diff options
author | Stephen Smalley <sds@tycho.nsa.gov> | 2015-07-10 23:19:57 +0200 |
---|---|---|
committer | Paul Moore <pmoore@redhat.com> | 2015-07-13 19:31:59 +0200 |
commit | bd1741f4cf05d7709348f591d16eeb5f786de673 (patch) | |
tree | 282ed00d354dbd524846f1abe394c8c3b408c819 /security | |
parent | selinux: initialize sock security class to default value (diff) | |
download | linux-bd1741f4cf05d7709348f591d16eeb5f786de673.tar.xz linux-bd1741f4cf05d7709348f591d16eeb5f786de673.zip |
selinux: Augment BUG_ON assertion for secclass_map.
Ensure that we catch any cases where tclass == 0.
Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Diffstat (limited to 'security')
-rw-r--r-- | security/selinux/avc.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 2d5e1b04cd50..324acc62f7e0 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c @@ -116,6 +116,7 @@ static void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av) return; } + BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map)); perms = secclass_map[tclass-1].perms; audit_log_format(ab, " {"); @@ -164,7 +165,7 @@ static void avc_dump_query(struct audit_buffer *ab, u32 ssid, u32 tsid, u16 tcla kfree(scontext); } - BUG_ON(tclass >= ARRAY_SIZE(secclass_map)); + BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map)); audit_log_format(ab, " tclass=%s", secclass_map[tclass-1].name); } |