[apparmor] patch: override AF_MAX for kernels that don't support proper masking
Jamie Strandboge
jamie at canonical.com
Thu Mar 3 23:51:06 UTC 2011
On Thu, 2011-03-03 at 13:42 -0800, John Johansen wrote:
> +#define PROC_VERSION "/proc/sys/kernel/osrelease"
...
> + fd = open(PROC_VERSION, O_RDONLY);
> + if (!fd)
> + /* fall back to default provided during build */
> + return 0;
> + res = read(fd, &buffer, sizeof(buffer));
> + close(fd);
> + if (!res)
> + return 0;
I'm not sure if /proc/sys/kernel/osrelease can ever be longer than 32
characters (with the trailing '\0'), but if it is, we have an
unterminated string. For future-proofing, I'd prefer if this was changed
to:
...
res = read(fd, &buffer, sizeof(buffer));
close(fd);
if (!res)
return 0;
buffer[sizeof(buffer)-1] = '\0';
ACK with this change.
--
Jamie Strandboge | http://www.canonical.com
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: This is a digitally signed message part
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20110303/4c3b8d1a/attachment.pgp>
More information about the AppArmor
mailing list