From d7f59dc4642ce2fc7b79fcd4ec02ffce7f21eb02 Mon Sep 17 00:00:00 2001 From: Paul Moore Date: Fri, 27 Feb 2009 15:00:03 -0500 Subject: selinux: Fix a panic in selinux_netlbl_inode_permission() Rick McNeal from LSI identified a panic in selinux_netlbl_inode_permission() caused by a certain sequence of SUNRPC operations. The problem appears to be due to the lack of NULL pointer checking in the function; this patch adds the pointer checks so the function will exit safely in the cases where the socket is not completely initialized. Signed-off-by: Paul Moore Signed-off-by: James Morris --- security/selinux/netlabel.c | 5 +++-- 1 file changed, 3 insertions(+), 2 deletions(-) (limited to 'security/selinux') diff --git a/security/selinux/netlabel.c b/security/selinux/netlabel.c index 3f4b266..350794a 100644 --- a/security/selinux/netlabel.c +++ b/security/selinux/netlabel.c @@ -386,11 +386,12 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask) if (!S_ISSOCK(inode->i_mode) || ((mask & (MAY_WRITE | MAY_APPEND)) == 0)) return 0; - sock = SOCKET_I(inode); sk = sock->sk; + if (sk == NULL) + return 0; sksec = sk->sk_security; - if (sksec->nlbl_state != NLBL_REQUIRE) + if (sksec == NULL || sksec->nlbl_state != NLBL_REQUIRE) return 0; local_bh_disable(); -- cgit v1.1