POSIX states that d_name has up to NAME_MAX (255) characters, and glibc
stores d_name as an array of size NAME_MAX+1 (256). Thus, supplying
PATH_MAX (4096) as the max length could trigger a buffer overrun. This
could be an even bigger issue on other libcs, as POSIX states that d_name
can be unsized.
Fortunately, this does not seem to cause actual issues, as the length is
only used to compare d_name to a short fixed string. However, it'd be better
to pass the actual correct max length to strnlen.
MR: https://gitlab.com/apparmor/apparmor/-/merge_requests/1290
Approved-by: Georgia Garcia <georgia.garcia@canonical.com>
Merged-by: Georgia Garcia <georgia.garcia@canonical.com>
(cherry picked from commit d1da63dc5a68c6fa3343f66815770f00912e5383)
322a98c8 Fix incorrect strnlen length in aa_load.c load_policy_dir
Co-authored-by: Georgia Garcia <georgia.garcia@canonical.com>
Dir "d" is not closed when asprintf fails.
Found by coverity: CID 321416: Resource leaks (RESOURCE_LEAK)
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
aa-load is a tool that loads cached (compiled) policies into
the kernel. It can receive as argument a file, a cache directory
containing the hash subtree, and a directory containing cached
files directly underneath - no hash.
This tool can be used in the as a guide for other init
systems to load the cached policies directly.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Signed-off-by: Georgia Garcia <georgia.garcia@canonical.com>
