lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [<thread-prev] [day] [month] [year] [list] 
Message-ID: <4B70D311.8090109@schaufler-ca.com>
Date:	Mon, 08 Feb 2010 19:14:25 -0800
From:	Casey Schaufler <casey@...aufler-ca.com>
To:	James Morris <jmorris@...ei.org>
CC:	wzt wzt <wzt.wzt@...il.com>, linux-kernel@...r.kernel.org,
	linux-security-module@...r.kernel.org
Subject: Re: [PATCH] security/smack/smack.h: Fix smk_known length

James Morris wrote:
> (note: please copy security/ patches to the LSM list, cc'd, along with the 
> Smack maintainer).
>
>
> On Mon, 8 Feb 2010, wzt wzt wrote:
>
>   
>> in security/smack/smack.h:
>> struct smack_known {
>>         struct list_head        list;
>>         char                    smk_known[SMK_LABELLEN];
>> but in security/smack/smack_access.c
>> void smack_from_cipso(u32 level, char *cp, char *result)
>> {
>>         strncpy(result, final, SMK_MAXLEN);
>> }
>> miss '\0'.
>>
>> Signed-off-by: wzt <wzt.wzt@...il.com>
>> Cc: Jmorris <jmorris@...ei.org>
>>
>> diff --git a/security/smack/smack.h b/security/smack/smack.h
>> index c6e9aca..600474b 100644
>> --- a/security/smack/smack.h
>> +++ b/security/smack/smack.h
>> @@ -109,7 +109,7 @@ struct smk_netlbladdr {
>>   */
>>  struct smack_known {
>>         struct list_head        list;
>> -       char                    smk_known[SMK_LABELLEN];
>> +       char                    smk_known[SMK_LABELLEN + 1]; /*
>> smk_known + \0 */
>>     

SMK_LABELLEN is already SMK_MAXLEN+1. That's why the strncpy() above
uses SMK_MAXLEN, so that maximum copied will be SMK_MAXLEN+1, including
the trailing '\0'. The only possible case it could miss would be a
label that is SMK_LABELLEN (24 bytes) long, and that would be an error
because Smack labels are limited to SMK_MAXLEN (23 bytes) plus the
trailing '\0'. The strncpy() could easily be strcpy(), as only labels
that have been imported or hand crafted in the code will be in "from".


>>         u32                     smk_secid;
>>         struct smack_cipso      *smk_cipso;
>>         spinlock_t              smk_cipsolock; /* for changing cipso map */
>>
>>     


--
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@...r.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html
Please read the FAQ at  http://www.tux.org/lkml/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