Skip to content

Commit

Permalink
Smack: prevent underflow in smk_set_cipso()
Browse files Browse the repository at this point in the history 
We have an upper bound on "maplevel" but forgot to check for negative
values.

Fixes: e114e47 ("Smack: Simplified Mandatory Access Control Kernel")
Signed-off-by: Dan Carpenter <[email protected]>
Signed-off-by: Casey Schaufler <[email protected]>
  • Loading branch information
@cschaufler
Dan Carpenter authored and cschaufler committed Jul 27, 2020
1 parent a6bd4f6 commit 42a2df3
Showing 1 changed file with 1 addition and 1 deletion.
2 changes: 1 addition & 1 deletion security/smack/smackfs.c
View file
Original file line number Diff line number Diff line change
Expand Up @@ -884,7 +884,7 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
}

ret = sscanf(rule, "%d", &maplevel);
if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
if (ret != 1 || maplevel < 0 || maplevel > SMACK_CIPSO_MAXLEVEL)
goto out;

rule += SMK_DIGITLEN;
Expand Down

0 comments on commit 42a2df3

Please sign in to comment.