Patchwork [2/2] UBUNTU: SAUCE: AppArmor: Fix off by 2 error in getprocattr mem allocation

login
register
mail settings
Submitter John Johansen
Date Oct. 8, 2009, 8:45 p.m.
Message ID <1255034711-11623-3-git-send-email-john.johansen@canonical.com>
Download mbox | patch
Permalink /patch/35529/
State Accepted
Headers show

Comments

John Johansen - Oct. 8, 2009, 8:45 p.m.
BugLink: http://bugs.launchpad.net/bugs/446595

In AppArmor's get procattr interface when a namespace is defined the
allocation is not large enough for <ns_name> + "://" + <profile_name>, so
AppArmor overwrites 2 bytes of memory it has not allocated.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
 ubuntu/apparmor/procattr.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

Patch

diff --git a/ubuntu/apparmor/procattr.c b/ubuntu/apparmor/procattr.c
index 834cfab..e83f04f 100644
--- a/ubuntu/apparmor/procattr.c
+++ b/ubuntu/apparmor/procattr.c
@@ -49,7 +49,7 @@  int aa_getprocattr(struct aa_namespace *ns, struct aa_profile *profile,
 
 		len = strlen(unconfined_str);
 		if (ns != default_namespace)
-			len += strlen(ns->base.name) + 1;
+			len += strlen(ns->base.name) + 3;	/* :// */
 
 		str = kmalloc(len + 1, GFP_ATOMIC);
 		if (!str)