| Message ID | ac482709-66b6-eb40-18f7-ab6cbd603552@canonical.com |
|---|---|
| State | New |
| Headers | show |
On 02/15/2017 04:13 PM, John Johansen wrote: > The lperms struct is uninitialized for use with auditing if there is > an early failure due to a path name error. This can result in incorrect > logging or in the extreme case apparmor killing the task with a signal > which results in the failure in the referenced bug. > > BugLink: http://bugs.launchpad.net/bugs/1664912 > Signed-off-by: John Johansen <john.johansen@canonical.com> > --- > security/apparmor/file.c | 2 +- > 1 file changed, 1 insertion(+), 1 deletion(-) > > diff --git a/security/apparmor/file.c b/security/apparmor/file.c > index ae0b7c7..6a0411c 100644 > --- a/security/apparmor/file.c > +++ b/security/apparmor/file.c > @@ -374,7 +374,7 @@ static int profile_path_link(struct aa_profile *profile, > struct path_cond *cond) > { > const char *lname, *tname = NULL; > - struct aa_perms lperms, perms; > + struct aa_perms lperms = {}, perms; > const char *info = NULL; > u32 request = AA_MAY_LINK; > unsigned int state; >
Applied to xenial and yakkety master-next branches. Thanks. Cascardo.
diff --git a/security/apparmor/file.c b/security/apparmor/file.c index ae0b7c7..6a0411c 100644 --- a/security/apparmor/file.c +++ b/security/apparmor/file.c @@ -374,7 +374,7 @@ static int profile_path_link(struct aa_profile *profile, struct path_cond *cond) { const char *lname, *tname = NULL; - struct aa_perms lperms, perms; + struct aa_perms lperms = {}, perms; const char *info = NULL; u32 request = AA_MAY_LINK; unsigned int state;
The lperms struct is uninitialized for use with auditing if there is an early failure due to a path name error. This can result in incorrect logging or in the extreme case apparmor killing the task with a signal which results in the failure in the referenced bug. BugLink: http://bugs.launchpad.net/bugs/1664912 Signed-off-by: John Johansen <john.johansen@canonical.com> --- security/apparmor/file.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-)