korg/linux
0
0
Fork 0
mirror of https://mirrors.bfsu.edu.cn/git/linux.git synced 2024-11-11 12:28:41 +08:00
Code Issues Packages Projects Releases Wiki Activity

selinux: check for multiplication overflow in put_entry()

Browse Source 
The function is always inlined and most of the time both relevant
arguments are compile time constants, allowing compilers to elide the
check.  Also the function is part of outputting the policy, which is not
performance critical.

Also convert the type of the third parameter into a size_t, since it
should always be a non-negative number of elements.

Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
Christian Göttsche 2023-07-06 15:23:16 +02:00 committed by Paul Moore
parent 5b0eea835d
commit bbea03f474
1 changed files with 5 additions and 2 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

7
security/selinux/ss/policydb.h
View File

@ -366,9 +366,12 @@ static inline int next_entry(void *buf, struct policy_file *fp, size_t bytes)
return 0;
}
static inline int put_entry(const void *buf, size_t bytes, int num, struct policy_file *fp)
static inline int put_entry(const void *buf, size_t bytes, size_t num, struct policy_file *fp)
{
size_t len = bytes * num;
size_t len;
if (unlikely(check_mul_overflow(bytes, num, &len)))
return -EINVAL;
if (len > fp->len)
return -EINVAL;