diff options
author | John Johansen <john.johansen@canonical.com> | 2012-02-16 10:06:41 -0500 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2012-02-27 14:38:20 -0500 |
commit | cdbd2884df8ad026143bb482a96d38e616947b17 (patch) | |
tree | 5a6490419450ee4fe7ae08c1fb57526f8e7c3cc3 /security/apparmor | |
parent | d384b0a1a35f87f0ad70c29518f98f922b1c15cb (diff) |
AppArmor: Add mising end of structure test to caps unpacking
The unpacking of struct capsx is missing a check for the end of the
caps structure. This can lead to unpack failures depending on what else
is packed into the policy file being unpacked.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
Diffstat (limited to 'security/apparmor')
-rw-r--r-- | security/apparmor/policy_unpack.c | 2 |
1 files changed, 2 insertions, 0 deletions
diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c index 741dd13e089b..5c46acf5aa65 100644 --- a/security/apparmor/policy_unpack.c +++ b/security/apparmor/policy_unpack.c | |||
@@ -554,6 +554,8 @@ static struct aa_profile *unpack_profile(struct aa_ext *e) | |||
554 | goto fail; | 554 | goto fail; |
555 | if (!unpack_u32(e, &(profile->caps.extended.cap[1]), NULL)) | 555 | if (!unpack_u32(e, &(profile->caps.extended.cap[1]), NULL)) |
556 | goto fail; | 556 | goto fail; |
557 | if (!unpack_nameX(e, AA_STRUCTEND, NULL)) | ||
558 | goto fail; | ||
557 | } | 559 | } |
558 | 560 | ||
559 | if (!unpack_rlimits(e, profile)) | 561 | if (!unpack_rlimits(e, profile)) |