[REGRESSION] Task based libapparmor getcon functions don't always NUL-terminate con strings properly
Bug #1220861 reported by
Tyler Hicks
This bug affects 1 person
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
AppArmor |
Fix Released
|
High
|
Tyler Hicks | ||
apparmor (Ubuntu) |
Fix Released
|
High
|
Tyler Hicks |
Bug Description
Starting with upstream revision 2125 and Ubuntu package 2.8.0-0ubuntu25,
the task based libapparmor getcon functions changed behavior on how they
handled NULL mode strings.
Old behavior:
$ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
$ echo "profile getcon { file, }" | sudo apparmor_parser -qr
$ aa-exec -p getcon -- ./getcon
con = [getcon]
New behavior:
$ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
$ echo "profile getcon { file, }" | sudo apparmor_parser -qr
$ aa-exec -p getcon -- ./getcon
con = [getcon (enforce)]
The con string is not being NUL-terminated before the mode string when
the mode pointer is NULL.
Changed in apparmor: | |
milestone: | none → 2.9.0 |
To post a comment you must log in.
This bug was fixed in the package apparmor - 2.8.0-0ubuntu28
---------------
apparmor (2.8.0-0ubuntu28) saucy; urgency=low
[ Tyler Hicks ] apparmor. manpages: install the aa-exec man page apparmor- utils.manpages: don't install the aa-exec man page patches/ 0065-lp1220861. patch: Always NUL-terminate confinement patches/ 0066-lp1196880. patch: Don't assign mode pointer in getprocattr( ) if caller passed in NULL (LP: #1196880) patches/ 0067-libapparmo r-mode- strings- are-not- to-be-freed. patch: patches/ 0068-libapparmo r-mention- dbus-method- in-getcon- man.patch:
* Move the aa-exec man page out of apparmor-utils into apparmor, since
aa-exec is now in apparmor
- debian/control: adjust Breaks/Replaces to use apparmor-utils
(<< 2.8.0-0ubuntu28)
- debian/
- debian/
* debian/
context strings returned from libapparmor (LP: #1220861)
* debian/
aa_
* debian/
Update man page and code comments to make it clear that freeing the *con
string returned from libapparmor's getcon functions also frees the *mode
string
* debian/
Document the D-Bus method, in the aa_getcon man page, that returns the
AppArmor task confinement string of a D-Bus connection
[ Jamie Strandboge ] patches/ 0069-p11kit- abstraction. patch: p11-kit needs access to share/p11- kit/modules
* debian/
/usr/
-- Jamie Strandboge <email address hidden> Tue, 10 Sep 2013 12:06:06 -0500