selinux: initialize structures

libsepol pointed out an issue where its possible to have
an unitialized jmp and invalid dereference, fix this.
While we're here, zero allocate all the *_val_to_struct
structures.

Signed-off-by: William Roberts <william.c.roberts@intel.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
This commit is contained in:
William Roberts 2016-08-23 13:49:24 -07:00 committed by Paul Moore
parent 74d977b65e
commit 3bc7bcf69b

View File

@ -541,21 +541,21 @@ static int policydb_index(struct policydb *p)
rc = -ENOMEM; rc = -ENOMEM;
p->class_val_to_struct = p->class_val_to_struct =
kmalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)), kzalloc(p->p_classes.nprim * sizeof(*(p->class_val_to_struct)),
GFP_KERNEL); GFP_KERNEL);
if (!p->class_val_to_struct) if (!p->class_val_to_struct)
goto out; goto out;
rc = -ENOMEM; rc = -ENOMEM;
p->role_val_to_struct = p->role_val_to_struct =
kmalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)), kzalloc(p->p_roles.nprim * sizeof(*(p->role_val_to_struct)),
GFP_KERNEL); GFP_KERNEL);
if (!p->role_val_to_struct) if (!p->role_val_to_struct)
goto out; goto out;
rc = -ENOMEM; rc = -ENOMEM;
p->user_val_to_struct = p->user_val_to_struct =
kmalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)), kzalloc(p->p_users.nprim * sizeof(*(p->user_val_to_struct)),
GFP_KERNEL); GFP_KERNEL);
if (!p->user_val_to_struct) if (!p->user_val_to_struct)
goto out; goto out;
@ -964,7 +964,7 @@ int policydb_context_isvalid(struct policydb *p, struct context *c)
* Role must be authorized for the type. * Role must be authorized for the type.
*/ */
role = p->role_val_to_struct[c->role - 1]; role = p->role_val_to_struct[c->role - 1];
if (!ebitmap_get_bit(&role->types, c->type - 1)) if (!role || !ebitmap_get_bit(&role->types, c->type - 1))
/* role may not be associated with type */ /* role may not be associated with type */
return 0; return 0;