Commit 6d2fb472 authored by Mickaël Salaün's avatar Mickaël Salaün Committed by Paul Moore

apparmor: fix lsm_get_self_attr()

In apparmor_getselfattr() when an invalid AppArmor attribute is
requested, or a value hasn't been explicitly set for the requested
attribute, the label passed to aa_put_label() is not properly
initialized which can cause problems when the pointer value is non-NULL
and AppArmor attempts to drop a reference on the bogus label object.

Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: John Johansen <john.johansen@canonical.com>
Fixes: 223981db ("AppArmor: Add selfattr hooks")
Signed-off-by: default avatarMickaël Salaün <mic@digikod.net>
Reviewed-by: default avatarPaul Moore <paul@paul-moore.com>
[PM: description changes as discussed with MS]
Signed-off-by: default avatarPaul Moore <paul@paul-moore.com>
parent 86dc9693
...@@ -782,7 +782,7 @@ static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx, ...@@ -782,7 +782,7 @@ static int apparmor_getselfattr(unsigned int attr, struct lsm_ctx __user *lx,
int error = -ENOENT; int error = -ENOENT;
struct aa_task_ctx *ctx = task_ctx(current); struct aa_task_ctx *ctx = task_ctx(current);
struct aa_label *label = NULL; struct aa_label *label = NULL;
char *value; char *value = NULL;
switch (attr) { switch (attr) {
case LSM_ATTR_CURRENT: case LSM_ATTR_CURRENT:
......
Markdown is supported
0%
or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment