FAQ Search Today's Posts Mark Forums Read
» Video Reviews

» Linux Archive

Linux-archive is a website aiming to archive linux email lists and to make them easily accessible for linux users/developers.


» Sponsor

» Partners

» Sponsor

Go Back   Linux Archive > Ubuntu > Ubuntu Kernel Team

 
 
LinkBack Thread Tools
 
Old 09-17-2010, 04:02 PM
John Johansen
 
Default Revert "UBUNTU: SAUCE: AppArmor: allow newer tools to load policy on older kernels"

This reverts commit 1cfe0dc4352e879fef46f597560b851cd4260beb.

Revert because the patch was missing uncommitted changes, so in its
commited form it allows for kernel buffer overflows.

Signed-off-by: John Johansen <john.johansen@canonical.com>
---
security/apparmor/policy_unpack.c | 3 +++
1 files changed, 3 insertions(+), 0 deletions(-)

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index ef11ba9..6b0637b 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -575,6 +575,9 @@ static struct aa_profile *unpack_profile(struct aa_ext *e)

size = unpack_array(e, "net_allowed_af");
if (size) {
+ if (size > AF_MAX)
+ goto fail;
+
for (i = 0; i < size; i++) {
if (!unpack_u16(e, &profile->net.allow[i], NULL))
goto fail;
--
1.7.1


--
kernel-team mailing list
kernel-team@lists.ubuntu.com
https://lists.ubuntu.com/mailman/listinfo/kernel-team
 

Thread Tools




All times are GMT. The time now is 11:33 PM.

VBulletin, Copyright ©2000 - 2014, Jelsoft Enterprises Ltd.
Content Relevant URLs by vBSEO ©2007, Crawlability, Inc.
Copyright 2007 - 2008, www.linux-archive.org