Received: by 2002:a05:6a10:f347:0:0:0:0 with SMTP id d7csp4399925pxu; Mon, 21 Dec 2020 11:26:33 -0800 (PST) X-Google-Smtp-Source: ABdhPJzfjxiPekpGyROTv38LBAzx+JmxDLBjBYo7+U5ablTx5/PtpEoF6wsB0AmmR0aZRYGR1DBX X-Received: by 2002:aa7:cf85:: with SMTP id z5mr17449947edx.274.1608578793551; Mon, 21 Dec 2020 11:26:33 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1608578793; cv=none; d=google.com; s=arc-20160816; b=Vy+3E+rk4O3ulS1k8CIr3xk+N7fFG9uXpGr5MpuO6kAzxxGHxes3Uo+71B6YtU9uWx ezjvnxsZArR9AmShNCboqShs0D3XXJt37QlSABjbxERROpvRzx5luBpJL4KqgjQGtUFg Cg+AIW2lQkxeUiXh5Jv4e8kj0eidslvcBPYkb2Mhah16f5RuoamSIFa6AwInaTSyJ1Vl BmbCMv+gaeLJDiFn4QCIevPUwGCnF6mCdY+omkVEEi1vTn5vrTbRMASv31xZAa5x0f0X IpV2oP2/MHAbdHj6weauGzXu+PV9/18cFt1GqNT8jpdaiPolnjpzhI59vjpBln9obE8Q jflw== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:cc:to:subject:message-id:date:from:in-reply-to :references:mime-version:dkim-signature; bh=mQuxZifZFxzpeN594Key2sZk1el1zNmvudPhlUZwW1Y=; b=qVVHesDSBLIZscP8NAxYaqmcmES3a/DvfzMa85SoNRkLfbHM5DojSgjqNkdvcwOnRa Zr1C/yQVpmXge8IRuVmtZmZB/ZFB24o8v8OTtnEowwQdzA0Ymx6KShWdaHcho6Ozk4N/ 5yTcSpuqhPwNE0eOOlGlcDdE0fHXZ5nbOY6Hij2JK0QtY0tij2x460Aoirhy+ThachzQ e0lTnlrxJTkGiz7LIdpuwKF+unxeqshfA6EIPwG8yGorIWQatYUKaBJ7GLX/YzuGjNJJ QfC1V5RjkYDLAFsAPx7dJFspJ3magkq7HVsittiQPnmJs+Ut6HYDuX81nTtA7FpAYqHq ZVDg== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HAw8yyzn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id h19si8962683ejf.742.2020.12.21.11.26.09; Mon, 21 Dec 2020 11:26:33 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@google.com header.s=20161025 header.b=HAw8yyzn; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=REJECT sp=REJECT dis=NONE) header.from=google.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1726243AbgLUTXE (ORCPT + 99 others); Mon, 21 Dec 2020 14:23:04 -0500 Received: from lindbergh.monkeyblade.net ([23.128.96.19]:32972 "EHLO lindbergh.monkeyblade.net" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1725909AbgLUTXD (ORCPT ); Mon, 21 Dec 2020 14:23:03 -0500 Received: from mail-pl1-x632.google.com (mail-pl1-x632.google.com [IPv6:2607:f8b0:4864:20::632]) by lindbergh.monkeyblade.net (Postfix) with ESMTPS id 97EB3C061282 for ; Mon, 21 Dec 2020 11:22:23 -0800 (PST) Received: by mail-pl1-x632.google.com with SMTP id b8so6130103plx.0 for ; Mon, 21 Dec 2020 11:22:23 -0800 (PST) DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=20161025; h=mime-version:references:in-reply-to:from:date:message-id:subject:to :cc; bh=mQuxZifZFxzpeN594Key2sZk1el1zNmvudPhlUZwW1Y=; b=HAw8yyznlZSsLKdR4TxeC2GmLvH+tCmepsnEmbIf8429rxzsFkb7UWCH2+NdC5jdWW iWiFJPva918WVXQRDL9nl9bMo3gHfFKV3E+VYxLA+NLINRTVaOYUG7i807F9SfWYTK26 0y05aGJauYbJN2qftZGDwzMkp3zye5en7Sii2CiE/uRW0CXNVIHbzslGIE/IaX937y2c vhs9oR8JaeQ1+4do/4Oki4eE0+WPtukEjUfJp04YHQnXR2ajuGdfRf4jP9BDSEaSuvNo k1tcHB73LU6j3jRgMJUgzWlB98TNQP9MNpwSrm2RLp6hyVJqaU1Ud5X3F+PdNAcqAiXB sm4A== X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20161025; h=x-gm-message-state:mime-version:references:in-reply-to:from:date :message-id:subject:to:cc; bh=mQuxZifZFxzpeN594Key2sZk1el1zNmvudPhlUZwW1Y=; b=D5dZLDwq+Mjdc8SDHEpOo72TSsdgf7bp5AcW3/Vjd7s/8cULh3zq5kb/x9PRYnjVSz 21cW7OdZL0neLBO3CU6s/veUP6f6r2WKxHthjK0z8g8i0+9oSTfQrrGmq1GMfs0cQuC8 5BEqNisGuBt89Cy5yLNuTxb7u/Yxv9LZUsOFUFhCIciARGDwxXLDKsj68R1Fd0leTPFy /LqKAGTXjZlQAaDvNiokHD39ivIKoXmUJr3gmzSZYou2zx79pwCzlKfdisoiS4I4LdDA 17c5bQo9gPgByKabSmUZJd8UbEP7An7PbSZFL8yLSTXE5vBXghe/jYtUS1FnlHeLPpGh pfMA== X-Gm-Message-State: AOAM533oor7zH3Y40q8b0ihLT5XIVbupSW3UaGvKtvZZXLUcyuCgMo2h x+0q8XtBIaoraMP/VoT6B+VqRnsIRkZJDRQFh51NbixFDFbnWg== X-Received: by 2002:a17:90a:6ba4:: with SMTP id w33mr19113541pjj.32.1608578543011; Mon, 21 Dec 2020 11:22:23 -0800 (PST) MIME-Version: 1.0 References: <20201004142422.5717-1-trix@redhat.com> In-Reply-To: <20201004142422.5717-1-trix@redhat.com> From: Nick Desaulniers Date: Mon, 21 Dec 2020 11:22:11 -0800 Message-ID: Subject: Re: [PATCH] apparmor: fix error check To: Tom Rix Cc: john.johansen@canonical.com, James Morris , "Serge E. Hallyn" , Nathan Chancellor , linux-security-module@vger.kernel.org, LKML , clang-built-linux Content-Type: text/plain; charset="UTF-8" Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On Sun, Oct 4, 2020 at 7:24 AM wrote: > > From: Tom Rix > > clang static analysis reports this representative problem: > > label.c:1463:16: warning: Assigned value is garbage or undefined > label->hname = name; > ^ ~~~~ Right, so if aa_label_acntsxprint() fails, it won't assign to its first param. In the caller, this means assigning uninitialized memory (UB) when aa_label_acntsxprint() returns -ENOMEM for example. Thanks for the patch. Reviewed-by: Nick Desaulniers > > In aa_update_label_name(), this the problem block of code > > if (aa_label_acntsxprint(&name, ...) == -1) > return res; > > On failure, aa_label_acntsxprint() has a more complicated return > that just -1. So check for a negative return. > > It was also noted that the aa_label_acntsxprint() main comment refers > to a nonexistent parameter, so clean up the comment. > > Fixes: f1bd904175e8 ("apparmor: add the base fns() for domain labels") > Signed-off-by: Tom Rix > --- > security/apparmor/label.c | 4 ++-- > 1 file changed, 2 insertions(+), 2 deletions(-) > > diff --git a/security/apparmor/label.c b/security/apparmor/label.c > index e68bcedca976..6222fdfebe4e 100644 > --- a/security/apparmor/label.c > +++ b/security/apparmor/label.c > @@ -1454,7 +1454,7 @@ bool aa_update_label_name(struct aa_ns *ns, struct aa_label *label, gfp_t gfp) > if (label->hname || labels_ns(label) != ns) > return res; > > - if (aa_label_acntsxprint(&name, ns, label, FLAGS_NONE, gfp) == -1) > + if (aa_label_acntsxprint(&name, ns, label, FLAGS_NONE, gfp) < 0) > return res; > > ls = labels_set(label); > @@ -1704,7 +1704,7 @@ int aa_label_asxprint(char **strp, struct aa_ns *ns, struct aa_label *label, > > /** > * aa_label_acntsxprint - allocate a __counted string buffer and print label > - * @strp: buffer to write to. (MAY BE NULL if @size == 0) > + * @strp: buffer to write to. > * @ns: namespace profile is being viewed from > * @label: label to view (NOT NULL) > * @flags: flags controlling what label info is printed > -- > 2.18.1 > > -- > You received this message because you are subscribed to the Google Groups "Clang Built Linux" group. > To unsubscribe from this group and stop receiving emails from it, send an email to clang-built-linux+unsubscribe@googlegroups.com. > To view this discussion on the web visit https://groups.google.com/d/msgid/clang-built-linux/20201004142422.5717-1-trix%40redhat.com. -- Thanks, ~Nick Desaulniers