linux

History

Vegard Nossum 30a46a4647 apparmor: fix oops, validate buffer size in apparmor_setprocattr() When proc_pid_attr_write() was changed to use memdup_user apparmor's (interface violating) assumption that the setprocattr buffer was always a single page was violated. The size test is not strictly speaking needed as proc_pid_attr_write() will reject anything larger, but for the sake of robustness we can keep it in. SMACK and SELinux look safe to me, but somebody else should probably have a look just in case. Based on original patch from Vegard Nossum <vegard.nossum@oracle.com> modified for the case that apparmor provides null termination. Fixes: `bb646cdb12` Reported-by: Vegard Nossum <vegard.nossum@oracle.com> Cc: Al Viro <viro@zeniv.linux.org.uk> Cc: John Johansen <john.johansen@canonical.com> Cc: Paul Moore <paul@paul-moore.com> Cc: Stephen Smalley <sds@tycho.nsa.gov> Cc: Eric Paris <eparis@parisplace.org> Cc: Casey Schaufler <casey@schaufler-ca.com> Cc: stable@kernel.org Signed-off-by: John Johansen <john.johansen@canonical.com> Reviewed-by: Tyler Hicks <tyhicks@canonical.com> Signed-off-by: James Morris <james.l.morris@oracle.com>		2016-07-08 10:26:25 +10:00
..
include
.gitignore
apparmorfs.c
audit.c
capability.c
context.c
crypto.c
domain.c
file.c
ipc.c
Kconfig
lib.c
lsm.c	apparmor: fix oops, validate buffer size in apparmor_setprocattr()	2016-07-08 10:26:25 +10:00
Makefile
match.c
path.c
policy_unpack.c
policy.c
procattr.c
resource.c
sid.c

No results found.