Prevent inserting more than the supported U32_MAX number of entries.
Signed-off-by: Christian Göttsche <[email protected]>
---
security/selinux/ss/avtab.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
diff --git a/security/selinux/ss/avtab.c b/security/selinux/ss/avtab.c
index fbf51986afcf..9c150fba3fa6 100644
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -110,7 +110,7 @@ static int avtab_insert(struct avtab *h, const struct avtab_key *key,
struct avtab_node *prev, *cur, *newnode;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
- if (!h || !h->nslot)
+ if (!h || !h->nslot || h->nel == U32_MAX)
return -EINVAL;
hvalue = avtab_hash(key, h->mask);
@@ -156,7 +156,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h,
struct avtab_node *prev, *cur;
u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);
- if (!h || !h->nslot)
+ if (!h || !h->nslot || h->nel == U32_MAX)
return NULL;
hvalue = avtab_hash(key, h->mask);
for (prev = NULL, cur = h->htable[hvalue];
--
2.40.1
On Jul 6, 2023 =?UTF-8?q?Christian=20G=C3=B6ttsche?= <[email protected]> wrote:
>
> Prevent inserting more than the supported U32_MAX number of entries.
>
> Signed-off-by: Christian Göttsche <[email protected]>
> ---
> security/selinux/ss/avtab.c | 4 ++--
> 1 file changed, 2 insertions(+), 2 deletions(-)
Merged into selinux/next, thanks!
--
paul-moore.com