acbc372e6109c803cbee4733769d02008381740f - SHIFTPHONES/kernel/common

commit	acbc372e6109c803cbee4733769d02008381740f	[log] [tgz]
author	Ondrej Mosnacek <omosnace@redhat.com>	Tue Jul 23 08:50:59 2019 +0200
committer	Paul Moore <paul@paul-moore.com>	Wed Jul 24 11:13:34 2019 -0400
tree	4bccf1658aa986fd09d5d602a0b3073fdd44f6c5
parent	ea74a685ad819aeed316a9bae3d2a5bf762da82d [diff]

selinux: check sidtab limit before adding a new entry

We need to error out when trying to add an entry above SIDTAB_MAX in
sidtab_reverse_lookup() to avoid overflow on the odd chance that this
happens.

Cc: stable@vger.kernel.org
Fixes: ee1a84fdfeed ("selinux: overhaul sidtab to fix bug and improve performance")
Signed-off-by: Ondrej Mosnacek <omosnace@redhat.com>
Reviewed-by: Kees Cook <keescook@chromium.org>
Signed-off-by: Paul Moore <paul@paul-moore.com>

security/selinux/ss/sidtab.c[diff]

1 file changed

tree: 4bccf1658aa986fd09d5d602a0b3073fdd44f6c5