diff options
| author | Massimiliano Pellizzer <mpellizzer.dev@gmail.com> | 2026-02-10 18:15:38 +0100 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2026-02-18 11:50:20 -0800 |
| commit | 08020dbe3125e936429e7966bf072e08fa964f36 (patch) | |
| tree | e2b82cbe2bc30094c6c9c767732166b03aa5a688 /security | |
| parent | 1b51bd761599b84e963d9cb510e7c7d8fbf9d1ee (diff) | |
apparmor: fix signedness bug in unpack_tags()
Smatch static checker warning:
security/apparmor/policy_unpack.c:966 unpack_pdb()
warn: unsigned 'unpack_tags(e, &pdb->tags, info)' is never less than zero.
unpack_tags() is declared with return type size_t (unsigned) but returns
negative errno values on failure. The caller in unpack_pdb() tests the
return with `< 0`, which is always false for an unsigned type, making
error handling dead code. Malformed tag data would be silently accepted
instead of causing a load failure.
Change return type of unpack_tags() from size_t to int to match the
functions's actual semantic.
Fixes: 3d28e2397af7 ("apparmor: add support loading per permission tagging")
Reported-by: Dan Carpenter <dan.carpenter@linaro.org>
Signed-off-by: Massimiliano Pellizzer <mpellizzer.dev@gmail.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/policy_unpack.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index e68adf39771f..dc908e1f5a88 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c @@ -835,7 +835,7 @@ fail_reset: } -static size_t unpack_tags(struct aa_ext *e, struct aa_tags_struct *tags, +static int unpack_tags(struct aa_ext *e, struct aa_tags_struct *tags, const char **info) { int error = -EPROTO; |
