summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorLinus Torvalds <torvalds@linux-foundation.org>2012-07-30 11:21:12 -0700
committerLinus Torvalds <torvalds@linux-foundation.org>2012-07-30 11:21:12 -0700
commit172f993a2941ec60685c7e33af8be701759de1ab (patch)
tree2ee072d56de4a1bfe4ee6873941870837162ffba
parent7272c30b6fbc051bf8a3f3c973e64f230c91c8b3 (diff)
parente3fea3f70fd68af0574a5f24246cdb4ed07f2b74 (diff)
Merge branch 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security
Pull security subsystem bugfixes from James Morris. * 'for-linus' of git://git.kernel.org/pub/scm/linux/kernel/git/jmorris/linux-security: selinux: fix selinux_inode_setxattr oops KEYS: linux/key-type.h needs linux/errno.h smack: off by one error
-rw-r--r--include/linux/key-type.h1
-rw-r--r--security/selinux/hooks.c15
-rw-r--r--security/smack/smackfs.c8
3 files changed, 15 insertions, 9 deletions
diff --git a/include/linux/key-type.h b/include/linux/key-type.h
index 39e3c082c49d..f0c651cda7b0 100644
--- a/include/linux/key-type.h
+++ b/include/linux/key-type.h
@@ -13,6 +13,7 @@
#define _LINUX_KEY_TYPE_H
#include <linux/key.h>
+#include <linux/errno.h>
#ifdef CONFIG_KEYS
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 94c45a1531a4..79690f401a58 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c
@@ -2791,11 +2791,16 @@ static int selinux_inode_setxattr(struct dentry *dentry, const char *name,
/* We strip a nul only if it is at the end, otherwise the
* context contains a nul and we should audit that */
- str = value;
- if (str[size - 1] == '\0')
- audit_size = size - 1;
- else
- audit_size = size;
+ if (value) {
+ str = value;
+ if (str[size - 1] == '\0')
+ audit_size = size - 1;
+ else
+ audit_size = size;
+ } else {
+ str = "";
+ audit_size = 0;
+ }
ab = audit_log_start(current->audit_context, GFP_ATOMIC, AUDIT_SELINUX_ERR);
audit_log_format(ab, "op=setxattr invalid_context=");
audit_log_n_untrustedstring(ab, value, audit_size);
diff --git a/security/smack/smackfs.c b/security/smack/smackfs.c
index d31e6d957c21..b1b768e4049a 100644
--- a/security/smack/smackfs.c
+++ b/security/smack/smackfs.c
@@ -323,11 +323,11 @@ static int smk_parse_long_rule(const char *data, struct smack_rule *rule,
int datalen;
int rc = -1;
- /*
- * This is probably inefficient, but safe.
- */
+ /* This is inefficient */
datalen = strlen(data);
- subject = kzalloc(datalen, GFP_KERNEL);
+
+ /* Our first element can be 64 + \0 with no spaces */
+ subject = kzalloc(datalen + 1, GFP_KERNEL);
if (subject == NULL)
return -1;
object = kzalloc(datalen, GFP_KERNEL);