diff options
| author | Georgia Garcia <georgia.garcia@canonical.com> | 2026-05-06 16:02:11 -0300 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2026-06-13 20:14:07 -0700 |
| commit | 7681ca43d2b1c776e62fe77e3167835fb1ab8319 (patch) | |
| tree | f6cf55be5d5054fa0c57ca33c2b13095e437b56c /security | |
| parent | 716d384ac7c905b719f3ce11cdb3a3d172c210fb (diff) | |
| download | ath-7681ca43d2b1c776e62fe77e3167835fb1ab8319.tar.gz | |
apparmor: fix NULL pointer dereference in unpack_pdb
pdb->dfa could be NULL if unpack_dfa fails, causing a NULL pointer
dereference.
Fixes: 2e12c5f06017 ("apparmor: add additional flags to extended permission.")
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
Signed-off-by: Manuel Diewald <manuel.diewald@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/policy_unpack.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 9f45d5513d2ca..3643c058d6f89 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -1045,7 +1045,7 @@ static int unpack_pdb(struct aa_ext *e, struct aa_policydb **policy, } /* accept2 is in some cases being allocated, even with perms */ - if (pdb->perms && !pdb->dfa->tables[YYTD_ID_ACCEPT2]) { + if (pdb->dfa && pdb->perms && !pdb->dfa->tables[YYTD_ID_ACCEPT2]) { /* add dfa flags table missing in v2 */ u32 noents = pdb->dfa->tables[YYTD_ID_ACCEPT]->td_lolen; u16 tdflags = pdb->dfa->tables[YYTD_ID_ACCEPT]->td_flags; |
