Commit 282c1f5e authored Oct 23, 2005 by Stephen Smalley Committed by Linus Torvalds Oct 23, 2005

[PATCH] selinux: Fix NULL deref in policydb_destroy



This patch fixes a possible NULL dereference in policydb_destroy, where
p->type_attr_map can be NULL if policydb_destroy is called to clean up a
partially loaded policy upon an error during policy load.  Please apply.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

parent 8766ce41

security/selinux/ss/policydb.c

+4 −2

Original line number	Diff line number	Diff line
		@@ -650,8 +650,10 @@ void policydb_destroy(struct policydb *p)
		}
		if (lrt) kfree(lrt);

		if (p->type_attr_map) {
		for (i = 0; i < p->p_types.nprim; i++)
		ebitmap_destroy(&p->type_attr_map[i]);
		}
		kfree(p->type_attr_map);

		return;