| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Date: Wed, 15 Apr 2020 11:41:27 -0700
From: John Johansen <john.johansen@...onical.com>
To: Markus Elfring <Markus.Elfring@....de>,
Xiyu Yang <xiyuyang19@...an.edu.cn>,
Xin Tan <tanxin.ctf@...il.com>,
linux-security-module@...r.kernel.org
Cc: linux-kernel@...r.kernel.org, James Morris <jmorris@...ei.org>,
Kangjie Lu <kjlu@....edu>,
"Serge E. Hallyn" <serge@...lyn.com>,
Yuan Zhang <yuanxzhang@...an.edu.cn>
Subject: Re: [PATCH v2] apparmor: fix potential label refcnt leak in
aa_change_profile
On 4/15/20 4:27 AM, Markus Elfring wrote:
>> According to the comment of aa_get_current_label(), …
>
> I suggest to make this wording clearer.
> Would you like to refer to any software documentation here?
>
>
>> However, when the original object pointed by "label" becomes
>> unreachable because aa_change_profile() returns or a new object
>> is assigned to "label", reference count increased by
>> aa_get_current_label() is not decreased, causing a refcnt leak.
>
> How do you think about to reduce abbreviations in the commit message?
>
> Would you like to add the tag “Fixes” to the change description?
>
Fixes tags are always nice to have filled out, but some times its
hard to determine or the patch submitter doesn't know how or ...
If the fixes tags aren't there I will add them before I push them up.
In this case its
Fixes: 9fcf78cca198 ("apparmor: update domain transitions that are subsets of confinement at nnp")
> Regards,
> Markus
>
Powered by blists - more mailing lists