ima: store address of template_fmt_copy in a pointer before calling strsep

This patch stores the address of the 'template_fmt_copy' variable in a new variable, called 'template_fmt_ptr', so that the latter is passed as an argument of strsep() instead of the former. This modification is needed in order to correctly free the memory area referenced by 'template_fmt_copy' (strsep() modifies the pointer of the passed string). Signed-off-by: Roberto Sassu <roberto.sassu@polito.it> Reported-by: Sebastian Ott <sebott@linux.vnet.ibm.com> Signed-off-by: Mimi Zohar <zohar@us.ibm.com> Signed-off-by: James Morris <james.l.morris@oracle.com>
author: Roberto Sassu <roberto.sassu@polito.it> 2013-11-27 08:40:41 -0500
committer: James Morris <james.l.morris@oracle.com> 2013-11-29 21:09:53 -0500
commit: af91706d5ddecb4a9858cca9e90d463037cfd498 (patch)
tree: 6deb94f92beb6a51eadad053ded7da136847062f /security
parent: dc1ccc48159d63eca5089e507c82c7d22ef60839 (diff)
1 files changed, 4 insertions, 2 deletions
diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c
index 913e1927f916..635695f6a185 100644
--- a/security/integrity/ima/ima_template.c
+++ b/security/integrity/ima/ima_template.c
@@ -110,7 +110,7 @@ static int template_desc_init_fields(const char *template_fmt,
                                     struct ima_template_field ***fields,
                                     int *num_fields)
 {
-        char *c, *template_fmt_copy;
+        char *c, *template_fmt_copy, *template_fmt_ptr;
        int template_num_fields = template_fmt_size(template_fmt);
        int i, result = 0;
@@ -127,7 +127,9 @@ static int template_desc_init_fields(const char *template_fmt,
                result = -ENOMEM;
                goto out;
        }
-        for (i = 0; (c = strsep(&template_fmt_copy, "|")) != NULL &&
+        template_fmt_ptr = template_fmt_copy;
+        for (i = 0; (c = strsep(&template_fmt_ptr, "|")) != NULL &&
             i < template_num_fields; i++) {
                struct ima_template_field *f = lookup_template_field(c);
author	Roberto Sassu <roberto.sassu@polito.it>	2013-11-27 08:40:41 -0500
committer	James Morris <james.l.morris@oracle.com>	2013-11-29 21:09:53 -0500
commit	af91706d5ddecb4a9858cca9e90d463037cfd498 (patch)
tree	6deb94f92beb6a51eadad053ded7da136847062f /security
parent	dc1ccc48159d63eca5089e507c82c7d22ef60839 (diff)

diff --git a/security/integrity/ima/ima_template.c b/security/integrity/ima/ima_template.c index 913e1927f916..635695f6a185 100644 --- a/security/integrity/ima/ima_template.c +++ b/security/integrity/ima/ima_template.c
@@ -110,7 +110,7 @@ static int template_desc_init_fields(const char *template_fmt,
110	struct ima_template_field ***fields,	110	struct ima_template_field ***fields,
111	int *num_fields)	111	int *num_fields)
112	{	112	{
113	char c, template_fmt_copy;	113	char c, template_fmt_copy, *template_fmt_ptr;
114	int template_num_fields = template_fmt_size(template_fmt);	114	int template_num_fields = template_fmt_size(template_fmt);
115	int i, result = 0;	115	int i, result = 0;
116		116
@@ -127,7 +127,9 @@ static int template_desc_init_fields(const char *template_fmt,
127	result = -ENOMEM;	127	result = -ENOMEM;
128	goto out;	128	goto out;
129	}	129	}
130	for (i = 0; (c = strsep(&template_fmt_copy, "\|")) != NULL &&	130
		131	template_fmt_ptr = template_fmt_copy;
		132	for (i = 0; (c = strsep(&template_fmt_ptr, "\|")) != NULL &&
131	i < template_num_fields; i++) {	133	i < template_num_fields; i++) {
132	struct ima_template_field *f = lookup_template_field(c);	134	struct ima_template_field *f = lookup_template_field(c);
133		135