apparmor: fix missing error check for rhashtable_insert_fast

rhashtable_insert_fast() could return err value when memory allocation is
 failed. but unpack_profile() do not check values and this always returns
 success value. This patch just adds error check code.

Found by Linux Verification Center (linuxtesting.org) with SVACE.

Fixes: e025be0f26 ("apparmor: support querying extended trusted helper extra data")

Signed-off-by: Danila Chernetsov <listdansp@mail.ru>
Signed-off-by: John Johansen <john.johansen@canonical.com>
This commit is contained in:
Danila Chernetsov 2023-04-04 19:05:49 +00:00 committed by John Johansen
parent 6d7467957e
commit 000518bc5a
1 changed files with 7 additions and 2 deletions

View File

@ -1035,8 +1035,13 @@ static struct aa_profile *unpack_profile(struct aa_ext *e, char **ns_name)
goto fail; goto fail;
} }
rhashtable_insert_fast(profile->data, &data->head, if (rhashtable_insert_fast(profile->data, &data->head,
profile->data->p); profile->data->p)) {
kfree_sensitive(data->key);
kfree_sensitive(data);
info = "failed to insert data to table";
goto fail;
}
} }
if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) { if (!aa_unpack_nameX(e, AA_STRUCTEND, NULL)) {