From: walter harms <wharms@bfs.de>
To: linux-security-module@vger.kernel.org
Subject: Re: [PATCH] apparmor: Fix error cod in __aa_fs_profile_mkdir()
Date: Tue, 23 May 2017 15:19:52 +0000 [thread overview]
Message-ID: <59245318.4000809@bfs.de> (raw)
In-Reply-To: <20170523143346.GB28152@elgon.mountain>
Am 23.05.2017 16:33, schrieb Dan Carpenter:
> We can either return PTR_ERR(NULL) or a PTR_ERR(a valid pointer) here.
> Returning NULL is probably not good, but since this happens at boot
> then we are probably already toasted if we were to hit this bug in real
> life. In other words, it seems like a very low severity bug to me.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 4f6ac9dbc65d..18f0d105084d 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -728,8 +728,10 @@ int __aa_fs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
> id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
>
> profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
> - if (!profile->dirname)
> - goto fail;
> + if (!profile->dirname) {
> + error = -ENOMEM;
> + goto fail2;
> + }
>
> mangle_name(profile->base.name, profile->dirname);
> sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
Can mangle_name made to return a propper string ?
IFF this can be reduced to
profile->dirname =kasprintf(GFP_KERNEL,"%s.%ld",mangle_name(),profile->ns->uniq_id);
if (!profile->dirname) ....
just a hint.
re,
wh
> --
> To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
> the body of a message to majordomo@vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
WARNING: multiple messages have this Message-ID (diff)
From: wharms@bfs.de (walter harms)
To: linux-security-module@vger.kernel.org
Subject: [PATCH] apparmor: Fix error cod in __aa_fs_profile_mkdir()
Date: Tue, 23 May 2017 17:19:52 +0200 [thread overview]
Message-ID: <59245318.4000809@bfs.de> (raw)
In-Reply-To: <20170523143346.GB28152@elgon.mountain>
Am 23.05.2017 16:33, schrieb Dan Carpenter:
> We can either return PTR_ERR(NULL) or a PTR_ERR(a valid pointer) here.
> Returning NULL is probably not good, but since this happens at boot
> then we are probably already toasted if we were to hit this bug in real
> life. In other words, it seems like a very low severity bug to me.
>
> Signed-off-by: Dan Carpenter <dan.carpenter@oracle.com>
>
> diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c
> index 4f6ac9dbc65d..18f0d105084d 100644
> --- a/security/apparmor/apparmorfs.c
> +++ b/security/apparmor/apparmorfs.c
> @@ -728,8 +728,10 @@ int __aa_fs_profile_mkdir(struct aa_profile *profile, struct dentry *parent)
> id_len = snprintf(NULL, 0, ".%ld", profile->ns->uniq_id);
>
> profile->dirname = kmalloc(len + id_len + 1, GFP_KERNEL);
> - if (!profile->dirname)
> - goto fail;
> + if (!profile->dirname) {
> + error = -ENOMEM;
> + goto fail2;
> + }
>
> mangle_name(profile->base.name, profile->dirname);
> sprintf(profile->dirname + len, ".%ld", profile->ns->uniq_id++);
Can mangle_name made to return a propper string ?
IFF this can be reduced to
profile->dirname =kasprintf(GFP_KERNEL,"%s.%ld",mangle_name(),profile->ns->uniq_id);
if (!profile->dirname) ....
just a hint.
re,
wh
> --
> To unsubscribe from this list: send the line "unsubscribe kernel-janitors" in
> the body of a message to majordomo at vger.kernel.org
> More majordomo info at http://vger.kernel.org/majordomo-info.html
>
--
To unsubscribe from this list: send the line "unsubscribe linux-security-module" in
the body of a message to majordomo at vger.kernel.org
More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2017-05-23 15:19 UTC|newest]
Thread overview: 8+ messages / expand[flat|nested] mbox.gz Atom feed top
2017-05-23 14:33 [PATCH] apparmor: Fix error cod in __aa_fs_profile_mkdir() Dan Carpenter
2017-05-23 14:33 ` Dan Carpenter
2017-05-23 15:19 ` walter harms [this message]
2017-05-23 15:19 ` walter harms
2017-05-23 18:51 ` John Johansen
2017-05-23 18:51 ` John Johansen
2017-05-23 18:38 ` John Johansen
2017-05-23 18:38 ` John Johansen
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=59245318.4000809@bfs.de \
--to=wharms@bfs.de \
--cc=linux-security-module@vger.kernel.org \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is an external index of several public inboxes,
see mirroring instructions on how to clone and mirror
all data and code used by this external index.