aboutsummaryrefslogtreecommitdiffstats
path: root/net/ipv4
diff options
context:
space:
mode:
authorPaul Moore <paul.moore@hp.com>2006-11-17 17:38:50 -0500
committerDavid S. Miller <davem@sunset.davemloft.net>2006-12-02 21:24:11 -0800
commit9fade4bf8eed3db2fd1306968da4d51bc611aca3 (patch)
tree29aa9d8d4b658dd160bc35af3678b4d1113e1577 /net/ipv4
parent91b1ed0afdbffbda88c472ef72af37e19b7876fb (diff)
downloadkernel_samsung_smdk4412-9fade4bf8eed3db2fd1306968da4d51bc611aca3.zip
kernel_samsung_smdk4412-9fade4bf8eed3db2fd1306968da4d51bc611aca3.tar.gz
kernel_samsung_smdk4412-9fade4bf8eed3db2fd1306968da4d51bc611aca3.tar.bz2
NetLabel: return the correct error for translated CIPSOv4 tags
The CIPSOv4 translated tag #1 mapping does not always return the correct error code if the desired mapping does not exist; instead of returning -EPERM it returns -ENOSPC indicating that the buffer is not large enough to hold the translated value. This was caused by failing to check a specific error condition. This patch fixes this so that unknown mappings return -EPERM which is consistent with the rest of the related CIPSOv4 code. Signed-off-by: Paul Moore <paul.moore@hp.com> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'net/ipv4')
-rw-r--r--net/ipv4/cipso_ipv4.c4
1 files changed, 4 insertions, 0 deletions
diff --git a/net/ipv4/cipso_ipv4.c b/net/ipv4/cipso_ipv4.c
index a056278..c305de6 100644
--- a/net/ipv4/cipso_ipv4.c
+++ b/net/ipv4/cipso_ipv4.c
@@ -867,6 +867,8 @@ static int cipso_v4_map_cat_rbm_hton(const struct cipso_v4_doi *doi_def,
return -EPERM;
net_spot = host_cat_array[host_spot];
+ if (net_spot >= CIPSO_V4_INV_CAT)
+ return -EPERM;
if (net_spot >= net_clen_bits)
return -ENOSPC;
cipso_v4_bitmap_setbit(net_cat, net_spot, 1);
@@ -935,6 +937,8 @@ static int cipso_v4_map_cat_rbm_ntoh(const struct cipso_v4_doi *doi_def,
return -EPERM;
host_spot = net_cat_array[net_spot];
+ if (host_spot >= CIPSO_V4_INV_CAT)
+ return -EPERM;
if (host_spot >= host_clen_bits)
return -ENOSPC;
cipso_v4_bitmap_setbit(host_cat, host_spot, 1);