mirror of
https://gitlab.com/apparmor/apparmor
synced 2025-09-05 08:45:22 +00:00
40 lines
1.1 KiB
Diff
40 lines
1.1 KiB
Diff
Two bugs:
|
|
|
|
- task->comm should be accessed via get_task_comm().
|
|
- comm is user modifiable via prtcl(PR_SET_NAME), so users may inject
|
|
special characters. We need to quote.
|
|
|
|
What for does user-space use the task names in the log? I hope for
|
|
nothing...
|
|
|
|
---
|
|
security/apparmor/main.c | 9 ++++++++-
|
|
1 file changed, 8 insertions(+), 1 deletion(-)
|
|
|
|
--- a/security/apparmor/main.c
|
|
+++ b/security/apparmor/main.c
|
|
@@ -403,6 +403,7 @@ int aa_audit(struct aa_profile *profile,
|
|
opspec_error = -EACCES;
|
|
|
|
const gfp_t gfp_mask = sa->gfp_mask;
|
|
+ char comm_buffer[2 * sizeof(current->comm)], *comm;
|
|
|
|
/*
|
|
* sa->result: 1 success, 0 failure
|
|
@@ -534,8 +535,14 @@ int aa_audit(struct aa_profile *profile,
|
|
return error;
|
|
}
|
|
|
|
+ comm = comm_buffer + sizeof(comm_buffer) - sizeof(current->comm);
|
|
+ get_task_comm(comm, current);
|
|
+ comm = mangle(comm, comm_buffer);
|
|
+ if (!comm)
|
|
+ comm = "?";
|
|
+
|
|
audit_log_format(ab, "(%s(%d) profile %s active %s)",
|
|
- current->comm, current->pid,
|
|
+ comm, current->pid,
|
|
profile->parent->name, profile->name);
|
|
|
|
audit_log_end(ab);
|