mir/apparmor
2
0
Fork 0
mirror of https://gitlab.com/apparmor/apparmor synced 2025-08-30 13:58:22 +00:00
Code Issues Releases Wiki Activity

Fix incorrect strnlen length in aa_load.c load_policy_dir

Browse Source 
POSIX states that d_name has up to NAME_MAX (255) characters, and glibc
stores d_name as an array of size NAME_MAX+1 (256). Thus, supplying
PATH_MAX (4096) as the max length could trigger a buffer overrun. This
could be an even bigger issue on other libcs, as POSIX states that d_name
can be unsized.

Fortunately, this does not seem to cause actual issues, as the length is
only used to compare d_name to a short fixed string. However, it'd be better
to pass the actual correct max length to strnlen.

Signed-off-by: Ryan Lee <ryan.lee@canonical.com>
This commit is contained in:
Ryan Lee
2024-08-06 12:44:47 -07:00
parent ed3bc55d35
commit 322a98c8c9
1 changed files with 2 additions and 1 deletions
Download Patch File Download Diff File Expand all files Collapse all files

3
binutils/aa_load.c
View File

@@ -172,7 +172,8 @@ static int load_policy_dir(const char *dir_path)
while ((dir = readdir(d)) != NULL) { while ((dir = readdir(d)) != NULL) {
/* Only check regular files for now */ /* Only check regular files for now */
if (dir->d_type == DT_REG) { if (dir->d_type == DT_REG) {
len = strnlen(dir->d_name, PATH_MAX); /* As per POSIX dir->d_name has at most NAME_MAX characters */
len = strnlen(dir->d_name, NAME_MAX);
/* Ignores .features */ /* Ignores .features */
if (strncmp(dir->d_name, CACHE_FEATURES_FILE, len) == 0) { if (strncmp(dir->d_name, CACHE_FEATURES_FILE, len) == 0) {
continue; continue;