Commit d7f59dc4 authored Feb 27, 2009 by Paul Moore Committed by James Morris Mar 02, 2009

selinux: Fix a panic in selinux_netlbl_inode_permission()

Rick McNeal from LSI identified a panic in selinux_netlbl_inode_permission()
caused by a certain sequence of SUNRPC operations. The problem appears to be
due to the lack of NULL pointer checking in the function; this patch adds the
pointer checks so the function will exit safely in the cases where the socket
is not completely initialized.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>

parent 778ef1e6

security/selinux/netlabel.c

+3 −2

Original line number	Diff line number	Diff line
		@@ -386,11 +386,12 @@ int selinux_netlbl_inode_permission(struct inode *inode, int mask)
		if (!S_ISSOCK(inode->i_mode) \|\|
		((mask & (MAY_WRITE \| MAY_APPEND)) == 0))
		return 0;

		sock = SOCKET_I(inode);
		sk = sock->sk;
		if (sk == NULL)
		return 0;
		sksec = sk->sk_security;
		if (sksec->nlbl_state != NLBL_REQUIRE)
		if (sksec == NULL \|\| sksec->nlbl_state != NLBL_REQUIRE)
		return 0;

		local_bh_disable();