[apparmor] [PATCH 2/7] libapparmor: fix return value of aa_getpeercon_raw

Tyler Hicks tyhicks at canonical.com
Mon Jun 24 19:10:29 UTC 2013 

On 2013-06-24 11:52:05, Seth Arnold wrote:
> On Sun, Jun 23, 2013 at 04:23:14PM -0700, Tyler Hicks wrote:
> > From: John Johansen <john.johansen at canonical.com>
> > 
> > Return the total size of the security context on success
> > as documented.
> > 
> > Signed-off-by: John Johansen <john.johansen at canonical.com>
> 
> The implementation of this idea is fine. But the *size parameter is
> already being updated with the length, which seems sufficient to me.

As you'll see later in the man page patch, the return code and the
resulting value of the *size parameter can be different. If the buffer
passed into aa_getpeercon_raw() is too short for getsockopt() to store
the requested option, then aa_getpeercon_raw() would return -1, errno
will be ERANGE, and *size would be set to the buffer size needed for
getsockopt() to be successful.

(this behavior isn't documented in the getsockopt() man page)

Tyler

> 
> Thanks
> 
> > ---
> >  libraries/libapparmor/src/kernel_interface.c | 2 ++
> >  1 file changed, 2 insertions(+)
> > 
> > diff --git a/libraries/libapparmor/src/kernel_interface.c b/libraries/libapparmor/src/kernel_interface.c
> > index 1c3b4df..ee7908a 100644
> > --- a/libraries/libapparmor/src/kernel_interface.c
> > +++ b/libraries/libapparmor/src/kernel_interface.c
> > @@ -583,6 +583,8 @@ int aa_getpeercon_raw(int fd, char *buffer, int *size)
> >  			optlen++;
> >  		}
> >  	}
> > +
> > +	rc = optlen;
> >  out:
> >  	*size = optlen;
> >  	return rc;
> > -- 
> > 1.8.1.2
> > 
> > 
> > -- 
> > AppArmor mailing list
> > AppArmor at lists.ubuntu.com
> > Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor
> > 



> -- 
> AppArmor mailing list
> AppArmor at lists.ubuntu.com
> Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20130624/3f4fd6b6/attachment.pgp>

More information about the AppArmor mailing list