[apparmor] [patch] libapparmor: fix aa_change_hat token format string

John Johansen john.johansen at canonical.com
Thu Jan 23 10:57:33 UTC 2014


On 01/23/2014 02:44 AM, Steve Beattie wrote:
> This patch fixes the format string for the magic token in aa_change_hat
> to match the type of the magic token (long). Without this, on 64
> bit platforms, only the bottom 32 bits of the token would be used.
> aa_change_hatv() has the correct format string, so an aa_change_hatv()
> call followed by an exiting aa_change_hat() call would result in
> the latter having a different token, which would cause the process
> to be killed by apparmor. An aa_change_hat() followed by another
> aa_change_hat() would be safe, as would platforms where int and long
> are the same size.
> 
> This patch is for trunk and 2.8.
> 
> (Hat tip to John Johansen for spotting the actual bug.)
> 
> Signed-off-by: Steve Beattie <steve at nxnw.org>
Acked-by: John Johansen <john.johansen at canonical.com>

> ---
>  libraries/libapparmor/src/kernel_interface.c |    2 +-
>  1 file changed, 1 insertion(+), 1 deletion(-)
> 
> Index: b/libraries/libapparmor/src/kernel_interface.c
> ===================================================================
> --- a/libraries/libapparmor/src/kernel_interface.c
> +++ b/libraries/libapparmor/src/kernel_interface.c
> @@ -355,7 +355,7 @@ int aa_change_hat(const char *subprofile
>  	int rc = -1;
>  	int len = 0;
>  	char *buf = NULL;
> -	const char *fmt = "changehat %016x^%s";
> +	const char *fmt = "changehat %016lx^%s";
>  
>  	/* both may not be null */
>  	if (!(token || subprofile)) {
> 
> 
> 




More information about the AppArmor mailing list