lk/linux-kernel-test
1
0
Fork 0
Code Issues Pull Requests Releases Wiki Activity

SELinux: NULL terminate al contexts from disk

Browse Source 
When a context is pulled in from disk we don't know that it is null
terminated.  This patch forecebly null terminates contexts when we pull
them from disk.

Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by:  Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
This commit is contained in:
Eric Paris
2009-02-12 14:50:05 -05:00
committed by James Morris
parent 4ba0a8ad63
commit 4cb912f1d1
1 changed files with 4 additions and 2 deletions
Download Patch File Download Diff File Expand all files Collapse all files

6
security/selinux/hooks.c
View File

@@ -1270,12 +1270,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
} }
len = INITCONTEXTLEN; len = INITCONTEXTLEN;
context = kmalloc(len, GFP_NOFS); context = kmalloc(len+1, GFP_NOFS);
if (!context) { if (!context) {
rc = -ENOMEM; rc = -ENOMEM;
dput(dentry); dput(dentry);
goto out_unlock; goto out_unlock;
} }
context[len] = '\0';
rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
context, len); context, len);
if (rc == -ERANGE) { if (rc == -ERANGE) {
@@ -1288,12 +1289,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
} }
kfree(context); kfree(context);
len = rc; len = rc;
context = kmalloc(len, GFP_NOFS); context = kmalloc(len+1, GFP_NOFS);
if (!context) { if (!context) {
rc = -ENOMEM; rc = -ENOMEM;
dput(dentry); dput(dentry);
goto out_unlock; goto out_unlock;
} }
context[len] = '\0';
rc = inode->i_op->getxattr(dentry, rc = inode->i_op->getxattr(dentry,
XATTR_NAME_SELINUX, XATTR_NAME_SELINUX,
context, len); context, len);