diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-05-11 17:40:51 -0400 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-05-11 21:07:21 -0400 |
commit | e77dc3460fa59be5759e9327ad882868eee9d61b (patch) | |
tree | dc342433cce9dbdaa3ad36f250d21d575d1c8775 /security/tomoyo | |
parent | 3a852d3bd53e718206a18b015909c4b575952692 (diff) |
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating
"<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given.
As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected.
Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security/tomoyo')
-rw-r--r-- | security/tomoyo/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 9bfc1ee8222d..6d5393204d95 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c | |||
@@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname) | |||
390 | if (!cp) | 390 | if (!cp) |
391 | break; | 391 | break; |
392 | if (*domainname != '/' || | 392 | if (*domainname != '/' || |
393 | !tomoyo_correct_word2(domainname, cp - domainname - 1)) | 393 | !tomoyo_correct_word2(domainname, cp - domainname)) |
394 | goto out; | 394 | goto out; |
395 | domainname = cp + 1; | 395 | domainname = cp + 1; |
396 | } | 396 | } |