37 lines
1.1 KiB
Diff
37 lines
1.1 KiB
Diff
From f505a73b06302ba5e84f8c56851121d4a410c1ea Mon Sep 17 00:00:00 2001
|
|
From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= <cgzones@googlemail.com>
|
|
Date: Fri, 10 Jun 2022 17:06:23 +0200
|
|
Subject: [PATCH] libsepol: avoid potential NULL dereference on optional
|
|
parameter
|
|
MIME-Version: 1.0
|
|
Content-Type: text/plain; charset=UTF-8
|
|
Content-Transfer-Encoding: 8bit
|
|
Content-type: text/plain
|
|
|
|
The parameter `reason` of `context_struct_compute_av()` is optional and
|
|
can be passed in as NULL, like from `type_attribute_bounds_av()`.
|
|
|
|
Signed-off-by: Christian Göttsche <cgzones@googlemail.com>
|
|
Acked-by: James Carter <jwcart2@gmail.com>
|
|
---
|
|
libsepol/src/services.c | 3 ++-
|
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
|
|
|
diff --git a/libsepol/src/services.c b/libsepol/src/services.c
|
|
index d7510e9dae51..24412d8372d8 100644
|
|
--- a/libsepol/src/services.c
|
|
+++ b/libsepol/src/services.c
|
|
@@ -894,7 +894,8 @@ static void type_attribute_bounds_av(context_struct_t *scontext,
|
|
/* mask violated permissions */
|
|
avd->allowed &= ~masked;
|
|
|
|
- *reason |= SEPOL_COMPUTEAV_BOUNDS;
|
|
+ if (reason)
|
|
+ *reason |= SEPOL_COMPUTEAV_BOUNDS;
|
|
}
|
|
|
|
/*
|
|
--
|
|
2.38.1
|
|
|