mirrors/linux-stable
1
0
Fork 0
mirror of https://git.kernel.org/pub/scm/linux/kernel/git/stable/linux.git synced 2024-08-22 17:01:14 +00:00
Code Issues Releases Wiki Activity
linux-stable/security
History
Tom Rix 8a2644526a selinux: initialize proto variable in selinux_ip_postroute_compat() 
commit 732bc2ff08 upstream.

Clang static analysis reports this warning

hooks.c:5765:6: warning: 4th function call argument is an uninitialized
                value
        if (selinux_xfrm_postroute_last(sksec->sid, skb, &ad, proto))
            ^~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

selinux_parse_skb() can return ok without setting proto.  The later call
to selinux_xfrm_postroute_last() does an early check of proto and can
return ok if the garbage proto value matches.  So initialize proto.

Cc: stable@vger.kernel.org
Fixes: eef9b41622 ("selinux: cleanup selinux_xfrm_sock_rcv_skb() and selinux_xfrm_postroute_last()")
Signed-off-by: Tom Rix <trix@redhat.com>
[PM: typo/spelling and checkpatch.pl description fixes]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2022-01-05 12:33:48 +01:00
..
apparmor apparmor: fix error check 2021-11-26 11:40:34 +01:00
integrity evm: mark evm_fixmode as __ro_after_init 2021-11-26 11:40:23 +01:00
keys KEYS: trusted: Fix migratable=1 failing 2021-03-03 18:22:52 +01:00
loadpin security: mark LSM hooks as __ro_after_init 2017-03-06 11:00:15 +11:00
selinux selinux: initialize proto variable in selinux_ip_postroute_compat() 2022-01-05 12:33:48 +01:00
smack smackfs: use netlbl_cfg_cipsov4_del() for deleting cipso_v4_doi 2021-11-26 11:40:31 +01:00
tomoyo License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
yama Yama: Check for pid death before checking ancestry 2019-01-23 08:09:48 +01:00
commoncap.c security: commoncap: fix -Wstringop-overread warning 2021-05-22 10:57:21 +02:00
device_cgroup.c device_cgroup: fix RCU imbalance in error case 2019-04-27 09:35:40 +02:00
inode.c securityfs: fix use-after-free on symlink traversal 2019-05-25 18:25:34 +02:00
Kconfig /dev/mem: Add bounce buffer for copy-out 2018-03-24 11:01:24 +01:00
lsm_audit.c dump_common_audit_data(): fix racy accesses to ->d_name 2021-01-23 15:48:43 +01:00
Makefile License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
min_addr.c License cleanup: add SPDX GPL-2.0 license identifier to files with no license 2017-11-02 11:10:55 +01:00
security.c binder: use cred instead of task for selinux checks 2021-11-26 11:40:20 +01:00