diff options
| author | John Johansen <john.johansen@canonical.com> | 2013-02-27 06:45:05 -0500 |
|---|---|---|
| committer | John Johansen <john.johansen@canonical.com> | 2013-04-28 03:39:37 -0400 |
| commit | 2654bfbc2bd0e1e64f0b257c21da23f6cec32c6c (patch) | |
| tree | e82423fd02f8cb9911b7c39229bd98d754a063ea /security | |
| parent | 3eea57c26e49a5add4c053a031cc2a1977b7c48e (diff) | |
apparmor: fix fully qualified name parsing
currently apparmor name parsing is only correctly handling
:<NS>:<profile>
but
:<NS>://<profile>
is also a valid form and what is exported to userspace.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security')
| -rw-r--r-- | security/apparmor/lib.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index d6e1f2148398..d40bc592180d 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c | |||
| @@ -45,8 +45,10 @@ char *aa_split_fqname(char *fqname, char **ns_name) | |||
| 45 | *ns_name = skip_spaces(&name[1]); | 45 | *ns_name = skip_spaces(&name[1]); |
| 46 | if (split) { | 46 | if (split) { |
| 47 | /* overwrite ':' with \0 */ | 47 | /* overwrite ':' with \0 */ |
| 48 | *split = 0; | 48 | *split++ = 0; |
| 49 | name = skip_spaces(split + 1); | 49 | if (strncmp(split, "//", 2) == 0) |
| 50 | split += 2; | ||
| 51 | name = skip_spaces(split); | ||
| 50 | } else | 52 | } else |
| 51 | /* a ns name without a following profile is allowed */ | 53 | /* a ns name without a following profile is allowed */ |
| 52 | name = NULL; | 54 | name = NULL; |