apparmor: fix signedness bug in unpack_tags()

Smatch static checker warning: security/apparmor/policy_unpack.c:966 unpack_pdb() warn: unsigned 'unpack_tags(e, &pdb->tags, info)' is never less than zero. unpack_tags() is declared with return type size_t (unsigned) but returns negative errno values on failure. The caller in unpack_pdb() tests the return with `< 0`, which is always false for an unsigned type, making error handling dead code. Malformed tag data would be silently accepted instead of causing a load failure. Change return type of unpack_tags() from size_t to int to match the functions's actual semantic. Fixes: 3d28e2397a ("apparmor: add support loading per permission tagging") Reported-by: Dan Carpenter <dan.carpenter@linaro.org> Signed-off-by: Massimiliano Pellizzer <mpellizzer.dev@gmail.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
2026-03-08 01:04:41 +01:00 · 2026-02-10 18:15:38 +01:00 · 2026-02-10 18:15:38 +01:00 · 08020dbe31
commit 08020dbe31
parent 1b51bd7615
1 changed files with 1 additions and 1 deletions
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@ -835,7 +835,7 @@ fail_reset:
 }


-static size_t unpack_tags(struct aa_ext *e, struct aa_tags_struct *tags,
+static int unpack_tags(struct aa_ext *e, struct aa_tags_struct *tags,
 	const char **info)
 {
 	int error = -EPROTO;