* [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
@ 2018-03-23 23:34 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-03-23 23:34 UTC (permalink / raw)
To: John Johansen, James Morris, Serge E . Hallyn, linux-security-module
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
Currently variable size is a unsigned size_t, hence comparisons to
see if it is less than zero (for error checking) will always be
false. Fix this by making size a ssize_t
Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 57cc892e05a2..590b7e8cd21c 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
struct aa_profile *profile, unsigned int state)
{
int i;
- size_t size;
+ ssize_t size;
struct dentry *d;
char *value = NULL;
int value_size = 0, ret = profile->xattr_count;
--
2.15.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
@ 2018-03-23 23:34 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-03-23 23:34 UTC (permalink / raw)
To: linux-security-module
From: Colin Ian King <colin.king@canonical.com>
Currently variable size is a unsigned size_t, hence comparisons to
see if it is less than zero (for error checking) will always be
false. Fix this by making size a ssize_t
Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 57cc892e05a2..590b7e8cd21c 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
struct aa_profile *profile, unsigned int state)
{
int i;
- size_t size;
+ ssize_t size;
struct dentry *d;
char *value = NULL;
int value_size = 0, ret = profile->xattr_count;
--
2.15.1
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
@ 2018-03-23 23:34 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-03-23 23:34 UTC (permalink / raw)
To: linux-security-module
From: Colin Ian King <colin.king@canonical.com>
Currently variable size is a unsigned size_t, hence comparisons to
see if it is less than zero (for error checking) will always be
false. Fix this by making size a ssize_t
Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/domain.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
index 57cc892e05a2..590b7e8cd21c 100644
--- a/security/apparmor/domain.c
+++ b/security/apparmor/domain.c
@@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
struct aa_profile *profile, unsigned int state)
{
int i;
- size_t size;
+ ssize_t size;
struct dentry *d;
char *value = NULL;
int value_size = 0, ret = profile->xattr_count;
--
2.15.1
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 9+ messages in thread
* Re: [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
2018-03-23 23:34 ` Colin King
(?)
@ 2018-03-24 0:23 ` John Johansen
-1 siblings, 0 replies; 9+ messages in thread
From: John Johansen @ 2018-03-24 0:23 UTC (permalink / raw)
To: Colin King, James Morris, Serge E . Hallyn, linux-security-module
Cc: kernel-janitors, linux-kernel
On 03/23/2018 04:34 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently variable size is a unsigned size_t, hence comparisons to
> see if it is less than zero (for error checking) will always be
> false. Fix this by making size a ssize_t
>
> Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
>
> Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
and pulled into apparmor-next
> ---
> security/apparmor/domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index 57cc892e05a2..590b7e8cd21c 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
> struct aa_profile *profile, unsigned int state)
> {
> int i;
> - size_t size;
> + ssize_t size;
> struct dentry *d;
> char *value = NULL;
> int value_size = 0, ret = profile->xattr_count;
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* Re: [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
@ 2018-03-24 0:23 ` John Johansen
0 siblings, 0 replies; 9+ messages in thread
From: John Johansen @ 2018-03-24 0:23 UTC (permalink / raw)
To: linux-security-module
On 03/23/2018 04:34 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently variable size is a unsigned size_t, hence comparisons to
> see if it is less than zero (for error checking) will always be
> false. Fix this by making size a ssize_t
>
> Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
>
> Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
and pulled into apparmor-next
> ---
> security/apparmor/domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index 57cc892e05a2..590b7e8cd21c 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
> struct aa_profile *profile, unsigned int state)
> {
> int i;
> - size_t size;
> + ssize_t size;
> struct dentry *d;
> char *value = NULL;
> int value_size = 0, ret = profile->xattr_count;
>
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error returns checks by making size a ssize_t
@ 2018-03-24 0:23 ` John Johansen
0 siblings, 0 replies; 9+ messages in thread
From: John Johansen @ 2018-03-24 0:23 UTC (permalink / raw)
To: linux-security-module
On 03/23/2018 04:34 PM, Colin King wrote:
> From: Colin Ian King <colin.king@canonical.com>
>
> Currently variable size is a unsigned size_t, hence comparisons to
> see if it is less than zero (for error checking) will always be
> false. Fix this by making size a ssize_t
>
> Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0")
>
> Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value")
> Signed-off-by: Colin Ian King <colin.king@canonical.com>
Acked-by: John Johansen <john.johansen@canonical.com>
and pulled into apparmor-next
> ---
> security/apparmor/domain.c | 2 +-
> 1 file changed, 1 insertion(+), 1 deletion(-)
>
> diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c
> index 57cc892e05a2..590b7e8cd21c 100644
> --- a/security/apparmor/domain.c
> +++ b/security/apparmor/domain.c
> @@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm,
> struct aa_profile *profile, unsigned int state)
> {
> int i;
> - size_t size;
> + ssize_t size;
> struct dentry *d;
> char *value = NULL;
> int value_size = 0, ret = profile->xattr_count;
>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
^ permalink raw reply [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error return check with a u32 being less than zero
2018-03-23 23:34 ` Colin King
(?)
@ 2018-05-04 14:15 ` Colin King
-1 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-05-04 14:15 UTC (permalink / raw)
To: John Johansen, James Morris, Serge E . Hallyn, linux-security-module
Cc: kernel-janitors, linux-kernel
From: Colin Ian King <colin.king@canonical.com>
The check for *seclen being less than zero for an error condtion check
is never true as it is a u32 and hence cannot be less than zero. Fix
this by using an int ret for error return checking and assigning *seclen
to this.
