apparmor: fix missing error check for rhashtable_insert_fast
authorDanila Chernetsov <listdansp@mail.ru>
Tue, 4 Apr 2023 19:05:49 +0000 (19:05 +0000)
committerGreg Kroah-Hartman <gregkh@linuxfoundation.org>
Wed, 19 Jul 2023 14:22:07 +0000 (16:22 +0200)
[ Upstream commit 000518bc5aef25d3f703592a0296d578c98b1517 ]

 rhashtable_insert_fast() could return err value when memory allocation is
 failed. but unpack_profile() do not check values and this always returns
 success value. This patch just adds error check code.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: e025be0f26d5 ("apparmor: support querying extended trusted helper extra data")
Signed-off-by: Danila Chernetsov <listdansp@mail.ru>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Sasha Levin <sashal@kernel.org>
security/apparmor/policy_unpack.c

index 9d26bbb9013381573ea2cfe7d376cf54c8dd8f33..9c3fec2c7cf6bab925dcfe9eed31de7a97a8391c 100644 (file)
@@ -917,8 +917,13 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
                                goto fail;
                        }
 
-                       rhashtable_insert_fast(profile->data, &data->head,
-                                              profile->data->p);
+                       if (rhashtable_insert_fast(profile->data, &data->head,
+                                                  profile->data->p)) {
+                               kfree_sensitive(data->key);
+                               kfree_sensitive(data);
+                               info = "failed to insert data to table";
+                               goto fail;
+                       }
                }
 
                if (!unpack_nameX(e, AA_STRUCTEND, NULL)) {