Re: [PATCH -next] selinux: Add boundary check in put_entry()
From: Paul Moore
Date: Tue Jun 14 2022 - 21:53:56 EST
On Mon, Jun 13, 2022 at 10:16 PM Xiu Jianfeng <xiujianfeng@xxxxxxxxxx> wrote:
>
> Just like next_entry(), boundary check is necessary to prevent memory
> out-of-bound access.
>
> Signed-off-by: Xiu Jianfeng <xiujianfeng@xxxxxxxxxx>
> ---
> security/selinux/ss/policydb.h | 2 ++
> 1 file changed, 2 insertions(+)
It's not as critical here as it is for next_entry(), but it's still
not a bad idea. Merged into selinux/next.
--
paul-moore.com