SELinux: null-terminate context string in selinux_xfrm_sec_ctx_alloc
authorVenkat Yekkirala <vyekkirala@trustedcs.com>
Tue, 24 Jul 2007 14:53:23 +0000 (09:53 -0500)
committerJames Morris <jmorris@namei.org>
Wed, 25 Jul 2007 16:49:41 +0000 (12:49 -0400)
xfrm_audit_log() expects the context string to be null-terminated
which currently doesn't happen with user-supplied contexts.

Signed-off-by: Venkat Yekkirala <vyekkirala@TrustedCS.com>
Acked-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: James Morris <jmorris@namei.org>
security/selinux/xfrm.c

index bd8d1ef40a905e9fb532d8be84c9082576bc5bfd..ba715f40b658e4dfd63a05024ab566bcb81daf9c 100644 (file)
@@ -216,7 +216,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp,
                return -ENOMEM;
 
        *ctxp = ctx = kmalloc(sizeof(*ctx) +
-                             uctx->ctx_len,
+                             uctx->ctx_len + 1,
                              GFP_KERNEL);
 
        if (!ctx)
@@ -229,6 +229,7 @@ static int selinux_xfrm_sec_ctx_alloc(struct xfrm_sec_ctx **ctxp,
        memcpy(ctx->ctx_str,
               uctx+1,
               ctx->ctx_len);
+       ctx->ctx_str[ctx->ctx_len] = 0;
        rc = security_context_to_sid(ctx->ctx_str,
                                     ctx->ctx_len,
                                     &ctx->ctx_sid);