From: Paul Moore Date: Fri, 17 Nov 2006 22:38:50 +0000 (-0500) Subject: NetLabel: return the correct error for translated CIPSOv4 tags X-Git-Tag: v2.6.20-rc1~34^2~40^2~276 X-Git-Url: https://err.no/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=9fade4bf8eed3db2fd1306968da4d51bc611aca3;p=linux-2.6 NetLabel: return the correct error for translated CIPSOv4 tags The CIPSOv4 translated tag #1 mapping does not always return the correct error code if the desired mapping does not exist; instead of returning -EPERM it returns -ENOSPC indicating that the buffer is not large enough to hold the translated value. This was caused by failing to check a specific error condition. This patch fixes this so that unknown mappings return -EPERM which is consistent with the rest of the related CIPSOv4 code. Signed-off-by: Paul Moore Signed-off-by: James Morris --- diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c index a056278ad6..c305de6fa2 100644 --- a/net/ipv4/cipso_ipv4.c +++ b/net/ipv4/cipso_ipv4.c @@ -867,6 +867,8 @@ static int cipso_v4_map_cat_rbm_hton(const struct cipso_v4_doi *doi_def, return -EPERM; net_spot = host_cat_array[host_spot]; + if (net_spot >= CIPSO_V4_INV_CAT) + return -EPERM; if (net_spot >= net_clen_bits) return -ENOSPC; cipso_v4_bitmap_setbit(net_cat, net_spot, 1); @@ -935,6 +937,8 @@ static int cipso_v4_map_cat_rbm_ntoh(const struct cipso_v4_doi *doi_def, return -EPERM; host_spot = net_cat_array[net_spot]; + if (host_spot >= CIPSO_V4_INV_CAT) + return -EPERM; if (host_spot >= host_clen_bits) return -ENOSPC; cipso_v4_bitmap_setbit(host_cat, host_spot, 1);