paul-moore.com>

selinux: detect invalid ebitmap
When count is 0 and the highbit is not zero, the ebitmap is not valid and the internal node is not allocated. This causes issues when routines, like mls_context_isvalid() attempt to use the ebitmap_for_each_bit() and ebitmap_node_get_bit() as they assume a highbit > 0 will have a node allocated. Signed-off-by: N William Roberts <william.c.roberts@intel.com> Signed-off-by: N Paul Moore <paul@paul-moore.com>
74d977b6 · William Roberts · Paul Moore · 348a0db9 · 74d977b6
隐藏空白更改
内联并排

Showing with 3 addition and 0 deletion

security/selinux/ss/ebitmap.c security/selinux/ss/ebitmap.c +3 -0

未找到文件。
--- a/security/selinux/ss/ebitmap.c
+++ b/security/selinux/ss/ebitmap.c
@@ -374,6 +374,9 @@ int ebitmap_read(struct ebitmap *e, void *fp)
 		goto ok;
 	}

+	if (e->highbit && !count)
+		goto bad;
+
 	for (i = 0; i < count; i++) {
 		rc = next_entry(&startbit, fp, sizeof(u32));
 		if (rc < 0) {