diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 6321894561e04aac7e71adab2f94c4d84a2edade..9083e09b6b4e85d14c7976f03edf833f4336228a 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -313,9 +313,15 @@ static int superblock_doinit(struct super_block *sb) sbsec->initialized = 1; - printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n", - sb->s_id, sb->s_type->name, - labeling_behaviors[sbsec->behavior-1]); + if (sbsec->behavior > ARRAY_SIZE(labeling_behaviors)) { + printk(KERN_INFO "SELinux: initialized (dev %s, type %s), unknown behavior\n", + sb->s_id, sb->s_type->name); + } + else { + printk(KERN_INFO "SELinux: initialized (dev %s, type %s), %s\n", + sb->s_id, sb->s_type->name, + labeling_behaviors[sbsec->behavior-1]); + } /* Initialize the root inode. */ rc = inode_doinit_with_dentry(sb->s_root->d_inode, sb->s_root); diff --git a/security/selinux/ss/policydb.c b/security/selinux/ss/policydb.c index ace257310fa3a186cf5131b6df50a28de55d9503..d1ffecbbd117d7b7317f595b1716d4ad01151fab 100644 --- a/security/selinux/ss/policydb.c +++ b/security/selinux/ss/policydb.c @@ -1301,6 +1301,8 @@ int policydb_read(struct policydb *p, void *fp) if (!buf) goto bad; c->v.behavior = le32_to_cpu(buf[0]); + if (c->v.behavior > SECURITY_FS_USE_NONE) + goto bad; len = le32_to_cpu(buf[1]); buf = next_entry(fp, len); if (!buf)