Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 910949a6 authored by Venkat Yekkirala's avatar Venkat Yekkirala Committed by James Morris
Browse files

SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc 



xfrm_audit_log() expects the context string to be null-terminated
which currently doesn't happen with user-supplied contexts.

Signed-off-by: default avatarVenkat Yekkirala <vyekkirala@TrustedCS.com>
Acked-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: default avatarJames Morris <jmorris@namei.org>
parent 0de085bb

security/selinux/xfrm.c

+2 −1
Original line number Diff line number Diff line
@@ -216,7 +216,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, 
		return -ENOMEM;



	*ctxp = ctx = kmalloc(sizeof(*ctx) +

			      uctx->ctx_len,

			      uctx->ctx_len + 1,

			      GFP_KERNEL);



	if (!ctx)
@@ -229,6 +229,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, 
	memcpy(ctx->ctx_str,

	       uctx+1,

	       ctx->ctx_len);

	ctx->ctx_str[ctx->ctx_len] = 0;

	rc = security_context_to_sid(ctx->ctx_str,

				     ctx->ctx_len,

				     &ctx->ctx_sid);