diff options
author | Venkat Yekkirala <vyekkirala@trustedcs.com> | 2007-07-24 10:53:23 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2007-07-25 12:49:41 -0400 |
commit | 910949a66839ff5f59fede5b7cb68ecf1453e22c (patch) | |
tree | 6842924dba1c4af0397d06aa4b6363e8c26c220e | |
parent | 0de085bb474f64e4fdb2f1ff3268590792648c7b (diff) |
SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc
xfrm_audit_log() expects the context string to be null-terminated
which currently doesn't happen with user-supplied contexts.
Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/xfrm.c | 3 |
1 files changed, 2 insertions, 1 deletions
diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index bd8d1ef40a90..ba715f40b658 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c | |||
@@ -216,7 +216,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
216 | return -ENOMEM; | 216 | return -ENOMEM; |
217 | 217 | ||
218 | *ctxp = ctx = kmalloc(sizeof(*ctx) + | 218 | *ctxp = ctx = kmalloc(sizeof(*ctx) + |
219 | uctx->ctx_len, | 219 | uctx->ctx_len + 1, |
220 | GFP_KERNEL); | 220 | GFP_KERNEL); |
221 | 221 | ||
222 | if (!ctx) | 222 | if (!ctx) |
@@ -229,6 +229,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, | |||
229 | memcpy(ctx->ctx_str, | 229 | memcpy(ctx->ctx_str, |
230 | uctx+1, | 230 | uctx+1, |
231 | ctx->ctx_len); | 231 | ctx->ctx_len); |
232 | ctx->ctx_str[ctx->ctx_len] = 0; | ||
232 | rc = security_context_to_sid(ctx->ctx_str, | 233 | rc = security_context_to_sid(ctx->ctx_str, |
233 | ctx->ctx_len, | 234 | ctx->ctx_len, |
234 | &ctx->ctx_sid); | 235 | &ctx->ctx_sid); |