On Thu, Apr 20, 2023 at 11:05 AM Christian Göttsche
<cgzones@xxxxxxxxxxxxxx> wrote:
>
> In case mls_context_cpy() fails due to OOM set the free'd pointer in
> context_cpy() to NULL to avoid it potentially being dereferenced or
> free'd again in future. Freeing a NULL pointer is well-defined and a
> hard NULL dereference crash is at least not exploitable and should give
> a workable stack trace.
>
> Fixes: 12b29f34558b ("selinux: support deferred mapping of contexts")
> Signed-off-by: Christian Göttsche <cgzones@xxxxxxxxxxxxxx>
> ---
> security/selinux/ss/context.h | 1 +
> 1 file changed, 1 insertion(+)
Merged into selinux/next.
Did you actually run into a problem where the system
crashed/panic'd/etc. due to this? I'll leave the fixes tag on this
since it is pretty minor, but generally I think it is best to reserve
the fixes tag for problems that can be triggered as a fixes tag
generally results in a stable backport, regardless of it is marked for
stable or not.
--
paul-moore.com
