[-next] apparmor: fix error return code in __aa_fs_profile_mkdir()
diff mbox

Message ID 1468413629-1980-1-git-send-email-weiyj_lk@163.com
State New
Headers show

Commit Message

weiyj_lk@163.com July 13, 2016, 12:40 p.m. UTC
From: Wei Yongjun <yongjun_wei@trendmicro.com.cn>

The error return code is set to PTR_ERR(dent) when malloc failed, 'dent'
can be NULL here, this means the return value will be set to 0. Fix to
return -ENOMEM in this error handling case.

Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
---
 security/apparmor/apparmorfs.c | 6 ++++--
 1 file changed, 4 insertions(+), 2 deletions(-)



--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Comments

Serge E. Hallyn July 13, 2016, 2:07 p.m. UTC | #1
Quoting weiyj_lk@163.com (weiyj_lk@163.com):
> From: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
> 
> The error return code is set to PTR_ERR(dent) when malloc failed, 'dent'
> can be NULL here, this means the return value will be set to 0. Fix to
> return -ENOMEM in this error handling case.
> 
> Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
> ---

Acked-by: Serge Hallyn <serge@hallyn.com>

>  security/apparmor/apparmorfs.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 729e595..25479dc 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -424,8 +424,10 @@ int __aa_fs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
>  		id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
>  
>  		profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
> -		if (!profile->dirname)
> -			goto fail;
> +		if (!profile->dirname) {
> +			error = -ENOMEM;
> +			goto fail2;
> +		}
>  
>  		mangle_name(profile->base.name, profile->dirname);
>  		sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
> 
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
John Johansen July 13, 2016, 2:29 p.m. UTC | #2
On 07/13/2016 05:40 AM, weiyj_lk@163.com wrote:
> From: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
> 
> The error return code is set to PTR_ERR(dent) when malloc failed, 'dent'
> can be NULL here, this means the return value will be set to 0. Fix to
> return -ENOMEM in this error handling case.
> 
> Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>

thanks I've pulled this into my tree for the 4.9 pull-request
(4.8 has already been sent, so it will have to wait unless Serge or James
wants to pull this in before then).

Acked-by: John Johansen <john.johansen@canonical.com>

> ---
>  security/apparmor/apparmorfs.c | 6 ++++--
>  1 file changed, 4 insertions(+), 2 deletions(-)
> 
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 729e595..25479dc 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -424,8 +424,10 @@ int __aa_fs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
>  		id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
>  
>  		profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
> -		if (!profile->dirname)
> -			goto fail;
> +		if (!profile->dirname) {
> +			error = -ENOMEM;
> +			goto fail2;
> +		}
>  
>  		mangle_name(profile->base.name, profile->dirname);
>  		sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
> 
> 

--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
James Morris July 15, 2016, 6:12 a.m. UTC | #3
On Wed, 13 Jul 2016, John Johansen wrote:

> On 07/13/2016 05:40 AM, weiyj_lk@163.com wrote:
> > From: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
> > 
> > The error return code is set to PTR_ERR(dent) when malloc failed, 'dent'
> > can be NULL here, this means the return value will be set to 0. Fix to
> > return -ENOMEM in this error handling case.
> > 
> > Signed-off-by: Wei Yongjun <yongjun_wei@trendmicro.com.cn>
> 
> thanks I've pulled this into my tree for the 4.9 pull-request
> (4.8 has already been sent, so it will have to wait unless Serge or James
> wants to pull this in before then).
> 

A bugfix is fine for the 4.8 kernel.

Patch
diff mbox

diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
index 729e595..25479dc 100644
--- a/security/apparmor/apparmorfs.c
+++ b/security/apparmor/apparmorfs.c
@@ -424,8 +424,10 @@  int __aa_fs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
 		id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
 
 		profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
-		if (!profile->dirname)
-			goto fail;
+		if (!profile->dirname) {
+			error = -ENOMEM;
+			goto fail2;
+		}
 
 		mangle_name(profile->base.name, profile->dirname);
 		sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);