aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-05-11 17:40:51 -0400
committerJames Morris <jmorris@namei.org>2011-05-11 21:07:21 -0400
commite77dc3460fa59be5759e9327ad882868eee9d61b (patch)
treedc342433cce9dbdaa3ad36f250d21d575d1c8775
parent3a852d3bd53e718206a18b015909c4b575952692 (diff)
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating "<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given. As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected. Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/tomoyo/util.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index 9bfc1ee8222d..6d5393204d95 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname)
390 if (!cp) 390 if (!cp)
391 break; 391 break;
392 if (*domainname != '/' || 392 if (*domainname != '/' ||
393 !tomoyo_correct_word2(domainname, cp - domainname - 1)) 393 !tomoyo_correct_word2(domainname, cp - domainname))
394 goto out; 394 goto out;
395 domainname = cp + 1; 395 domainname = cp + 1;
396 } 396 }