* [PATCH] LSM: SafeSetID: Stop releasing uninitialized ruleset
@ 2019-09-16 15:29 mortonm
0 siblings, 0 replies; only message in thread
From: mortonm @ 2019-09-16 15:29 UTC (permalink / raw)
To: linux-security-module; +Cc: Micah Morton, Jann Horn
From: Micah Morton <mortonm@chromium.org>
The first time a rule set is configured for SafeSetID, we shouldn't be
trying to release the previously configured ruleset, since there isn't
one. Currently, the pointer that would point to a previously configured
ruleset is uninitialized on first rule set configuration, leading to a
crash when we try to call release_ruleset with that pointer.
Acked-by: Jann Horn <jannh@google.com>
Signed-off-by: Micah Morton <mortonm@chromium.org>
---
security/safesetid/securityfs.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/security/safesetid/securityfs.c b/security/safesetid/securityfs.c
index d568e17dd773..74a13d432ed8 100644
--- a/security/safesetid/securityfs.c
+++ b/security/safesetid/securityfs.c
@@ -187,7 +187,8 @@ static ssize_t handle_policy_update(struct file *file,
out_free_buf:
kfree(buf);
out_free_pol:
- release_ruleset(pol);
+ if (pol)
+ release_ruleset(pol);
return err;
}
--
2.23.0.237.gc6a4ce50a0-goog
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-09-16 15:29 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-09-16 15:29 [PATCH] LSM: SafeSetID: Stop releasing uninitialized ruleset mortonm
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).