From 910949a66839ff5f59fede5b7cb68ecf1453e22c Mon Sep 17 00:00:00 2001 From: Venkat Yekkirala Date: Tue, 24 Jul 2007 09:53:23 -0500 Subject: [PATCH] SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc xfrm_audit_log() expects the context string to be null-terminated which currently doesn't happen with user-supplied contexts. Signed-off-by: Venkat Yekkirala Acked-by: Stephen Smalley Signed-off-by: James Morris --- security/selinux/xfrm.c | 3 ++- 1 file changed, 2 insertions(+), 1 deletion(-) diff --git a/security/selinux/xfrm.c b/security/selinux/xfrm.c index bd8d1ef40a9..ba715f40b65 100644 --- a/security/selinux/xfrm.c +++ b/security/selinux/xfrm.c @@ -216,7 +216,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, return -ENOMEM; *ctxp = ctx = kmalloc(sizeof(*ctx) + - uctx->ctx_len, + uctx->ctx_len + 1, GFP_KERNEL); if (!ctx) @@ -229,6 +229,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp, memcpy(ctx->ctx_str, uctx+1, ctx->ctx_len); + ctx->ctx_str[ctx->ctx_len] = 0; rc = security_context_to_sid(ctx->ctx_str, ctx->ctx_len, &ctx->ctx_sid); -- 2.20.1