lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [day] [month] [year] [list] 
Date:   Thu, 1 Aug 2019 12:03:23 +0900
From:   Takeshi Misawa <jeliantsurux@...il.com>
To:     Tetsuo Handa <penguin-kernel@...ove.SAKURA.ne.jp>,
        Kentaro Takeda <takedakn@...data.co.jp>
Cc:     linux-kernel@...r.kernel.org
Subject: [PATCH] tomoyo: Fix incorrect return value from
 tomoyo_find_next_domain()

When filename exceeds PATH_MAX,
tomoyo_find_next_domain() retval is not ENAMETOOLONG, but ENOENT.

Fix this by retuen kern_path() error.

Signed-off-by: Takeshi Misawa <jeliantsurux@...il.com>
---
Dear Tetsuo Handa

I found unexpected return value from TOMOYO and try to create a patch.
If this is not acceptable for security reason, please discard this patch.

Regards.
---
 security/tomoyo/domain.c   | 7 +++++--
 security/tomoyo/realpath.c | 9 +++++++--
 2 files changed, 12 insertions(+), 4 deletions(-)

diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 8526a0a74023..3d8034701344 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -723,8 +723,10 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
 	/* Get symlink's pathname of program. */
 	retval = -ENOENT;
 	exename.name = tomoyo_realpath_nofollow(original_name);
-	if (!exename.name)
+	if (IS_ERR(exename.name)) {
+		retval = PTR_ERR(exename.name);
 		goto out;
+	}
 	tomoyo_fill_path_info(&exename);
 retry:
 	/* Check 'aggregator' directive. */
@@ -870,7 +872,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
 		s->domain_info = domain;
 		atomic_inc(&domain->users);
 	}
-	kfree(exename.name);
+	if (!IS_ERR(exename.name))
+		kfree(exename.name);
 	if (!retval) {
 		ee->r.domain = domain;
 		retval = tomoyo_environ(ee);
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index e7832448d721..d73e66be05ef 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -332,10 +332,15 @@ char *tomoyo_realpath_from_path(const struct path *path)
 char *tomoyo_realpath_nofollow(const char *pathname)
 {
 	struct path path;
+	char *buf = NULL;
+	int err;
 
-	if (pathname && kern_path(pathname, 0, &path) == 0) {
-		char *buf = tomoyo_realpath_from_path(&path);
+	if (pathname) {
+		err = kern_path(pathname, 0, &path);
+		if (unlikely(err))
+			return ERR_PTR(err);
 
+		buf = tomoyo_realpath_from_path(&path);
 		path_put(&path);
 		return buf;
 	}
-- 
2.17.1

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