2022-08-20 08:31:34

by Li Zhong

Subject: [PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy()

The function audit_log_start() can fail, so its return value should be
checked against NULL.

Signed-off-by: Li Zhong <[email protected]>
---
security/selinux/ss/services.c | 3 +++
1 file changed, 3 insertions(+)

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index fe5fcf571c56..41d4c4ed93b7 100644
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -3271,6 +3271,9 @@ int security_sid_mls_copy(struct selinux_state *state,
ab = audit_log_start(audit_context(),
GFP_ATOMIC,
AUDIT_SELINUX_ERR);
+ if (!ab)
+ goto out_unlock;
+
audit_log_format(ab,
"op=security_sid_mls_copy invalid_context=");
/* don't record NUL with untrusted strings */
--
2.25.1

2022-08-20 14:34:46

by Paul Moore

Subject: Re: [PATCH v1] selinux/ss/services.c: check the return value of audit_log_start() in security_sid_mls_copy()

On Sat, Aug 20, 2022 at 4:26 AM lily <[email protected]> wrote:
>
> The function audit_log_start() can fail, so its return value should be
> checked against NULL.
>
> Signed-off-by: Li Zhong <[email protected]>
> ---
> security/selinux/ss/services.c | 3 +++
> 1 file changed, 3 insertions(+)

audit_log_start() can safely return NULL as the audit_log_*()
functions are designed to handle a NULL audit_buffer. This is an
expected behavior and not a bug.

--
paul-moore.com