Patchwork [3/4] UBUNTU: SAUCE: AppArmor: Return string len rather than the allocation size

login
register
mail settings
Submitter John Johansen
Date March 30, 2010, 5:39 p.m.
Message ID <1269970750-25624-4-git-send-email-john.johansen@canonical.com>
Download mbox | patch
Permalink /patch/49000/
State Accepted
Delegated to: Andy Whitcroft
Headers show

Comments

John Johansen - March 30, 2010, 5:39 p.m.
From: John Johansen <john.johansen@canonical.com>

Buglink: http://launchpad.net/bugs/551844

AppArmor getprocattr was returning the wrong size for name for unconfined
tasks.  It returned the size of memory allocated - 1 (\0 is omitted)
instead of the size of the string.  In the case of unconfined tasks the mode
string is not output so the return size needs to be adjusted appropriately.

Signed-off-by: Kees Cook <kees.cook@canonical.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>

---
 security/apparmor/procattr.c |   10 +++++++---
 1 files changed, 7 insertions(+), 3 deletions(-)
---
 security/apparmor/procattr.c |    6 ++++--
 1 files changed, 4 insertions(+), 2 deletions(-)

Patch

diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c
index 4991f9d..c31f693 100644
--- a/security/apparmor/procattr.c
+++ b/security/apparmor/procattr.c
@@ -51,9 +51,11 @@  int aa_getprocattr(struct aa_profile *profile, char **string)
 		sprintf(s, "%s://", ns->base.name);
 		s += ns_len;
 	}
-	if (profile->flags & PFLAG_UNCONFINED)
+	if (profile->flags & PFLAG_UNCONFINED) {
 		sprintf(s, "%s\n", profile->base.hname);
-	else
+		/* mode string not being appended so reduce string size */
+		len -= mode_len;
+	} else
 		sprintf(s, "%s (%s)\n", profile->base.hname, mode_str);
 	*string = str;