diff mbox series

[Xen-devel,for-4.13] xen/xsm: flask: Check xmalloc_array() return in security_sid_to_context()

Message ID 20191004165646.14482-1-julien.grall@arm.com
State New
Headers show
Series [Xen-devel,for-4.13] xen/xsm: flask: Check xmalloc_array() return in security_sid_to_context() | expand

Commit Message

Julien Grall Oct. 4, 2019, 4:56 p.m. UTC
xmalloc_array() may return NULL if there are memory. Rather than trying
to deference it directly, we should check the return value first.

Coverity-ID: 1381852
Signed-off-by: Julien Grall <julien.grall@arm.com>
---
 xen/xsm/flask/ss/services.c | 2 ++
 1 file changed, 2 insertions(+)

Comments

Daniel De Graaf Oct. 4, 2019, 5:57 p.m. UTC | #1
On 10/4/19 12:56 PM, Julien Grall wrote:
> xmalloc_array() may return NULL if there are memory. Rather than trying
> to deference it directly, we should check the return value first.
> 
> Coverity-ID: 1381852
> Signed-off-by: Julien Grall <julien.grall@arm.com>
Acked-by: Daniel De Graaf <dgdegra@tycho.nsa.gov>
Jürgen Groß Oct. 7, 2019, 6:46 a.m. UTC | #2
On 04.10.19 18:56, Julien Grall wrote:
> xmalloc_array() may return NULL if there are memory. Rather than trying
> to deference it directly, we should check the return value first.
> 
> Coverity-ID: 1381852
> Signed-off-by: Julien Grall <julien.grall@arm.com>

Release-acked-by: Juergen Gross <jgross@suse.com>


Juergen
diff mbox series

Patch

diff --git a/xen/xsm/flask/ss/services.c b/xen/xsm/flask/ss/services.c
index b59928ea8a..42686535f2 100644
--- a/xen/xsm/flask/ss/services.c
+++ b/xen/xsm/flask/ss/services.c
@@ -775,6 +775,8 @@  int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
 
             *scontext_len = strlen(initial_sid_to_string[sid]) + 1;
             scontextp = xmalloc_array(char, *scontext_len);
+            if ( !scontextp )
+                return -ENOMEM;
             strlcpy(scontextp, initial_sid_to_string[sid], *scontext_len);
             *scontext = scontextp;
             goto out;