From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: (majordomo@vger.kernel.org) by vger.kernel.org via listexpand id S1753511AbcFJWNw (ORCPT ); Fri, 10 Jun 2016 18:13:52 -0400 Received: from youngberry.canonical.com ([91.189.89.112]:36729 "EHLO youngberry.canonical.com" rhost-flags-OK-OK-OK-OK) by vger.kernel.org with ESMTP id S1753428AbcFJWNv (ORCPT ); Fri, 10 Jun 2016 18:13:51 -0400 Subject: Re: [PATCH 1/1] apparmor: do not expose kernel stack To: Heinrich Schuchardt , James Morris , "Serge E. Hallyn" References: <1465594466-16581-1-git-send-email-xypron.glpk@gmx.de> Cc: linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org From: John Johansen Organization: Canonical Message-ID: <575B3B98.5010606@canonical.com> Date: Fri, 10 Jun 2016 15:13:44 -0700 User-Agent: Mozilla/5.0 (X11; Linux x86_64; rv:38.0) Gecko/20100101 Thunderbird/38.8.0 MIME-Version: 1.0 In-Reply-To: <1465594466-16581-1-git-send-email-xypron.glpk@gmx.de> Content-Type: text/plain; charset=windows-1252 Content-Transfer-Encoding: 7bit Sender: linux-kernel-owner@vger.kernel.org List-ID: X-Mailing-List: linux-kernel@vger.kernel.org On 06/10/2016 02:34 PM, Heinrich Schuchardt wrote: > Do not copy uninitalized fields th.td_hilen, th.td_data. > > Signed-off-by: Heinrich Schuchardt Acked-by: John Johansen I have a queue of patches I need to push this weekend so I will suck this one in and send it up with the rest > --- > security/apparmor/match.c | 4 +++- > 1 file changed, 3 insertions(+), 1 deletion(-) > > diff --git a/security/apparmor/match.c b/security/apparmor/match.c > index 727eb42..1d6dbd8 100644 > --- a/security/apparmor/match.c > +++ b/security/apparmor/match.c > @@ -61,7 +61,9 @@ static struct table_header *unpack_table(char *blob, size_t bsize) > > table = kvzalloc(tsize); > if (table) { > - *table = th; > + table->td_id = th.td_id; > + table->td_flags = th.td_flags; > + table->td_lolen = th.td_lolen; > if (th.td_flags == YYTD_DATA8) > UNPACK_ARRAY(table->td_data, blob, th.td_lolen, > u8, byte_to_byte); >