selinux: Augment BUG_ON assertion for secclass_map.

Ensure that we catch any cases where tclass == 0. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <pmoore@redhat.com>

selinux: Augment BUG_ON assertion for secclass_map.
Ensure that we catch any cases where tclass == 0. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: Paul Moore <pmoore@redhat.com>
bd1741f4 · Stephen Smalley · Paul Moore · 5dee25d0 · bd1741f4
Commit bd1741f4 authored Jul 10, 2015 by Stephen Smalley Committed by Paul Moore Jul 13, 2015
Hide whitespace changes
Inline Side-by-side

Showing with 2 additions and 1 deletion

security/selinux/avc.c security/selinux/avc.c +2 -1

No files found.
--- a/security/selinux/avc.c
+++ b/security/selinux/avc.c
@@ -116,6 +116,7 @@ static void avc_dump_av(struct audit_buffer *ab, u16 tclass, u32 av)
 		return;
 	}
+	BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
 	perms = secclass_map[tclass-1].perms;
 	audit_log_format(ab, " {");
@@ -164,7 +165,7 @@ static void avc_dump_query(struct audit_buffer *ab, u32 ssid, u32 tsid, u16 tcla
 		kfree(scontext);
 	}
-	BUG_ON(tclass >= ARRAY_SIZE(secclass_map));
+	BUG_ON(!tclass || tclass >= ARRAY_SIZE(secclass_map));
 	audit_log_format(ab, " tclass=%s", secclass_map[tclass-1].name);
 }