mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-09-04 08:15:21 +00:00
Code Issues Releases Wiki Activity

fix broken checking of the name tag in the interface code

Browse Source
This commit is contained in:
John Johansen
2006-10-10 19:03:05 +00:00
parent 6a3311a818
commit 201887e519
2 changed files with 17 additions and 15 deletions
Download Patch File Download Diff File Expand all files Collapse all files

16
module-nextgen/apparmor/match/match_pcre.c
View File

@@ -87,8 +87,8 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
uschar must be the same in user and kernel space */ uschar must be the same in user and kernel space */
/* check that we are processing the correct structure */ /* check that we are processing the correct structure */
AA_READ_X(e, AA_STRUCT, NULL, "pcre"); AA_READ_X(e, AA_STRUCT, NULL, "pcre");
AA_READ_X(e, AA_U32, &size, "pattern.size"); AA_READ_X(e, AA_U32, &size, NULL);
AA_READ_X(e, AA_U32, &magic, "pattern.magic"); AA_READ_X(e, AA_U32, &magic, NULL);
/* the allocation of pcre is delayed because it depends on the size /* the allocation of pcre is delayed because it depends on the size
* of the pattern */ * of the pattern */
@@ -102,15 +102,15 @@ int aamatch_serialize(void *entry_extradata, struct aa_ext *e,
ed->compiled->magic_number = magic; ed->compiled->magic_number = magic;
ed->compiled->size = size + sizeof(pcre); ed->compiled->size = size + sizeof(pcre);
AA_READ_X(e, AA_U32, &opts, "pattern.options"); AA_READ_X(e, AA_U32, &opts, NULL);
ed->compiled->options = opts; ed->compiled->options = opts;
AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, "pattern.top_bracket"); AA_READ_X(e, AA_U16, &ed->compiled->top_bracket, NULL);
AA_READ_X(e, AA_U16, &ed->compiled->top_backref, "pattern.top_backref"); AA_READ_X(e, AA_U16, &ed->compiled->top_backref, NULL);
AA_READ_X(e, AA_U8, &t_char, "pattern.first_char"); AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->first_char = t_char; ed->compiled->first_char = t_char;
AA_READ_X(e, AA_U8, &t_char, "pattern.req_char"); AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->req_char = t_char; ed->compiled->req_char = t_char;
AA_READ_X(e, AA_U8, &t_char, "pattern.code[0]"); AA_READ_X(e, AA_U8, &t_char, NULL);
ed->compiled->code[0] = t_char; ed->compiled->code[0] = t_char;
AA_READ_X(e, AA_STATIC_BLOB, &ed->compiled->code[1], NULL); AA_READ_X(e, AA_STATIC_BLOB, &ed->compiled->code[1], NULL);

16
module-nextgen/apparmor/module_interface.c
View File

@@ -322,7 +322,10 @@ static int aa_is_nameX(struct aa_ext *e, enum aa_code code, void *data,
strncmp(name, (char *)e->pos, (size_t)size-1))) strncmp(name, (char *)e->pos, (size_t)size-1)))
goto fail; goto fail;
e->pos += size; e->pos += size;
} else if (name) {
goto fail;
} }
/* now check if data actually matches */ /* now check if data actually matches */
ret = aa_is_X(e, code, data); ret = aa_is_X(e, code, data);
if (!ret) if (!ret)
@@ -387,8 +390,8 @@ static inline struct aa_entry *aa_activate_file_entry(struct aa_ext *e)
AA_READ_X(e, AA_STRUCT, NULL, "fe"); AA_READ_X(e, AA_STRUCT, NULL, "fe");
AA_READ_X(e, AA_DYN_STRING, &entry->filename, NULL); AA_READ_X(e, AA_DYN_STRING, &entry->filename, NULL);
AA_READ_X(e, AA_U32, &entry->mode, "file.mode"); AA_READ_X(e, AA_U32, &entry->mode, NULL);
AA_READ_X(e, AA_U32, &entry->type, "file.pattern_type"); AA_READ_X(e, AA_U32, &entry->type, NULL);
entry->extradata = aamatch_alloc(entry->type); entry->extradata = aamatch_alloc(entry->type);
if (IS_ERR(entry->extradata)) { if (IS_ERR(entry->extradata)) {
@@ -539,14 +542,13 @@ static struct aaprofile *aa_activate_profile(struct aa_ext *e, ssize_t *error)
error_string = "Invalid flags"; error_string = "Invalid flags";
/* per profile debug flags (debug, complain, audit) */ /* per profile debug flags (debug, complain, audit) */
AA_READ_X(e, AA_STRUCT, NULL, "flags"); AA_READ_X(e, AA_STRUCT, NULL, "flags");
AA_READ_X(e, AA_U32, &(profile->flags.debug), "profile.flags.debug"); AA_READ_X(e, AA_U32, &(profile->flags.debug), NULL);
AA_READ_X(e, AA_U32, &(profile->flags.complain), AA_READ_X(e, AA_U32, &(profile->flags.complain), NULL);
"profile.flags.complain"); AA_READ_X(e, AA_U32, &(profile->flags.audit), NULL);
AA_READ_X(e, AA_U32, &(profile->flags.audit), "profile.flags.audit");
AA_READ_X(e, AA_STRUCTEND, NULL, NULL); AA_READ_X(e, AA_STRUCTEND, NULL, NULL);
error_string = "Invalid capabilities"; error_string = "Invalid capabilities";
AA_READ_X(e, AA_U32, &(profile->capabilities), "profile.capabilities"); AA_READ_X(e, AA_U32, &(profile->capabilities), NULL);
/* get the file entries. */ /* get the file entries. */
AA_ENTRY_LIST("pgent"); /* pcre rules */ AA_ENTRY_LIST("pgent"); /* pcre rules */