[redhat-lspp] lspp 18 kernel released
Serge E. Hallyn
serue at us.ibm.com
Thu Apr 27 02:14:07 UTC 2006
Quoting Stephen Smalley (sds at tycho.nsa.gov):
> On Thu, 2006-04-20 at 21:38 -0500, Serge E. Hallyn wrote:
> > Well I doubt you ran out of memory so quickly, but the first problem I
> > see is that while audit_krule_to_data can return -ENOMEM,
> > audit_list and audit_list_rules only check for a NULL return.
> >
> > Another problem is
> > security/selinux/ss/services.c:security_sid_to_context doing strcpy into
> > a kmalloc'd buffer without checking kmalloc return value. GFP_MALLOC no
> > less.
>
> Hmm...good catch, although that only happens in the !ss_initialized
> (i.e. no policy loaded yet) code path. Looks like it went from
> GFP_KERNEL to GFP_ATOMIC in 2.6.6, but the failure to check the returned
> pointer seems to have been there from the beginning.
And the thing is I thought I'd run static analysis tools against those
files. Maybe I only ever hit hooks.c, cause this certainly should have
been caught. I'll do a run soon, though perhaps not tomorrow.
-serge
More information about the redhat-lspp
mailing list