projects / GitHub / mt8127 / android_kernel_alcatel_ttab.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: 4b0f1ec)
apparmor: fix oops in profile_unpack() when policy_db is not present
authorJohn Johansen <john.johansen@canonical.com>
Wed, 15 Jun 2016 07:00:55 +0000 (10:00 +0300)
committerWilly Tarreau <w@1wt.eu>
Tue, 20 Jun 2017 12:04:12 +0000 (14:04 +0200)
commit 5f20fdfed16bc599a325a145bf0123a8e1c9beea upstream.

BugLink: http://bugs.launchpad.net/bugs/1592547
If unpack_dfa() returns NULL due to the dfa not being present,
profile_unpack() is not checking if the dfa is not present (NULL).

Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Willy Tarreau <w@1wt.eu>
security/apparmor/policy_unpack.c patch | blob | blame | history

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index 6b221354f0aa769f5c3a6f75e65e4be7aff001d8..55ff3eecd368f8203059f06ad43ac145632133b9 100644 (file)
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -571,6 +571,9 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)
                        error = PTR_ERR(profile->policy.dfa);
                        profile->policy.dfa = NULL;
                        goto fail;
+               } else if (!profile->policy.dfa) {
+                       error = -EPROTO;
+                       goto fail;
                }
                if (!unpack_u32(e, &profile->policy.start[0], "start"))
                        /* default start state */
kernel source for telekom puls (alcatel/mediatek)