mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-31 14:25:52 +00:00
Code Issues Releases Wiki Activity

fix broken checking of the name tag in the interface code

Browse Source
This commit is contained in:
John Johansen
2006-10-10 19:03:05 +00:00
parent 6a3311a818
commit 201887e519
2 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
module-nextgen/apparmor/match/match_pcre.c
View File

@@ -87,8 +87,8 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
uschar must be the same in user and kernel space */
/* check that we are processing the correct structure */
AA_READ_X(e, AA_STRUCT, NULL, "pcre");
AA_READ_X(e, AA_U32, &size, "pattern.size");
AA_READ_X(e, AA_U32, &magic, "pattern.magic");
AA_READ_X(e, AA_U32, &size, NULL);
AA_READ_X(e, AA_U32, &magic, NULL);
/* the allocation of pcre is delayed because it depends on the size
* of the pattern */
@@ -102,15 +102,15 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
ed->compiled->magic_number = magic;
ed->compiled->size = size + sizeof(pcre);
AA_READ_X(e, AA_U32, &opts, "pattern.options");
AA_READ_X(e, AA_U32, &opts, NULL);
ed->compiled->options = opts;
AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, "pattern.top_bracket");
AA_READ_X(e, AA_U16, &ed->compiled->top_backref, "pattern.top_backref");
AA_READ_X(e, AA_U8, &t_char, "pattern.first_char");
AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, NULL);
AA_READ_X(e, AA_U16, &ed->compiled->top_backref, NULL);
AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->first_char = t_char;
AA_READ_X(e, AA_U8, &t_char, "pattern.req_char");
AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->req_char = t_char;
AA_READ_X(e, AA_U8, &t_char, "pattern.code[0]");
AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->code[0] = t_char;
AA_READ_X(e, AA_STATIC_BLOB, &ed->compiled->code[1], NULL);

16
module-nextgen/apparmor/module_interface.c
View File

@@ -322,7 +322,10 @@ static int aa_is_nameX(struct aa_ext *e, enum aa_code code, void *data,
strncmp(name, (char *)e->pos, (size_t)size-1)))
goto fail;
e->pos += size;
} else if (name) {
goto fail;
}
/* now check if data actually matches */
ret = aa_is_X(e, code, data);
if (!ret)
@@ -387,8 +390,8 @@ static inline struct aa_entry *aa_activate_file_entry(struct aa_ext *e)
AA_READ_X(e, AA_STRUCT, NULL, "fe");
AA_READ_X(e, AA_DYN_STRING, &entry->filename, NULL);
AA_READ_X(e, AA_U32, &entry->mode, "file.mode");
AA_READ_X(e, AA_U32, &entry->type, "file.pattern_type");
AA_READ_X(e, AA_U32, &entry->mode, NULL);
AA_READ_X(e, AA_U32, &entry->type, NULL);
entry->extradata = aamatch_alloc(entry->type);
if (IS_ERR(entry->extradata)) {
@@ -539,14 +542,13 @@ static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error)
error_string = "Invalid flags";
/* per profile debug flags (debug, complain, audit) */
AA_READ_X(e, AA_STRUCT, NULL, "flags");
AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug");
AA_READ_X(e, AA_U32, &(profile->flags.complain),
"profile.flags.complain");
AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit");
AA_READ_X(e, AA_U32, &(profile->flags.debug), NULL);
AA_READ_X(e, AA_U32, &(profile->flags.complain), NULL);
AA_READ_X(e, AA_U32, &(profile->flags.audit), NULL);
AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
error_string = "Invalid capabilities";
AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities");
AA_READ_X(e, AA_U32, &(profile->capabilities), NULL);
/* get the file entries. */
AA_ENTRY_LIST("pgent"); /* pcre rules */