[apparmor] [PATCH 1/3] apparmor: Add support for attaching profiles via xattr, presence and value

Seth Arnold seth.arnold at canonical.com
Thu Feb 8 22:07:25 UTC 2018 

Hello,

On Thu, Feb 08, 2018 at 12:37:19PM -0800, John Johansen wrote:
> +static bool unpack_xattrs(struct aa_ext *e, struct aa_profile *profile)
> +{
> +	void *pos = e->pos;
> +
> +	if (unpack_nameX(e, AA_STRUCT, "xattrs")) {
> +		int i, size;
> +
> +		size = unpack_array(e, NULL);
> +		profile->xattr_count = size;
> +		profile->xattrs = kmalloc_array(size, sizeof(char *),
> +						GFP_KERNEL);
> +		if (!profile->xattrs)
> +			goto fail;
> +		for (i = 0; i < size; i++) {
> +			if (!unpack_strdup(e, &profile->xattrs[i], NULL))
> +				goto fail;

If this step fails before completion, the xattrs array may have some
entries that weren't properly initialized; I suspect the free operation
will cause serious trouble in this case.

> +		}
> +		if (!unpack_nameX(e, AA_ARRAYEND, NULL))
> +			goto fail;
> +		if (!unpack_nameX(e, AA_STRUCTEND, NULL))
> +			goto fail;
> +	}
> +
> +	if (unpack_nameX(e, AA_STRUCT, "xattr_values")) {
> +		int i, size;
> +
> +		size = unpack_array(e, NULL);
> +
> +		/* Must be the same number of xattr values as xattrs */
> +		if (size != profile->xattr_count)
> +			goto fail;
> +
> +		profile->xattr_lens = kmalloc_array(size, sizeof(size_t),
> +						    GFP_KERNEL);
> +		if (!profile->xattr_lens)
> +			goto fail;
> +
> +		profile->xattr_values = kmalloc_array(size, sizeof(char *),
> +						      GFP_KERNEL);

Same thing here with the xattr_lens and xattr_values arrays.

> +		if (!profile->xattr_values)
> +			goto fail;
> +
> +		for (i = 0; i < size; i++) {
> +			profile->xattr_lens[i] = unpack_blob(e,
> +					      &profile->xattr_values[i], NULL);
> +			profile->xattr_values[i] =
> +				kvmemdup(profile->xattr_values[i],
> +					 profile->xattr_lens[i]);
> +		}
> +
> +		if (!unpack_nameX(e, AA_ARRAYEND, NULL))
> +			goto fail;
> +		if (!unpack_nameX(e, AA_STRUCTEND, NULL))
> +			goto fail;
> +	}
> +	return 1;
> +
> +fail:
> +	e->pos = pos;
> +	return 0;
> +}

Thanks
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: not available
URL: <https://lists.ubuntu.com/archives/apparmor/attachments/20180208/12e0193d/attachment-0001.sig>

More information about the AppArmor mailing list