The function audit_log_start() can fail, so its return value should be checked against NULL. Signed-off-by: Li Zhong <floridsleeves@xxxxxxxxx> --- security/selinux/ss/services.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c index fe5fcf571c56..41d4c4ed93b7 100644 --- a/security/selinux/ss/services.c +++ b/security/selinux/ss/services.c @@ -3271,6 +3271,9 @@ int security_sid_mls_copy(struct selinux_state *state, ab = audit_log_start(audit_context(), GFP_ATOMIC, AUDIT_SELINUX_ERR); + if (!ab) + goto out_unlock; + audit_log_format(ab, "op=security_sid_mls_copy invalid_context="); /* don't record NUL with untrusted strings */ -- 2.25.1
