github-mirror/linux
1
0
Fork 0
mirror of https://github.com/torvalds/linux.git synced 2026-06-09 07:03:37 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity Graph
43d31fd9a8
linux/security/apparmor
History
Jann Horn 31c9958068 apparmor: enforce nullbyte at end of tag string 
commit 8404d7a674 upstream.

A packed AppArmor policy contains null-terminated tag strings that are read
by unpack_nameX(). However, unpack_nameX() uses string functions on them
without ensuring that they are actually null-terminated, potentially
leading to out-of-bounds accesses.

Make sure that the tag string is null-terminated before passing it to
strcmp().

Cc: stable@vger.kernel.org
Fixes: 736ec752d9 ("AppArmor: policy routines for loading and unpacking policy")
Signed-off-by: Jann Horn <jannh@google.com>
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2019-06-25 11:35:54 +08:00
..
include apparmor: fix PROFILE_MEDIATES for untrusted input 2019-06-25 11:35:54 +08:00
.gitignore
apparmorfs.c apparmorfs: fix use-after-free on symlink traversal 2019-05-25 18:23:42 +02:00
audit.c
capability.c
crypto.c
domain.c
file.c
ipc.c
Kconfig
label.c
lib.c
lsm.c
Makefile
match.c
mount.c
net.c
nulldfa.in
path.c
policy_ns.c
policy_unpack.c apparmor: enforce nullbyte at end of tag string 2019-06-25 11:35:54 +08:00
policy.c
procattr.c
resource.c
secid.c
stacksplitdfa.in
task.c