]> nv-tegra.nvidia Code Review - linux-3.10.git/commitdiff
[PATCH] selinux: Fix NULL deref in policydb_destroy
authorStephen Smalley <sds@tycho.nsa.gov>
Sun, 23 Oct 2005 19:57:15 +0000 (12:57 -0700)
committerLinus Torvalds <torvalds@g5.osdl.org>
Sun, 23 Oct 2005 23:38:38 +0000 (16:38 -0700)
This patch fixes a possible NULL dereference in policydb_destroy, where
p->type_attr_map can be NULL if policydb_destroy is called to clean up a
partially loaded policy upon an error during policy load.  Please apply.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Acked-by: James Morris <jmorris@namei.org>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>
security/selinux/ss/policydb.c

index 0a758323a9cf61b10678d7308a87fc05316129cf..8e6262d12aa9bfaa97d3641946d6ae32fa132e54 100644 (file)
@@ -650,8 +650,10 @@ void policydb_destroy(struct policydb *p)
        }
        if (lrt) kfree(lrt);
 
-       for (i = 0; i < p->p_types.nprim; i++)
-               ebitmap_destroy(&p->type_attr_map[i]);
+       if (p->type_attr_map) {
+               for (i = 0; i < p->p_types.nprim; i++)
+                       ebitmap_destroy(&p->type_attr_map[i]);
+       }
        kfree(p->type_attr_map);
 
        return;