diff options
author | Eric Paris <eparis@redhat.com> | 2009-02-12 14:50:05 -0500 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2009-02-13 17:22:30 -0500 |
commit | 4cb912f1d1447077160ace9ce3b3a10696dd74e5 (patch) | |
tree | 916f112de07ca626b0f398a0fc85943f15306146 | |
parent | 4ba0a8ad63e12a03ae01c039482967cc496b9174 (diff) |
SELinux: NULL terminate al contexts from disk
When a context is pulled in from disk we don't know that it is null
terminated. This patch forecebly null terminates contexts when we pull
them from disk.
Signed-off-by: Eric Paris <eparis@redhat.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/selinux/hooks.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index aebcfad5613f..309648c573d8 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c | |||
@@ -1270,12 +1270,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
1270 | } | 1270 | } |
1271 | 1271 | ||
1272 | len = INITCONTEXTLEN; | 1272 | len = INITCONTEXTLEN; |
1273 | context = kmalloc(len, GFP_NOFS); | 1273 | context = kmalloc(len+1, GFP_NOFS); |
1274 | if (!context) { | 1274 | if (!context) { |
1275 | rc = -ENOMEM; | 1275 | rc = -ENOMEM; |
1276 | dput(dentry); | 1276 | dput(dentry); |
1277 | goto out_unlock; | 1277 | goto out_unlock; |
1278 | } | 1278 | } |
1279 | context[len] = '\0'; | ||
1279 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, | 1280 | rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX, |
1280 | context, len); | 1281 | context, len); |
1281 | if (rc == -ERANGE) { | 1282 | if (rc == -ERANGE) { |
@@ -1288,12 +1289,13 @@ static int inode_doinit_with_dentry(struct inode *inode, struct dentry *opt_dent | |||
1288 | } | 1289 | } |
1289 | kfree(context); | 1290 | kfree(context); |
1290 | len = rc; | 1291 | len = rc; |
1291 | context = kmalloc(len, GFP_NOFS); | 1292 | context = kmalloc(len+1, GFP_NOFS); |
1292 | if (!context) { | 1293 | if (!context) { |
1293 | rc = -ENOMEM; | 1294 | rc = -ENOMEM; |
1294 | dput(dentry); | 1295 | dput(dentry); |
1295 | goto out_unlock; | 1296 | goto out_unlock; |
1296 | } | 1297 | } |
1298 | context[len] = '\0'; | ||
1297 | rc = inode->i_op->getxattr(dentry, | 1299 | rc = inode->i_op->getxattr(dentry, |
1298 | XATTR_NAME_SELINUX, | 1300 | XATTR_NAME_SELINUX, |
1299 | context, len); | 1301 | context, len); |