[PATCH 02/12] NetLabel: convert a BUG_ON in the CIPSO code to a runtime check

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

To: Linus Torvalds <torvalds@...>

Cc: <linux-kernel@...>, Stephen Smalley <sds@...>, David S. Miller <davem@...>

Subject: [PATCH 02/12] NetLabel: convert a BUG_ON in the CIPSO code to a runtime check

Date: Thursday, April 26, 2007 - 2:04 am

From: Paul Moore <paul.moore@hp.com>

This patch changes a BUG_ON in the CIPSO code to a runtime check.  It should
also increase the readability of the code as it replaces an unexplained
constant with a well defined macro.

Signed-off-by: Paul Moore <paul.moore@hp.com>
Signed-off-by: James Morris <jmorris@namei.org>
---
 net/ipv4/cipso_ipv4.c |    4 +++-
 1 files changed, 3 insertions(+), 1 deletions(-)

diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index d466bd5..6afc398 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -1142,7 +1142,9 @@ static int cipso_v4_map_cat_rng_hton(const struct cipso_v4_doi *doi_def,
 	u32 cat_size = 0;
 
 	/* make sure we don't overflow the 'array[]' variable */
-	BUG_ON(net_cat_len > 30);
+	if (net_cat_len >
+	    (CIPSO_V4_OPT_LEN_MAX - CIPSO_V4_HDR_LEN - CIPSO_V4_TAG_RNG_BLEN))
+		return -ENOSPC;
 
 	for (;;) {
 		iter = netlbl_secattr_catmap_walk(secattr->mls_cat, iter + 1);
-- 
1.5.0.6

-
unsubscribe noticeTo unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

[PATCH 0/12] SELinux patches for 2.6.22, James Morris, (Thu Apr 26, 2:02 am)

[PATCH 12/12] selinux: preserve boolean values across policy..., James Morris, (Thu Apr 26, 2:12 am)

[PATCH 11/12] selinux: change numbering of boolean directory..., James Morris, (Thu Apr 26, 2:11 am)

[PATCH 10/12] selinux: remove unused enumeration constant fr..., James Morris, (Thu Apr 26, 2:10 am)

[PATCH 09/12] selinux: explicitly number all selinuxfs inodes, James Morris, (Thu Apr 26, 2:10 am)

[PATCH 08/12] selinux: export initial SID contexts via selin..., James Morris, (Thu Apr 26, 2:09 am)

[PATCH 07/12] selinux: remove userland security class and pe..., James Morris, (Thu Apr 26, 2:08 am)

[PATCH 06/12] SELinux: move security_skb_extlbl_sid() out of..., James Morris, (Thu Apr 26, 2:08 am)

[PATCH 05/12] MAINTAINERS: update selinux entry, James Morris, (Thu Apr 26, 2:07 am)

[PATCH 04/12] SELinux: rename selinux_netlabel.h to netlabel.h, James Morris, (Thu Apr 26, 2:06 am)

[PATCH 03/12] SELinux: extract the NetLabel SELinux support ..., James Morris, (Thu Apr 26, 2:05 am)

[PATCH 02/12] NetLabel: convert a BUG_ON in the CIPSO code t..., James Morris, (Thu Apr 26, 2:04 am)

[PATCH 01/12] NetLabel: cleanup and document CIPSO constants, James Morris, (Thu Apr 26, 2:03 am)


linux-kernel:
Greg Kroah-Hartman	[PATCH 002/196] Chinese: rephrase English introduction in HOWTO
David Brown	Re: Linux 2.6.21-rc2
James Bottomley	Re: Integration of SCST in the mainstream Linux kernel
Justin C. Sherrill	Re: dragonflybsd.org website link?
git:

linux-netdev:
Ben Hutchings	Re: [GIT]: Networking

Gerrit Renker	[PATCH 15/37] dccp: Set per-connection CCIDs via socket options
Jarek Poplawski	Re: [PATCH] pkt_sched: Destroy gen estimators under rtnl_lock().
openbsd-misc:

[PATCH 02/12] NetLabel: convert a BUG_ON in the CIPSO code to a runtime check

Online users