ia64/xen-unstable

changeset 15640:f45c9f122e0e

[ACM] Check boundary conditions of passed parameters before accessing
an array with them.
Signed-off-by: Stefan Berger <stefanb@us.ibm.com>
author kfraser@localhost.localdomain
date Mon Jul 23 09:56:49 2007 +0100 (2007-07-23)
parents dae6a2790f6b
children c64f2a0dc2d7
files xen/acm/acm_simple_type_enforcement_hooks.c
line diff
     1.1 --- a/xen/acm/acm_simple_type_enforcement_hooks.c	Mon Jul 23 09:56:00 2007 +0100
     1.2 +++ b/xen/acm/acm_simple_type_enforcement_hooks.c	Mon Jul 23 09:56:49 2007 +0100
     1.3 @@ -40,13 +40,18 @@ struct ste_binary_policy ste_bin_pol;
     1.4  
     1.5  static inline int have_common_type (ssidref_t ref1, ssidref_t ref2) {
     1.6      int i;
     1.7 -    for( i = 0; i< ste_bin_pol.max_types; i++ )
     1.8 -        if ( ste_bin_pol.ssidrefs[ref1*ste_bin_pol.max_types + i] && 
     1.9 -             ste_bin_pol.ssidrefs[ref2*ste_bin_pol.max_types + i])
    1.10 -        {
    1.11 -            printkd("%s: common type #%02x.\n", __func__, i);
    1.12 -            return 1;
    1.13 -        }
    1.14 +
    1.15 +    if ( ref1 >= 0 && ref1 < ste_bin_pol.max_ssidrefs &&
    1.16 +         ref2 >= 0 && ref2 < ste_bin_pol.max_ssidrefs )
    1.17 +    {
    1.18 +        for( i = 0; i< ste_bin_pol.max_types; i++ )
    1.19 +            if ( ste_bin_pol.ssidrefs[ref1*ste_bin_pol.max_types + i] &&
    1.20 +                 ste_bin_pol.ssidrefs[ref2*ste_bin_pol.max_types + i])
    1.21 +            {
    1.22 +                printkd("%s: common type #%02x.\n", __func__, i);
    1.23 +                return 1;
    1.24 +            }
    1.25 +    }
    1.26      return 0;
    1.27  }
    1.28