diff options
author | Paul Moore <paul.moore@hp.com> | 2006-10-11 19:10:48 -0400 |
---|---|---|
committer | David S. Miller <davem@sunset.davemloft.net> | 2006-10-15 23:14:15 -0700 |
commit | bf0edf39296097f20c5fcc4919ed7d339194bd75 (patch) | |
tree | 0cde65c275cd7bab51c306cde3bf80487655f6ba /security/selinux/ss/mls.c | |
parent | 044a68ed8a692f643cf3c0a54c380a922584f34f (diff) | |
download | op-kernel-dev-bf0edf39296097f20c5fcc4919ed7d339194bd75.zip op-kernel-dev-bf0edf39296097f20c5fcc4919ed7d339194bd75.tar.gz |
NetLabel: better error handling involving mls_export_cat()
Upon inspection it looked like the error handling for mls_export_cat() was
rather poor. This patch addresses this by NULL'ing out kfree()'d pointers
before returning and checking the return value of the function everywhere
it is called.
Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/selinux/ss/mls.c')
-rw-r--r-- | security/selinux/ss/mls.c | 17 |
1 files changed, 14 insertions, 3 deletions
diff --git a/security/selinux/ss/mls.c b/security/selinux/ss/mls.c index c713af2..2cca8e2 100644 --- a/security/selinux/ss/mls.c +++ b/security/selinux/ss/mls.c @@ -640,8 +640,13 @@ int mls_export_cat(const struct context *context, { int rc = -EPERM; - if (!selinux_mls_enabled) + if (!selinux_mls_enabled) { + *low = NULL; + *low_len = 0; + *high = NULL; + *high_len = 0; return 0; + } if (low != NULL) { rc = ebitmap_export(&context->range.level[0].cat, @@ -661,10 +666,16 @@ int mls_export_cat(const struct context *context, return 0; export_cat_failure: - if (low != NULL) + if (low != NULL) { kfree(*low); - if (high != NULL) + *low = NULL; + *low_len = 0; + } + if (high != NULL) { kfree(*high); + *high = NULL; + *high_len = 0; + } return rc; } |