[PATCH] selinux: check for failed kmalloc in security_sid_to_context()

Check for NULL kmalloc return value before writing to it.

Signed-off-by: Serge E. Hallyn <serue@us.ibm.com>
Acked-by: James Morris <jmorris@namei.org>
Cc: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: Andrew Morton <akpm@osdl.org>
Signed-off-by: Linus Torvalds <torvalds@osdl.org>

diff --git a/security/selinux/ss/services.c b/security/selinux/ss/services.c
index 7177e98df7f33a4e06b521fbb2bb987150838246..c284dbb8b8c02fbba51aa562d5e4fd4551e641f3 100644 (file)
--- a/security/selinux/ss/services.c
+++ b/security/selinux/ss/services.c
@@ -594,6 +594,10 @@ int security_sid_to_context(u32 sid, char **scontext, u32 *scontext_len)
 
                        *scontext_len = strlen(initial_sid_to_string[sid]) + 1;
                        scontextp = kmalloc(*scontext_len,GFP_ATOMIC);
+                       if (!scontextp) {
+                               rc = -ENOMEM;
+                               goto out;
+                       }
                        strcpy(scontextp, initial_sid_to_string[sid]);
                        *scontext = scontextp;
                        goto out;