diff options
| author | Linus Torvalds <torvalds@linux-foundation.org> | 2012-07-30 11:21:12 -0700 |
|---|---|---|
| committer | Linus Torvalds <torvalds@linux-foundation.org> | 2012-07-30 11:21:12 -0700 |
| commit | 172f993a2941ec60685c7e33af8be701759de1ab (patch) | |
| tree | 2ee072d56de4a1bfe4ee6873941870837162ffba | |
| parent | 7272c30b6fbc051bf8a3f3c973e64f230c91c8b3 (diff) | |
| parent | e3fea3f70fd68af0574a5f24246cdb4ed07f2b74 (diff) | |
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem bugfixes from James Morris.
* 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security:
selinux: fix selinux_inode_setxattr oops
KEYS: linux/key-type.h needs linux/errno.h
smack: off by one error
| -rw-r--r-- | include/linux/key-type.h | 1 | ||||
| -rw-r--r-- | security/selinux/hooks.c | 15 | ||||
| -rw-r--r-- | security/smack/smackfs.c | 8 |
3 files changed, 15 insertions, 9 deletions
diff --git a/include/linux/key-type.h b/include/linux/key-type.h index 39e3c082c49..f0c651cda7b 100644 --- a/include/linux/key-type.h +++ b/include/linux/key-type.h @@ -13,6 +13,7 @@ #define _LINUX_KEY_TYPE_H #include <linux/key.h> +#include <linux/errno.h> #ifdef CONFIG_KEYS diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c index 94c45a1531a..79690f401a5 100644 --- a/security/selinux/hooks.c +++ b/security/selinux/hooks.c @@ -2791,11 +2791,16 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name, /* We strip a nul only if it is at the end, otherwise the * context contains a nul and we should audit that */ - str = value; - if (str[size - 1] == '\0') - audit_size = size - 1; - else - audit_size = size; + if (value) { + str = value; + if (str[size - 1] == '\0') + audit_size = size - 1; + else + audit_size = size; + } else { + str = ""; + audit_size = 0; + } ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR); audit_log_format(ab, "op=setxattr invalid_context="); audit_log_n_untrustedstring(ab, value, audit_size); diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c index d31e6d957c2..b1b768e4049 100644 --- a/security/smack/smackfs.c +++ b/security/smack/smackfs.c @@ -323,11 +323,11 @@ static int smk_parse_long_rule(const char *data, struct smack_rule *rule, int datalen; int rc = -1; - /* - * This is probably inefficient, but safe. - */ + /* This is inefficient */ datalen = strlen(data); - subject = kzalloc(datalen, GFP_KERNEL); + + /* Our first element can be 64 + \0 with no spaces */ + subject = kzalloc(datalen + 1, GFP_KERNEL); if (subject == NULL) return -1; object = kzalloc(datalen, GFP_KERNEL); |