Re: [PATCH -next] selinux: Add boundary check in put_entry()

Paul Moore <paul@xxxxxxxxxxxxxx> · Tue, 14 Jun 2022 21:53:37 -0400

On Mon, Jun 13, 2022 at 10:16 PM Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> wrote:
>
> Just like next_entry(), boundary check is necessary to prevent memory
> out-of-bound access.
>
> Signed-off-by: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
> ---
>  security/selinux/ss/policydb.h | 2 ++
>  1 file changed, 2 insertions(+)

It's not as critical here as it is for next_entry(), but it's still
not a bad idea.  Merged into selinux/next.

-- 
paul-moore.com