Message ID | 20171003121254.28888-1-colin.king@canonical.com |
---|---|
State | New |
Headers | show |
Series | UBUNTU: SAUCE: LSM stacking: check for invalid zero sized writes | expand |
On Tue, Oct 03, 2017 at 01:12:54PM +0100, Colin King wrote: > From: Colin Ian King <colin.king@canonical.com> > > BugLink: http://bugs.launchpad.net/bugs/1720779 > > Writing zero bytes to /proc/$pid/task/$pid/attr/context via > security_setprocattr cause an oops in memcpy_erms. Fix this by > checking for zero size and returning -EINVAL for this invalid > write size. > > Detected by running stress-ng --procfs 0 > > Signed-off-by: Colin Ian King <colin.king@canonical.com> Applied to artful/master-next, thanks!
diff --git a/security/security.c b/security/security.c index 31efa8c..cdc1627 100644 --- a/security/security.c +++ b/security/security.c @@ -2007,6 +2007,9 @@ int security_setprocattr(const char *lsm, const char *name, void *value, char *temp; char *cp; + if (!size) + return -EINVAL; + /* * If lsm is NULL look at all the modules to find one * that processes name. If lsm is not NULL only look at