[patch] Smack: harmless underflow in smk_set_cipso()

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

 



This causes a static checker warning because "maplevel" is set by the
user and we cap the upper bound but not the lower bound.  It seems
harmless to me and it's root only but we may as well make the static
checker happy.

Also checkpatch complains that we should use kstrtouint() instead of
sscanf here.

Signed-off-by: Dan Carpenter <dan.carpenter@xxxxxxxxxx>

diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index 94bd9e4..ebb1241 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -862,7 +862,7 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
 	struct smack_known *skp;
 	struct netlbl_lsm_secattr ncats;
 	char mapcatset[SMK_CIPSOLEN];
-	int maplevel;
+	unsigned int maplevel;
 	unsigned int cat;
 	int catlen;
 	ssize_t rc = -EINVAL;
@@ -912,8 +912,8 @@ static ssize_t smk_set_cipso(struct file *file, const char __user *buf,
 	else
 		rule += strlen(skp->smk_known) + 1;
 
-	ret = sscanf(rule, "%d", &maplevel);
-	if (ret != 1 || maplevel > SMACK_CIPSO_MAXLEVEL)
+	ret = kstrtouint(rule, 10, &maplevel);
+	if (ret || maplevel > SMACK_CIPSO_MAXLEVEL)
 		goto out;
 
 	rule += SMK_DIGITLEN;
--
To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at  http://vger.kernel.org/majordomo-info.html



[Index of Archives]     [Kernel Development]     [Kernel Announce]     [Kernel Newbies]     [Linux Networking Development]     [Share Photos]     [IDE]     [Security]     [Git]     [Netfilter]     [Yosemite News]     [MIPS Linux]     [ARM Linux]     [Device Mapper]

  Powered by Linux