aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-02-12 14:50:05 -0500
committerJames Morris <jmorris@namei.org>2009-02-13 17:22:30 -0500
commit4cb912f1d1447077160ace9ce3b3a10696dd74e5 (patch)
tree916f112de07ca626b0f398a0fc85943f15306146
parent4ba0a8ad63e12a03ae01c039482967cc496b9174 (diff)
SELinux: NULL terminate al contexts from disk
When a context is pulled in from disk we don't know that it is null terminated. This patch forecebly null terminates contexts when we pull them from disk. Signed-off-by: Eric Paris <eparis@redhat.com> Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/selinux/hooks.c6
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index aebcfad5613f..309648c573d8 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -1270,12 +1270,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1270 } 1270 }
1271 1271
1272 len = INITCONTEXTLEN; 1272 len = INITCONTEXTLEN;
1273 context = kmalloc(len, GFP_NOFS); 1273 context = kmalloc(len+1, GFP_NOFS);
1274 if (!context) { 1274 if (!context) {
1275 rc = -ENOMEM; 1275 rc = -ENOMEM;
1276 dput(dentry); 1276 dput(dentry);
1277 goto out_unlock; 1277 goto out_unlock;
1278 } 1278 }
1279 context[len] = '\0';
1279 rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, 1280 rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
1280 context, len); 1281 context, len);
1281 if (rc == -ERANGE) { 1282 if (rc == -ERANGE) {
@@ -1288,12 +1289,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent
1288 } 1289 }
1289 kfree(context); 1290 kfree(context);
1290 len = rc; 1291 len = rc;
1291 context = kmalloc(len, GFP_NOFS); 1292 context = kmalloc(len+1, GFP_NOFS);
1292 if (!context) { 1293 if (!context) {
1293 rc = -ENOMEM; 1294 rc = -ENOMEM;
1294 dput(dentry); 1295 dput(dentry);
1295 goto out_unlock; 1296 goto out_unlock;
1296 } 1297 }
1298 context[len] = '\0';
1297 rc = inode->i_op->getxattr(dentry, 1299 rc = inode->i_op->getxattr(dentry,
1298 XATTR_NAME_SELINUX, 1300 XATTR_NAME_SELINUX,
1299 context, len); 1301 context, len);