[SELINUX]: Fix bug in security_sid_mls_copy · 4eb327b517 - Gogs

[SELINUX]: Fix bug in security_sid_mls_copy

The following fixes a bug where random mem is being tampered with in the
non-mls case; encountered by Jashua Brindle on a gentoo box.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>

Venkat Yekkirala 19 年之前

父節點

1616436601

當前提交

4eb327b517

共有 1 個文件被更改，包括 1 次插入 和 1 次删除

分割檢視顯示文件統計

						
							+ 1
							
							- 1
						
security/selinux/ss/services.c
							 
								查看文件
							
				@@ -1841,7 +1841,7 @@ int security_sid_mls_copy(u32 sid, u32 mls_sid, u32 *new_sid)
			
				 	u32 len;
			
				 	int rc = 0;
			
				-	if (!ss_initialized) {
			
				+	if (!ss_initialized || !selinux_mls_enabled) {
			
				 		*new_sid = sid;
			
				 		goto out;
			
				 	}