Detected by CoverityScan, CID#1468514 ("Unsigned comparison against 0")
Fixes: c092921219d2 ("apparmor: add support for mapping secids and using secctxes")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/secid.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c
index 502924853986..9c431e9a9836 100644
--- a/security/apparmor/secid.c
+++ b/security/apparmor/secid.c
@@ -142,6 +142,7 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
{
/* TODO: cache secctx and ref count so we don't have to recreate */
struct aa_label *label = aa_secid_to_label(secid);
+ int ret;
AA_BUG(!secdata);
AA_BUG(!seclen);
@@ -150,16 +151,17 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
return -EINVAL;
if (secdata)
- *seclen = aa_label_asxprint(secdata, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT, GFP_ATOMIC);
+ ret = aa_label_asxprint(secdata, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT, GFP_ATOMIC);
else
- *seclen = aa_label_snxprint(NULL, 0, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT);
- if (*seclen < 0)
+ ret = aa_label_snxprint(NULL, 0, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT);
+ *seclen = ret;
+ if (ret < 0)
return -ENOMEM;
return 0;
--
2.17.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error return check with a u32 being less than zero
@ 2018-05-04 14:15 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-05-04 14:15 UTC (permalink / raw)
To: linux-security-module
From: Colin Ian King <colin.king@canonical.com>
The check for *seclen being less than zero for an error condtion check
is never true as it is a u32 and hence cannot be less than zero. Fix
this by using an int ret for error return checking and assigning *seclen
to this.
Detected by CoverityScan, CID#1468514 ("Unsigned comparison against 0")
Fixes: c092921219d2 ("apparmor: add support for mapping secids and using secctxes")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/secid.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c
index 502924853986..9c431e9a9836 100644
--- a/security/apparmor/secid.c
+++ b/security/apparmor/secid.c
@@ -142,6 +142,7 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
{
/* TODO: cache secctx and ref count so we don't have to recreate */
struct aa_label *label = aa_secid_to_label(secid);
+ int ret;
AA_BUG(!secdata);
AA_BUG(!seclen);
@@ -150,16 +151,17 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
return -EINVAL;
if (secdata)
- *seclen = aa_label_asxprint(secdata, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT, GFP_ATOMIC);
+ ret = aa_label_asxprint(secdata, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT, GFP_ATOMIC);
else
- *seclen = aa_label_snxprint(NULL, 0, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT);
- if (*seclen < 0)
+ ret = aa_label_snxprint(NULL, 0, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT);
+ *seclen = ret;
+ if (ret < 0)
return -ENOMEM;
return 0;
--
2.17.0
^ permalink raw reply related [flat|nested] 9+ messages in thread
* [PATCH][next] apparmor: fix error return check with a u32 being less than zero
@ 2018-05-04 14:15 ` Colin King
0 siblings, 0 replies; 9+ messages in thread
From: Colin King @ 2018-05-04 14:15 UTC (permalink / raw)
To: linux-security-module
From: Colin Ian King <colin.king@canonical.com>
The check for *seclen being less than zero for an error condtion check
is never true as it is a u32 and hence cannot be less than zero. Fix
this by using an int ret for error return checking and assigning *seclen
to this.
Detected by CoverityScan, CID#1468514 ("Unsigned comparison against 0")
Fixes: c092921219d2 ("apparmor: add support for mapping secids and using secctxes")
Signed-off-by: Colin Ian King <colin.king@canonical.com>
---
security/apparmor/secid.c | 20 +++++++++++---------
1 file changed, 11 insertions(+), 9 deletions(-)
diff --git a/security/apparmor/secid.c b/security/apparmor/secid.c
index 502924853986..9c431e9a9836 100644
--- a/security/apparmor/secid.c
+++ b/security/apparmor/secid.c
@@ -142,6 +142,7 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
{
/* TODO: cache secctx and ref count so we don't have to recreate */
struct aa_label *label = aa_secid_to_label(secid);
+ int ret;
AA_BUG(!secdata);
AA_BUG(!seclen);
@@ -150,16 +151,17 @@ int apparmor_secid_to_secctx(u32 secid, char **secdata, u32 *seclen)
return -EINVAL;
if (secdata)
- *seclen = aa_label_asxprint(secdata, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT, GFP_ATOMIC);
+ ret = aa_label_asxprint(secdata, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT, GFP_ATOMIC);
else
- *seclen = aa_label_snxprint(NULL, 0, root_ns, label,
- FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
- FLAG_HIDDEN_UNCONFINED |
- FLAG_ABS_ROOT);
- if (*seclen < 0)
+ ret = aa_label_snxprint(NULL, 0, root_ns, label,
+ FLAG_SHOW_MODE | FLAG_VIEW_SUBNS |
+ FLAG_HIDDEN_UNCONFINED |
+ FLAG_ABS_ROOT);
+ *seclen = ret;
+ if (ret < 0)
return -ENOMEM;
return 0;
--
2.17.0
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info@ http://vger.kernel.org/majordomo-info.html
^ permalink raw reply related [flat|nested] 9+ messages in thread
end of thread, other threads:[~2018-05-04 14:15 UTC | newest]
Thread overview: 9+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2018-03-23 23:34 [PATCH][next] apparmor: fix error returns checks by making size a ssize_t Colin King
2018-03-23 23:34 ` Colin King
2018-03-23 23:34 ` Colin King
2018-03-24 0:23 ` John Johansen
2018-03-24 0:23 ` John Johansen
2018-03-24 0:23 ` John Johansen
2018-05-04 14:15 [PATCH][next] apparmor: fix error return check with a u32 being less than zero Colin King
2018-05-04 14:15 ` Colin King
2018-05-04 14:15 ` Colin King
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.