summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2015-07-10 23:19:57 +0200
committerPaul Moore <pmoore@redhat.com>2015-07-13 19:31:59 +0200
commitbd1741f4cf05d7709348f591d16eeb5f786de673 (patch)
tree282ed00d354dbd524846f1abe394c8c3b408c819 /security
parentselinux: initialize sock security class to default value (diff)
downloadlinux-bd1741f4cf05d7709348f591d16eeb5f786de673.tar.xz
linux-bd1741f4cf05d7709348f591d16eeb5f786de673.zip
selinux: Augment BUG_ON assertion for secclass_map.
Ensure that we catch any cases where tclass == 0. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security')
-rw-r--r--security/selinux/avc.c3
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c
index 2d5e1b04cd50..324acc62f7e0 100644
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -116,6 +116,7 @@ static void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
return;
}
+ BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
perms = secclass_map[tclass-1].perms;
audit_log_format(ab, " {");
@@ -164,7 +165,7 @@ static void avc_dump_query(struct audit_buffer *ab, u32 ssid, u32 tsid, u16 tcla
kfree(scontext);
}
- BUG_ON(tclass >= ARRAY_SIZE(secclass_map));
+ BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
audit_log_format(ab, " tclass=%s", secclass_map[tclass-1].name);
}