Received: by 2002:a05:6a10:af89:0:0:0:0 with SMTP id iu9csp1248779pxb; Sat, 15 Jan 2022 06:58:25 -0800 (PST) X-Google-Smtp-Source: ABdhPJx6N3BS0J8a6MoJXP+AWIPmGV++PP6VJAwkMOLvHfZowz5FEvA4gq7R1IizaaGVy7gnw6L5 X-Received: by 2002:a63:d2:: with SMTP id 201mr12194731pga.56.1642258704801; Sat, 15 Jan 2022 06:58:24 -0800 (PST) ARC-Seal: i=1; a=rsa-sha256; t=1642258704; cv=none; d=google.com; s=arc-20160816; b=plyw35RNPZEgq50bz1331163Sr3g0GgQ0vfP/TXeopHwViLcxWgFKIkAPgEAj9NfGL iSU+AVn2LUSHIvaB8YB6guY65sdrptFP4tiYf/v175TpkwHxwkv9vx9asXtIcXqdHrXT 0j47Dq4BvPEUajAJ3d71HqRHOfisVjl55mm1IrHvrkXBICBCZFftAp3Pf7kxvmgPblpG GBgeNwHZQzHMhwDD0IEOPnNgsp6/ADyBSgjaUncYaCoHQ+SkulQ9KtbfHWz3RHrHRPXG LWlxoYxyqHal/3wdoHMHvI9VXxA8Nzd2StJ1p5aEvMnfuOAnC/3yqJZ09jdNyCNj6dER 6hxg== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=google.com; s=arc-20160816; h=list-id:precedence:content-transfer-encoding:mime-version:date :subject:cc:to:from:message-id:dkim-signature; bh=KtC2JAo9Zv4oft7XPe6btVLuXHfV817m3kIZSg+ZITY=; b=bwolsuRwa+Kh0a4Aj7wPgHAe6AcCzIKvlFVdmiUdExw46HVdIwYlkB7/786W3zHaxf NN2AubtBjamw51yZvwul3OUGqz4LZ1/xXveqYXAhR2M9jHELstmKF6FYyfSXVD9IDQNn GJNbpmhoDi2e8Alc5DMnHBin3gF+xQUfMpMZVJoDjNJE4zv7WootlFb1Lx3YQJNSbuDU jTsqo2AMq3teQdUbLvOzhXR0vv4G7iuxObK7/cjbh4uL689/mqeGS5I1Eh+3xOP0NvlA zK3mxlt7B5QUC5nM46qbkPLXBUQqCgL3gw2kFN2JE3mior3NeQmnZcYerojkLR9bwXn2 zM3A== ARC-Authentication-Results: i=1; mx.google.com; dkim=pass header.i=@foxmail.com header.s=s201512 header.b=Oh7AsDnP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Return-Path: Received: from vger.kernel.org (vger.kernel.org. [23.128.96.18]) by mx.google.com with ESMTP id ay6si8197324plb.367.2022.01.15.06.57.37; Sat, 15 Jan 2022 06:58:24 -0800 (PST) Received-SPF: pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) client-ip=23.128.96.18; Authentication-Results: mx.google.com; dkim=pass header.i=@foxmail.com header.s=s201512 header.b=Oh7AsDnP; spf=pass (google.com: domain of linux-kernel-owner@vger.kernel.org designates 23.128.96.18 as permitted sender) smtp.mailfrom=linux-kernel-owner@vger.kernel.org; dmarc=pass (p=NONE sp=NONE dis=NONE) header.from=foxmail.com Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S231894AbiAOBNu (ORCPT + 99 others); Fri, 14 Jan 2022 20:13:50 -0500 Received: from out162-62-57-210.mail.qq.com ([162.62.57.210]:58139 "EHLO out162-62-57-210.mail.qq.