Received: by 10.213.65.68 with SMTP id h4csp811177imn; Fri, 23 Mar 2018 17:24:31 -0700 (PDT) X-Google-Smtp-Source: AG47ELv6UaPYL1w07RNLSr3men/f1Dl7Z5hMxBd9WiCgq9RIeuHAUddu2s2gbV+HxoFoOxLfS45K X-Received: by 10.98.220.86 with SMTP id t83mr14393042pfg.60.1521851071703; Fri, 23 Mar 2018 17:24:31 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; t=1521851071; cv=none; d=google.com; s=arc-20160816; b=Z6kLX/FPJdAG7zCsXCW4PzHr8nr5G0ks5BbiEzaqOgdO7QlEF+3pN8zv/1QjEAH+Py 54J6GbM/u3n5y2KvcTIc3riHOyjQW4Czn3gLJjeqU6kbjlRF15oXs/VcQM1OJACr/mjb Io9VaSB+0iwOhmpCpBeLizRUZ0VZaihO2TQ7kPz3fGk08yFBaVk7ccmjSqViNF5dN5+j n+1qU3ICm4gNc/2xJJkfLn96yJJQU17y+FUZQu0iBj1Z9F8hzaO9f9DP6vpD1DKzpBYy Q2EkTHzhIvENTmuTULnDY6PWiJ25FdoYpG9hIOEM22vZPM9mV9xDHmzCPbA6xZkaCdP+ m/Fg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:sender:content-transfer-encoding :content-language:in-reply-to:mime-version:user-agent:date :message-id:organization:from:references:cc:to:subject :arc-authentication-results; bh=Hrj9mm1AEEOJ8zAsT6mhdDJQWv8OF3NYkyROnP3+Pt0=; b=fFxFd4AQhSNdgqkt0u7k7l3B3OpIlhoQW+jt9jzR+sFUYmMICEyLeSD++obB8bAPbJ uW4bBEWQOMslMyox40k+roPTC7nb2G1pS/eTQppkiwpGpbWSDOvLczNWw2U6WKHMRGge FSU9n2Ksq6cyoYjcPo4kbh3fsKnKy/3ndvRz7FFsX7/KFqvEPKzumhohuFgy+dXpyyI8 dAiNDZeFQZxwxu+ub5JSfkFNybp+YLW0WErOFHowmT8g76oSwkwQ0ZqYHs/ox/g26rOf J1L9/QMevherSs9dEXWx7ruuYjhFf86EnsbcnQoLI/TZOsVxlwEmwD1XjroX+EXnW+TV o78g== ARC-Authentication-Results: i=1; mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [209.132.180.67]) by mx.google.com with ESMTP id b189si4446242pgc.586.2018.03.23.17.24.17; Fri, 23 Mar 2018 17:24:31 -0700 (PDT) Received-SPF: pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) client-ip=209.132.180.67; Authentication-Results: mx.google.com; spf=pass (google.com: best guess record for domain of linux-kernel-owner@vger.kernel.org designates 209.132.180.67 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=fail (p=NONE sp=NONE dis=NONE) header.from=canonical.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1751926AbeCXAXV (ORCPT + 99 others); Fri, 23 Mar 2018 20:23:21 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:46342 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1751490AbeCXAXT (ORCPT ); Fri, 23 Mar 2018 20:23:19 -0400 Received: from c-67-171-182-217.hsd1.or.comcast.net ([67.171.182.217] helo=[10.254.165.226]) by youngberry.canonical.com with esmtpsa (TLS1.0:DHE_RSA_AES_128_CBC_SHA1:16) (Exim 4.76) (envelope-from ) id 1ezWxp-0000v6-Nh; Sat, 24 Mar 2018 00:23:18 +0000 Subject: Re: [PATCH][next] apparmor: fix error returns checks by making size a ssize_t To: Colin King , James Morris , "Serge E . Hallyn" , linux-security-module@vger.kernel.org Cc: kernel-janitors@vger.kernel.org, linux-kernel@vger.kernel.org References: <20180323233422.7856-1-colin.king@canonical.com> From: John Johansen Organization: Canonical Message-ID: Date: Fri, 23 Mar 2018 17:23:14 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:52.0) Gecko/20100101 Thunderbird/52.6.0 MIME-Version: 1.0 In-Reply-To: <20180323233422.7856-1-colin.king@canonical.com> Content-Type: text/plain; charset=utf-8 Content-Language: en-GB Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 03/23/2018 04:34 PM, Colin King wrote: > From: Colin Ian King > > Currently variable size is a unsigned size_t, hence comparisons to > see if it is less than zero (for error checking) will always be > false. Fix this by making size a ssize_t > > Detected by CoverityScan, CID#1466080 ("Unsigned compared against 0") > > Fixes: 8e51f9087f40 ("apparmor: Add support for attaching profiles via xattr, presence and value") > Signed-off-by: Colin Ian King Acked-by: John Johansen and pulled into apparmor-next > --- > security/apparmor/domain.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/apparmor/domain.c b/security/apparmor/domain.c > index 57cc892e05a2..590b7e8cd21c 100644 > --- a/security/apparmor/domain.c > +++ b/security/apparmor/domain.c > @@ -314,7 +314,7 @@ static int aa_xattrs_match(const struct linux_binprm *bprm, > struct aa_profile *profile, unsigned int state) > { > int i; > - size_t size; > + ssize_t size; > struct dentry *d; > char *value = NULL; > int value_size = 0, ret = profile->xattr_count; >