[PATCH 2/3] UBUNTU: SAUCE: AppArmor: Return string len rather than the allocation size
john.johansen at canonical.com
john.johansen at canonical.com
Tue Mar 30 17:33:40 UTC 2010
From: John Johansen <john.johansen at canonical.com>
Buglink: http://launchpad.net/bugs/551844
AppArmor getprocattr was returning the wrong size for name for unconfined
tasks. It returned the size of memory allocated - 1 (\0 is omitted)
instead of the size of the string. In the case of unconfined tasks the mode
string is not output so the return size needs to be adjusted appropriately.
Signed-off-by: Kees Cook <kees.cook at canonical.com>
Signed-off-by: John Johansen <john.johansen at canonical.com>
---
security/apparmor/procattr.c | 10 +++++++---
1 files changed, 7 insertions(+), 3 deletions(-)
---
security/apparmor/procattr.c | 6 ++++--
1 files changed, 4 insertions(+), 2 deletions(-)
diff --git a/security/apparmor/procattr.c b/security/apparmor/procattr.c
index 4991f9d..c31f693 100644
--- a/security/apparmor/procattr.c
+++ b/security/apparmor/procattr.c
@@ -51,9 +51,11 @@ int aa_getprocattr(struct aa_profile *profile, char **string)
sprintf(s, "%s://", ns->base.name);
s += ns_len;
}
- if (profile->flags & PFLAG_UNCONFINED)
+ if (profile->flags & PFLAG_UNCONFINED) {
sprintf(s, "%s\n", profile->base.hname);
- else
+ /* mode string not being appended so reduce string size */
+ len -= mode_len;
+ } else
sprintf(s, "%s (%s)\n", profile->base.hname, mode_str);
*string = str;
--
1.6.3.3
More information about the kernel-team
mailing list