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S229775AbiAOBNt (ORCPT ); Fri, 14 Jan 2022 20:13:49 -0500 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=foxmail.com; s=s201512; t=1642209226; bh=KtC2JAo9Zv4oft7XPe6btVLuXHfV817m3kIZSg+ZITY=; h=From:To:Cc:Subject:Date; b=Oh7AsDnPr5IvUZGlxd+4VZ/tiMiGw2ffhQAgpDmUnnD3s8VUbFFs8S8exdRchof59 q2v22sEUkV0cDlfVUaQcCwxuFwUUpRolR6gDhhDM+Qd3FKs2Sx0ZUt7+33PzBWHgFE ltc96/3y0fb55JX8aI0LhFtfUuX2cvu4GfCP1mw0= Received: from localhost.localdomain ([218.197.153.188]) by newxmesmtplogicsvrsza9.qq.com (NewEsmtp) with SMTP id 2A006C80; Sat, 15 Jan 2022 09:10:32 +0800 X-QQ-mid: xmsmtpt1642209032t17m0k78d Message-ID: X-QQ-XMAILINFO: M7r/zttrUmlksvo2G1dU0x+495CKZ8lA2TaVTDWSgFeh18HvqEBmuBZFhXZFRt p6UboqGlj17odmJTwuN21U3hqVvkbgrsHmLeCTdzUOLJU5nJHOaVPojHZbQ2GHvXDE073hniUIdr amAX6Wmc1M6WKwnM4zeBYvizY+2ZGDxquComGTkU3PJp+xhIAEI43L1/SLKgsg2WUfJi0BpWSBeC B87XSERumlTLYgXg5gqyak9Q6ZlMQPL+P+ZnGBqj37vMlzAh139zrv4C5Mr3DodkHyFqh5SBgJqG PKKwH5/gae/j5n6EXCCjTpaXuk3tITYa4/I/r7gj1to2L1nZ7So1tcviQka9E8nkysMBEUlPDyb0 8gpYq/bSqYkBJfd9+ehg7yMltrve/ymP27jjTewlFkY3PSPYspcJSM1bS4STi+iZOltO2t5Ag631 ApfcAU2eJAP6PxbFuE9XWpd5rDfoC58xHY8wIczRgtsba6FNo8rFZYdTVuAexLQc8ruSsJiX8GtK tbsgByYjIeBJ0ubM1ZVkJ6CUfc4SSMTHWxXHr274r9uP9dPKzaLu+E4b7mBts8atf25T3ksIs2q1 lY7ze3P52yXLwiveaIPhOQGYK32uxDWnPmGdLgHHuJRtqkKteezNkDZqgM4vZuc39oaVVeZ/ODmK qz5b86eK8vHyQDdu7pLxJlJfbtvI0nstsfKgFtRE6PmphUyI0OBXTG5yFWp7bE8Z55U++Sib+0U8 Wtv2dTtp4F/gYpwl1Y4O1dtmXK+1ngBPqlBuerNLmHeChU5Da2PhcP798jeLeuvA7pAg77+1Bt6B CNe+uT3A1Dswy+pPojJSf/hOR0oWHEXT7nRepulZoDSl21NV8XnNtyHZrTsssq5QchzLDdfl/1ms sv5wzyp3hQ From: xkernel.wang@foxmail.com To: paul@paul-moore.com, stephen.smalley.work@gmail.com, eparis@parisplace.org Cc: selinux@vger.kernel.org, linux-kernel@vger.kernel.org, Xiaoke Wang Subject: [PATCH] selinux: check the return value of audit_log_start() Date: Sat, 15 Jan 2022 09:10:06 +0800 X-OQ-MSGID: <20220115011006.1881-1-xkernel.wang@foxmail.com> X-Mailer: git-send-email 2.33.0.windows.2 MIME-Version: 1.0 Content-Transfer-Encoding: 8bit Precedence: bulk List-ID: X-Mailing-List: linux-kernel@vger.kernel.org From: Xiaoke Wang audit_log_start() returns audit_buffer pointer on success or NULL on error. It is better to check the return value of it so to prevent potential memory access error. Signed-off-by: Xiaoke Wang --- security/selinux/ss/services.c | 12 +++++++----- 1 file changed, 7 insertions(+), 5 deletions(-) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index e5f1b27..759d878 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3277,11 +3277,13 @@ int security_sid_mls_copy(struct selinux_state *state, ab = audit_log_start(audit_context(), GFP_ATOMIC, AUDIT_SELINUX_ERR); - audit_log_format(ab, - "op=security_sid_mls_copy invalid_context="); - /* don't record NUL with untrusted strings */ - audit_log_n_untrustedstring(ab, s, len - 1); - audit_log_end(ab); + if (ab) { + audit_log_format(ab, + "op=security_sid_mls_copy invalid_context="); + /* don't record NUL with untrusted strings */ + audit_log_n_untrustedstring(ab, s, len - 1); + audit_log_end(ab); + } kfree(s); } goto out_unlock; --