projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 5dee25d)
selinux: Augment BUG_ON assertion for secclass_map.
authorStephen Smalley <sds@tycho.nsa.gov>
Fri, 10 Jul 2015 21:19:57 +0000 (17:19 -0400)
committerPaul Moore <pmoore@redhat.com>
Mon, 13 Jul 2015 17:31:59 +0000 (13:31 -0400)
Ensure that we catch any cases where tclass == 0.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
security/selinux/avc.c patch | blob | blame | history

diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 2d5e1b04cd502944c45550f4b46b21ca2bef294f..324acc62f7e0748f18d79c48fd68451516c06cec 100644 (file)
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -116,6 +116,7 @@ static void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
                return;
        }
 
+       BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
        perms = secclass_map[tclass-1].perms;
 
        audit_log_format(ab, " {");
@@ -164,7 +165,7 @@ static void avc_dump_query(struct audit_buffer *ab, u32 ssid, u32 tsid, u16 tcla
                kfree(scontext);
        }
 
-       BUG_ON(tclass >= ARRAY_SIZE(secclass_map));
+       BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
        audit_log_format(ab, " tclass=%s", secclass_map[tclass-1].name);
 }