projects / GitHub / LineageOS / android_kernel_motorola_exynos9610.git / commitdiff
? search:
summary | shortlog | log | commit | commitdiff | tree
raw | patch | inline | side by side (parent: f7da2de)
apparmor: check that xindex is in trans_table bounds
authorJohn Johansen <john.johansen@canonical.com>
Thu, 17 Mar 2016 19:02:54 +0000 (12:02 -0700)
committerJohn Johansen <john.johansen@canonical.com>
Tue, 12 Jul 2016 15:43:10 +0000 (08:43 -0700)
Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Seth Arnold <seth.arnold@canonical.com>
security/apparmor/policy_unpack.c patch | blob | blame | history

diff --git a/security/apparmor/policy_unpack.c b/security/apparmor/policy_unpack.c
index a55fb2f170c9a3982244927595939edc67b10612..951ae46339793e9214966f2ef49a329cd9834f71 100644 (file)
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -676,7 +676,7 @@ static bool verify_xindex(int xindex, int table_size)
        int index, xtype;
        xtype = xindex & AA_X_TYPE_MASK;
        index = xindex & AA_X_INDEX_MASK;
-       if (xtype == AA_X_TABLE && index > table_size)
+       if (xtype == AA_X_TABLE && index >= table_size)
                return 0;
        return 1;
 }