Gitweb:     
http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=910949a66839ff5f59fede5b7cb68ecf1453e22c
Commit:     910949a66839ff5f59fede5b7cb68ecf1453e22c
Parent:     0de085bb474f64e4fdb2f1ff3268590792648c7b
Author:     Venkat Yekkirala <[EMAIL PROTECTED]>
AuthorDate: Tue Jul 24 09:53:23 2007 -0500
Committer:  James Morris <[EMAIL PROTECTED]>
CommitDate: Wed Jul 25 12:49:41 2007 -0400

    SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc
    
    xfrm_audit_log() expects the context string to be null-terminated
    which currently doesn't happen with user-supplied contexts.
    
    Signed-off-by: Venkat Yekkirala <[EMAIL PROTECTED]>
    Acked-by:  Stephen Smalley <[EMAIL PROTECTED]>
    Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
 security/selinux/xfrm.c |    3 ++-
 1 files changed, 2 insertions(+), 1 deletions(-)

diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c
index bd8d1ef..ba715f4 100644
--- a/security/selinux/xfrm.c
+++ b/security/selinux/xfrm.c
@@ -216,7 +216,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx 
**ctxp,
                return -ENOMEM;
 
        *ctxp = ctx = kmalloc(sizeof(*ctx) +
-                             uctx->ctx_len,
+                             uctx->ctx_len + 1,
                              GFP_KERNEL);
 
        if (!ctx)
@@ -229,6 +229,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx 
**ctxp,
        memcpy(ctx->ctx_str,
               uctx+1,
               ctx->ctx_len);
+       ctx->ctx_str[ctx->ctx_len] = 0;
        rc = security_context_to_sid(ctx->ctx_str,
                                     ctx->ctx_len,
                                     &ctx->ctx_sid);
-
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Reply via email to