selinux: avoid avtab overflows

Prevent inserting more than the supported U32_MAX number of entries. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>

selinux: avoid avtab overflows
Prevent inserting more than the supported U32_MAX number of entries. Signed-off-by: Christian Göttsche <cgzones@googlemail.com> Signed-off-by: Paul Moore <paul@paul-moore.com>
f785c541 · Christian Göttsche · Paul Moore · bbea03f4 · f785c541
Commit f785c541 authored Jul 06, 2023 by Christian Göttsche Committed by Paul Moore Jul 18, 2023
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 2 deletions

security/selinux/ss/avtab.c security/selinux/ss/avtab.c +2 -2

No files found.
--- a/security/selinux/ss/avtab.c
+++ b/security/selinux/ss/avtab.c
@@ -110,7 +110,7 @@ static int avtab_insert(struct avtab *h, const struct avtab_key *key,
 	struct avtab_node *prev, *cur, *newnode;
 	u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);

-	if (!h || !h->nslot)
+	if (!h || !h->nslot || h->nel == U32_MAX)
 		return -EINVAL;

 	hvalue = avtab_hash(key, h->mask);
@@ -156,7 +156,7 @@ struct avtab_node *avtab_insert_nonunique(struct avtab *h,
 	struct avtab_node *prev, *cur;
 	u16 specified = key->specified & ~(AVTAB_ENABLED|AVTAB_ENABLED_OLD);

-	if (!h || !h->nslot)
+	if (!h || !h->nslot || h->nel == U32_MAX)
 		return NULL;
 	hvalue = avtab_hash(key, h->mask);
 	for (prev = NULL, cur = h->htable[hvalue];