[prev in list] [next in list] [prev in thread] [next in thread] 

List:       linux-security-module
Subject:    BSD Secure Levels Update: memory alloc failure check [4/8]
From:       Michael Halcrow <mike () halcrow ! us>
Date:       2005-02-03 23:40:37
Message-ID: 20050203234037.GD7330 () halcrow ! us
[Download RAW message or body]

This is the fourth in a series of eight patches to the BSD Secure
Levels LSM.  It adds a check for a memory allocation failure
condition.  Thanks to Vesa-Matti J Kari for pointing out this problem.

Signed off by: Michael Halcrow <mhalcrow@us.ibm.com>

["seclvl_mem_alloc_check.patch" (text/plain)]

Index: linux-2.6.11-rc2-mm1-modules/security/seclvl.c
===================================================================
--- linux-2.6.11-rc2-mm1-modules.orig/security/seclvl.c	2005-02-03 15:37:26.231252048 -0600
+++ linux-2.6.11-rc2-mm1-modules/security/seclvl.c	2005-02-03 15:39:35.786556648 -0600
@@ -310,7 +310,7 @@
 static int
 plaintext_to_sha1(unsigned char *hash, const char *plaintext, int len)
 {
-	char *pgVirtAddr;
+	char *pg_virt_addr;
 	struct crypto_tfm *tfm;
 	struct scatterlist sg[1];
 	if (len > PAGE_SIZE) {
@@ -327,16 +327,20 @@
 	}
 	// Just get a new page; don't play around with page boundaries
 	// and scatterlists.
-	pgVirtAddr = (char *)__get_free_page(GFP_KERNEL);
-	sg[0].page = virt_to_page(pgVirtAddr);
+	pg_virt_addr = (char *)__get_free_page(GFP_KERNEL);
+	if (!pg_virt_addr) {
+		seclvl_printk(0, KERN_ERR "%s: Out of memory\n", __FUNCTION__);
+		return -ENOMEM;
+	}	
+	sg[0].page = virt_to_page(pg_virt_addr);
 	sg[0].offset = 0;
 	sg[0].length = len;
-	strncpy(pgVirtAddr, plaintext, len);
+	strncpy(pg_virt_addr, plaintext, len);
 	crypto_digest_init(tfm);
 	crypto_digest_update(tfm, sg, 1);
 	crypto_digest_final(tfm, hash);
 	crypto_free_tfm(tfm);
-	free_page((unsigned long)pgVirtAddr);
+	free_page((unsigned long)pg_virt_addr);
 	return 0;
 }
 


[prev in list] [next in list] [prev in thread] [next in thread]