diff mbox series

checkpolicy: avoid passing NULL pointer to memset()

Message ID 20220829122840.qbxef3urreybaqxm@jmarcin-t14s-01 (mailing list archive)
State Accepted
Commit c916f0884bd0
Headers show
Series checkpolicy: avoid passing NULL pointer to memset() | expand

Commit Message

Juraj Marcin Aug. 29, 2022, 12:28 p.m. UTC
Function `class_perm_node_init()` is called with `dest_perms` before it
is checked that its allocation succeeded. If the allocation fails, then
a NULL pointer is passed to `memset()` inside the
`class_perm_node_init()` function.

Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
---
 checkpolicy/policy_define.c | 3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

Comments

James Carter Aug. 29, 2022, 6:50 p.m. UTC | #1
On Mon, Aug 29, 2022 at 8:49 AM Juraj Marcin <juraj@jurajmarcin.com> wrote:
>
> Function `class_perm_node_init()` is called with `dest_perms` before it
> is checked that its allocation succeeded. If the allocation fails, then
> a NULL pointer is passed to `memset()` inside the
> `class_perm_node_init()` function.
>
> Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>

Acked-by: James Carter <jwcart2@gmail.com>

> ---
>  checkpolicy/policy_define.c | 3 ++-
>  1 file changed, 2 insertions(+), 1 deletion(-)
>
> diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
> index f3b48870..54bb304b 100644
> --- a/checkpolicy/policy_define.c
> +++ b/checkpolicy/policy_define.c
> @@ -2371,11 +2371,12 @@ static int avrule_cpy(avrule_t *dest, const avrule_t *src)
>         src_perms = src->perms;
>         while (src_perms) {
>                 dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
> -               class_perm_node_init(dest_perms);
>                 if (!dest_perms) {
>                         yyerror("out of memory");
>                         return -1;
>                 }
> +               class_perm_node_init(dest_perms);
> +
>                 if (!dest->perms)
>                         dest->perms = dest_perms;
>                 else
> --
> 2.37.1
>
James Carter Sept. 1, 2022, 7:57 p.m. UTC | #2
On Mon, Aug 29, 2022 at 2:50 PM James Carter <jwcart2@gmail.com> wrote:
>
> On Mon, Aug 29, 2022 at 8:49 AM Juraj Marcin <juraj@jurajmarcin.com> wrote:
> >
> > Function `class_perm_node_init()` is called with `dest_perms` before it
> > is checked that its allocation succeeded. If the allocation fails, then
> > a NULL pointer is passed to `memset()` inside the
> > `class_perm_node_init()` function.
> >
> > Signed-off-by: Juraj Marcin <juraj@jurajmarcin.com>
>
> Acked-by: James Carter <jwcart2@gmail.com>
>

Merged.
Thanks,
Jim


> > ---
> >  checkpolicy/policy_define.c | 3 ++-
> >  1 file changed, 2 insertions(+), 1 deletion(-)
> >
> > diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
> > index f3b48870..54bb304b 100644
> > --- a/checkpolicy/policy_define.c
> > +++ b/checkpolicy/policy_define.c
> > @@ -2371,11 +2371,12 @@ static int avrule_cpy(avrule_t *dest, const avrule_t *src)
> >         src_perms = src->perms;
> >         while (src_perms) {
> >                 dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
> > -               class_perm_node_init(dest_perms);
> >                 if (!dest_perms) {
> >                         yyerror("out of memory");
> >                         return -1;
> >                 }
> > +               class_perm_node_init(dest_perms);
> > +
> >                 if (!dest->perms)
> >                         dest->perms = dest_perms;
> >                 else
> > --
> > 2.37.1
> >
diff mbox series

Patch

diff --git a/checkpolicy/policy_define.c b/checkpolicy/policy_define.c
index f3b48870..54bb304b 100644
--- a/checkpolicy/policy_define.c
+++ b/checkpolicy/policy_define.c
@@ -2371,11 +2371,12 @@  static int avrule_cpy(avrule_t *dest, const avrule_t *src)
 	src_perms = src->perms;
 	while (src_perms) {
 		dest_perms = (class_perm_node_t *) calloc(1, sizeof(class_perm_node_t));
-		class_perm_node_init(dest_perms);
 		if (!dest_perms) {
 			yyerror("out of memory");
 			return -1;
 		}
+		class_perm_node_init(dest_perms);
+
 		if (!dest->perms)
 			dest->perms = dest_perms;
 		else