selinux: ensure the context is NUL terminated in security_context_to_sid_core() - kernel/linux.git

diff options

author	Paul Moore <paul@paul-moore.com>	2017-11-29 02:51:12 +0300
committer	Greg Kroah-Hartman <gregkh@linuxfoundation.org>	2018-02-25 13:03:36 +0300
commit	d6233121d5ed6c7ff250b146666b73f29d5c0a1c (patch)
tree	026517128817a15bfaf43fb103cb847184db6f19 /security/apparmor
parent	4dbb8e38a1aad1b2ac4abb2a6486d7f2c91a2248 (diff)
download	linux-d6233121d5ed6c7ff250b146666b73f29d5c0a1c.tar.xz

selinux: ensure the context is NUL terminated in security_context_to_sid_core()

commit ef28df55ac27e1e5cd122e19fa311d886d47a756 upstream. The syzbot/syzkaller automated tests found a problem in security_context_to_sid_core() during early boot (before we load the SELinux policy) where we could potentially feed context strings without NUL terminators into the strcmp() function. We already guard against this during normal operation (after the SELinux policy has been loaded) by making a copy of the context strings and explicitly adding a NUL terminator to the end. The patch extends this protection to the early boot case (no loaded policy) by moving the context copy earlier in security_context_to_sid_core(). Reported-by: syzbot <syzkaller@googlegroups.com> Signed-off-by: Paul Moore <paul@paul-moore.com> Reviewed-By: William Roberts <william.c.roberts@intel.com> Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>

Diffstat (limited to 'security/apparmor')

0 files changed, 0 insertions, 0 deletions


context:
space:
mode: