selinux: detect invalid ebitmap

When count is 0 and the highbit is not zero, the ebitmap is not valid and the internal node is not allocated. This causes issues when routines, like mls_context_isvalid() attempt to use the ebitmap_for_each_bit() and ebitmap_node_get_bit() as they assume a highbit > 0 will have a node allocated. Signed-off-by: William Roberts <william.c.roberts@intel.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
author: William Roberts <william.c.roberts@intel.com> 2016-08-23 13:49:23 -0700
committer: Paul Moore <paul@paul-moore.com> 2016-08-29 19:19:50 -0400
commit: 74d977b65e45bc9b536b429e7f3b5e3a8e459026 (patch)
tree: abec3a6c025f9b043f50d96ac632e279d2a1e8de /security/selinux/ss/ebitmap.c
parent: selinux: drop SECURITY_SELINUX_POLICYDB_VERSION_MAX (diff)
download: linux-dev-74d977b65e45bc9b536b429e7f3b5e3a8e459026.tar.xz
linux-dev-74d977b65e45bc9b536b429e7f3b5e3a8e459026.zip
1 files changed, 3 insertions, 0 deletions
diff --git a/security/selinux/ss/ebitmap.c b/security/selinux/ss/ebitmap.c
index 894b6cdc11c5..7d10e5d418bb 100644
--- a/security/selinux/ss/ebitmap.c
+++ b/security/selinux/ss/ebitmap.c
@@ -374,6 +374,9 @@ int ebitmap_read(struct ebitmap *e, void *fp)
 		goto ok;
 	}
 
+	if (e->highbit && !count)
+		goto bad;
+
 	for (i = 0; i < count; i++) {
 		rc = next_entry(&startbit, fp, sizeof(u32));
 		if (rc < 0) {
author	William Roberts <william.c.roberts@intel.com>	2016-08-23 13:49:23 -0700
committer	Paul Moore <paul@paul-moore.com>	2016-08-29 19:19:50 -0400
commit	74d977b65e45bc9b536b429e7f3b5e3a8e459026 (patch)
tree	abec3a6c025f9b043f50d96ac632e279d2a1e8de /security/selinux/ss/ebitmap.c
parent	selinux: drop SECURITY_SELINUX_POLICYDB_VERSION_MAX (diff)
download	linux-dev-74d977b65e45bc9b536b429e7f3b5e3a8e459026.tar.xz linux-dev-74d977b65e45bc9b536b429e7f3b5e3a8e459026.zip