[PATCH 5/5] UBUNTU: SAUCE: AppArmor: Fix oops there is no tracer anddoing unsafe transition.
John Johansen
john.johansen at canonical.com
Thu Nov 12 16:29:47 UTC 2009
Tetsuo Handa wrote:
> Hello.
>
> John Johansen wrote:
>> As reported by Tetsuo Handa on kernel-team mailing list:
> Oops. I used wrong sender address and therefore above report didn't reach to
> kernel-team mailing list.
>
>
>
> Just a comment for AppArmor for Karmic and earlier.
>
> --- security/apparmor/path.c ---
>> char *sysctl_pathname(struct ctl_table *table, char *buffer, int buflen)
>> {
>> if (buflen < 1)
>> return NULL;
>> buffer += --buflen;
>> *buffer = '\0';
>>
>> while (table) {
>> int namelen = strlen(table->procname);
>
> Eric W. Biederman is going to remove table->ctl_name field. Thus, future
> versions will be safe to use table->procname without checking for NULL.
>
> But, for past versions, some out-of-tree kernel module might create a table
> with table->procname == NULL. Maybe AppArmor for Karmic and earlier should
> prepare for NULL because parse_table()'s loop condition allows NULL procname.
>
Thanks for pointing this out Tetsuo
More information about the kernel-team
mailing list