diff options
| author | John Johansen <john.johansen@canonical.com> | 2022-09-25 07:34:07 +0200 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2022-10-03 23:49:04 +0200 |
| commit | 73c7e91c8bc98a5da94be62a9a4ba2793f86a97b (patch) | |
| tree | a138717e2eed235ba4b099d3d519b3e168affff4 /security/apparmor | |
| parent | apparmor: Fix doc comment for compute_fperms (diff) | |
| download | linux-73c7e91c8bc98a5da94be62a9a4ba2793f86a97b.tar.xz linux-73c7e91c8bc98a5da94be62a9a4ba2793f86a97b.zip | |
apparmor: Remove unnecessary size check when unpacking trans_table
The index into the trans_table has a max size of 2^24 bits which the
code was testing but this is unnecessary as unpack_array can only
unpack a table of 2^16 bits in size so the table unpacked will never
be larger than what can be indexed, and any test here is redundant.
Reported-by: kernel test robot <lkp@intel.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor')
| -rw-r--r-- | security/apparmor/policy_unpack.c | 10 |
1 files changed, 7 insertions, 3 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index ac9955ef5d4a..6deaeecb76fe 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -484,9 +484,13 @@ static bool unpack_trans_table(struct aa_ext *e, struct aa_str_table *strs) u16 size; int i; - if (unpack_array(e, NULL, &size) != TRI_TRUE || - size > (1 << 24)) - /* currently 2^24 bits entries 0-3 */ + if (unpack_array(e, NULL, &size) != TRI_TRUE) + /* + * Note: index into trans table array is a max + * of 2^24, but unpack array can only unpack + * an array of 2^16 in size atm so no need + * for size check here + */ goto fail; table = kcalloc(size, sizeof(char *), GFP_KERNEL); if (!table) |