From: Casey Schaufler <casey@schaufler-ca.com>
To: James Morris <jmorris@namei.org>
Cc: wzt wzt <wzt.wzt@gmail.com>,
linux-kernel@vger.kernel.org,
linux-security-module@vger.kernel.org
Subject: Re: [PATCH] security/smack/smack.h: Fix smk_known length
Date: Mon, 08 Feb 2010 19:14:25 -0800 [thread overview]
Message-ID: <4B70D311.8090109@schaufler-ca.com> (raw)
In-Reply-To: <alpine.LRH.2.00.1002090827330.1779@tundra.namei.org>
James Morris wrote:
> (note: please copy security/ patches to the LSM list, cc'd, along with the
> Smack maintainer).
>
>
> On Mon, 8 Feb 2010, wzt wzt wrote:
>
>
>> in security/smack/smack.h:
>> struct smack_known {
>> struct list_head list;
>> char smk_known[SMK_LABELLEN];
>> but in security/smack/smack_access.c
>> void smack_from_cipso(u32 level, char *cp, char *result)
>> {
>> strncpy(result, final, SMK_MAXLEN);
>> }
>> miss '\0'.
>>
>> Signed-off-by: wzt <wzt.wzt@gmail.com>
>> Cc: Jmorris <jmorris@namei.org>
>>
>> diff --git a/security/smack/smack.h b/security/smack/smack.h
>> index c6e9aca..600474b 100644
>> --- a/security/smack/smack.h
>> +++ b/security/smack/smack.h
>> @@ -109,7 +109,7 @@ struct smk_netlbladdr {
>> */
>> struct smack_known {
>> struct list_head list;
>> - char smk_known[SMK_LABELLEN];
>> + char smk_known[SMK_LABELLEN + 1]; /*
>> smk_known + \0 */
>>
SMK_LABELLEN is already SMK_MAXLEN+1. That's why the strncpy() above
uses SMK_MAXLEN, so that maximum copied will be SMK_MAXLEN+1, including
the trailing '\0'. The only possible case it could miss would be a
label that is SMK_LABELLEN (24 bytes) long, and that would be an error
because Smack labels are limited to SMK_MAXLEN (23 bytes) plus the
trailing '\0'. The strncpy() could easily be strcpy(), as only labels
that have been imported or hand crafted in the code will be in "from".
>> u32 smk_secid;
>> struct smack_cipso *smk_cipso;
>> spinlock_t smk_cipsolock; /* for changing cipso map */
>>
>>
prev parent reply other threads:[~2010-02-09 3:14 UTC|newest]
Thread overview: 3+ messages / expand[flat|nested] mbox.gz Atom feed top
2010-02-08 11:41 [PATCH] security/smack/smack.h: Fix smk_known length wzt wzt
2010-02-08 21:28 ` James Morris
2010-02-09 3:14 ` Casey Schaufler [this message]
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=4B70D311.8090109@schaufler-ca.com \
--to=casey@schaufler-ca.com \
--cc=jmorris@namei.org \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-security-module@vger.kernel.org \
--cc=wzt.wzt@gmail.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.