[patch 4/7] BSD Secure Levels: memory alloc failure check

From: Michael Halcrow
Date: Tue May 17 2005 - 10:32:33 EST


This is the fourth in a series of seven patches to the BSD Secure
Levels LSM. It adds a check for a memory allocation failure
condition. Thanks to Vesa-Matti J Kari for pointing out this problem.

Signed off by: Michael Halcrow <mhalcrow@xxxxxxxxxx>

Index: linux-2.6.12-rc4-mm2-seclvl/security/seclvl.c
===================================================================
--- linux-2.6.12-rc4-mm2-seclvl.orig/security/seclvl.c 2005-05-16 16:28:19.000000000 -0500
+++ linux-2.6.12-rc4-mm2-seclvl/security/seclvl.c 2005-05-16 16:28:29.000000000 -0500
@@ -310,7 +310,7 @@
static int
plaintext_to_sha1(unsigned char *hash, const char *plaintext, int len)
{
- char *pgVirtAddr;
+ char *pg_virt_addr;
struct crypto_tfm *tfm;
struct scatterlist sg[1];
if (len > PAGE_SIZE) {
@@ -327,16 +327,20 @@
}
// Just get a new page; don't play around with page boundaries
// and scatterlists.
- pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
- sg[0].page = virt_to_page(pgVirtAddr);
+ pg_virt_addr = (char *)__get_free_page(GFP_KERNEL);
+ if (!pg_virt_addr) {
+ seclvl_printk(0, KERN_ERR "%s: Out of memory\n", __FUNCTION__);
+ return -ENOMEM;
+ }
+ sg[0].page = virt_to_page(pg_virt_addr);
sg[0].offset = 0;
sg[0].length = len;
- strncpy(pgVirtAddr, plaintext, len);
+ strncpy(pg_virt_addr, plaintext, len);
crypto_digest_init(tfm);
crypto_digest_update(tfm, sg, 1);
crypto_digest_final(tfm, hash);
crypto_free_tfm(tfm);
- free_page((unsigned long)pgVirtAddr);
+ free_page((unsigned long)pg_virt_addr);
return 0;
}

-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/