[apparmor] [PATCH 5/6] Fix error case of aa_getprocattr to set buffers to NULL
Steve Beattie
steve at nxnw.org
Wed Mar 21 20:50:17 UTC 2012
On Wed, Mar 21, 2012 at 06:02:24AM -0700, John Johansen wrote:
> While aa_getprocattr does return the documented error code on failure
> the **buf and **mode parameters can point into the buffer that was
> allocated and then discarded on failure.
>
> Set them to null on failure so that even if the error code is ignored
> they do not point to heap data.
>
> Signed-off-by: John Johansen <john.johansen at canonical.com>
Acked-By: Steve Beattie <sbeattie at ubuntu.com>
> ---
> libraries/libapparmor/src/kernel_interface.c | 3 +++
> 1 files changed, 3 insertions(+), 0 deletions(-)
>
> diff --git a/libraries/libapparmor/src/kernel_interface.c b/libraries/libapparmor/src/kernel_interface.c
> index 33fdda9..7d6edc4 100644
> --- a/libraries/libapparmor/src/kernel_interface.c
> +++ b/libraries/libapparmor/src/kernel_interface.c
> @@ -278,6 +278,8 @@ int aa_getprocattr(pid_t tid, const char *attr, char **buf, char **mode)
>
> if (rc == -1) {
> free(buffer);
> + *buf = NULL;
> + *mode = NULL;
> size = -1;
> } else
> *buf = buffer;
> @@ -617,6 +619,7 @@ int aa_getpeercon(int fd, char **con)
>
> if (rc == -1) {
> free(buffer);
> + *con = NULL;
> size = -1;
> } else
> *con = buffer;
> --
> 1.7.9.1
>
>
> --
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
--
Steve Beattie
<sbeattie at ubuntu.com>
http://NxNW.org/~steve/
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20120321/fcba1fdd/attachment.pgp>
More information about the AppArmor
mailing list