Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6

* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/selinux-2.6:
  SELinux: add more validity checks on policy load
  SELinux: fix bug in new ebitmap code.
  SELinux: suppress a warning for 64k pages.

1 files changed, 7 insertions, 6 deletions

diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index 36a191e7004..e0760396903 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -211,26 +211,27 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp,
 	if (uctx->ctx_doi != XFRM_SC_ALG_SELINUX)
 		return -EINVAL;
 
-	if (uctx->ctx_len >= PAGE_SIZE)
+	str_len = uctx->ctx_len;
+	if (str_len >= PAGE_SIZE)
 		return -ENOMEM;
 
 	*ctxp = ctx = kmalloc(sizeof(*ctx) +
-			      uctx->ctx_len + 1,
+			      str_len + 1,
 			      GFP_KERNEL);
 
 	if (!ctx)
 		return -ENOMEM;
 
 	ctx->ctx_doi = uctx->ctx_doi;
-	ctx->ctx_len = uctx->ctx_len;
+	ctx->ctx_len = str_len;
 	ctx->ctx_alg = uctx->ctx_alg;
 
 	memcpy(ctx->ctx_str,
 	       uctx+1,
-	       ctx->ctx_len);
-	ctx->ctx_str[ctx->ctx_len] = 0;
+	       str_len);
+	ctx->ctx_str[str_len] = 0;
 	rc = security_context_to_sid(ctx->ctx_str,
-				     ctx->ctx_len,
+				     str_len,
 				     &ctx->ctx_sid);
 
 	if (rc)