summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorWei Yongjun <weiyongjun1@huawei.com>2016-09-10 09:43:48 +0200
committerPaul Moore <paul@paul-moore.com>2016-09-13 23:14:43 +0200
commit9b6a9ecc2d88ccdc57efc22d69436b9dd7e2eceb (patch)
tree40391e0237dd127fec6134c89fdb7667c8d58ebc
parentselinux: fix overflow and 0 length allocations (diff)
downloadlinux-9b6a9ecc2d88ccdc57efc22d69436b9dd7e2eceb.tar.xz
linux-9b6a9ecc2d88ccdc57efc22d69436b9dd7e2eceb.zip
selinux: fix error return code in policydb_read()
Fix to return error code -EINVAL from the error handling case instead of 0 (rc is overwrite to 0 when policyvers >= POLICYDB_VERSION_ROLETRANS), as done elsewhere in this function. Signed-off-by: Wei Yongjun <weiyongjun1@huawei.com> [PM: normalize "selinux" in patch subject, description line wrap] Signed-off-by: Paul Moore <paul@paul-moore.com>
-rw-r--r--security/selinux/ss/policydb.c1
1 files changed, 1 insertions, 0 deletions
diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c
index 8c661f0451ec..ace683838d80 100644
--- a/security/selinux/ss/policydb.c
+++ b/security/selinux/ss/policydb.c
@@ -2417,6 +2417,7 @@ int policydb_read(struct policydb *p, void *fp)
} else
tr->tclass = p->process_class;
+ rc = -EINVAL;
if (!policydb_role_isvalid(p, tr->role) ||
!policydb_type_isvalid(p, tr->type) ||
!policydb_class_isvalid(p, tr->tclass) ||