| lists.openwall.net | lists / announce owl-users owl-dev john-users john-dev passwdqc-users yescrypt popa3d-users / oss-security kernel-hardening musl sabotage tlsify passwords / crypt-dev xvendor / Bugtraq Full-Disclosure linux-kernel linux-netdev linux-ext4 linux-hardening linux-cve-announce PHC | |
|
Open Source and information security mailing list archives
| ||
|
Message-ID: <20250605164852.2016-1-stephen.smalley.work@gmail.com>
Date: Thu, 5 Jun 2025 12:48:52 -0400
From: Stephen Smalley <stephen.smalley.work@...il.com>
To: brauner@...nel.org
Cc: paul@...l-moore.com,
linux-fsdevel@...r.kerne.org,
linux-kernel@...r.kernel.org,
selinux@...r.kernel.org,
collin.funk1@...il.com,
eggert@...ucla.edu,
bug-gnulib@....org,
Stephen Smalley <stephen.smalley.work@...il.com>
Subject: [PATCH] fs/xattr.c: fix simple_xattr_list()
commit 8b0ba61df5a1 ("fs/xattr.c: fix simple_xattr_list to always
include security.* xattrs") failed to reset err after the call to
security_inode_listsecurity(), which returns the length of the
returned xattr name. This results in simple_xattr_list() incorrectly
returning this length even if a POSIX acl is also set on the inode.
Reported-by: Collin Funk <collin.funk1@...il.com>
Closes: https://lore.kernel.org/selinux/8734ceal7q.fsf@gmail.com/
Reported-by: Paul Eggert <eggert@...ucla.edu>
Closes: https://bugzilla.redhat.com/show_bug.cgi?id=2369561
Fixes: 8b0ba61df5a1 ("fs/xattr.c: fix simple_xattr_list to always include security.* xattrs")
Signed-off-by: Stephen Smalley <stephen.smalley.work@...il.com>
---
fs/xattr.c | 1 +
1 file changed, 1 insertion(+)
diff --git a/fs/xattr.c b/fs/xattr.c
index 8ec5b0204bfd..600ae97969cf 100644
--- a/fs/xattr.c
+++ b/fs/xattr.c
@@ -1479,6 +1479,7 @@ ssize_t simple_xattr_list(struct inode *inode, struct simple_xattrs *xattrs,
buffer += err;
}
remaining_size -= err;
+ err = 0;
read_lock(&xattrs->lock);
for (rbp = rb_first(&xattrs->rb_root); rbp; rbp = rb_next(rbp)) {
--
2.49.0
Powered by blists - more mailing lists