[PATCH 3.18 29/52] selinux: fix GPF on invalid policy

Greg Kroah-Hartman Thu, 24 Jan 2019 11:24:12 -0800

3.18-stable review patch.  If anyone has any objections, please let me know.


------------------

From: Stephen Smalley <s...@tycho.nsa.gov>

commit 5b0e7310a2a33c06edc7eb81ffc521af9b2c5610 upstream.

levdatum->level can be NULL if we encounter an error while loading
the policy during sens_read prior to initializing it.  Make sure
sens_destroy handles that case correctly.

Reported-by: syzbot+6664500f0f18f07a5...@syzkaller.appspotmail.com
Signed-off-by: Stephen Smalley <s...@tycho.nsa.gov>
Signed-off-by: Paul Moore <p...@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gre...@linuxfoundation.org>

---
 security/selinux/ss/policydb.c |    3 ++-
 1 file changed, 2 insertions(+), 1 deletion(-)

--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -717,7 +717,8 @@ static int sens_destroy(void *key, void
        kfree(key);
        if (datum) {
                levdatum = datum;
-               ebitmap_destroy(&levdatum->level->cat);
+               if (levdatum->level)
+                       ebitmap_destroy(&levdatum->level->cat);
                kfree(levdatum->level);
        }
        kfree(datum);

[PATCH 3.18 29/52] selinux: fix GPF on invalid policy

Reply via email to