On Mon, Sep 15, 2014 at 02:55:55PM -0500, Tyler Hicks wrote: > Instead of using the entire sun_path buffer for abstract socket names, > only use the exact length of the string that is specified on the command > line. The nul-terminator is not included for abstract sockets. > > The size of sun_path is modified to include the nul-terminator for > pathname address types. > > Signed-off-by: Tyler Hicks <tyhi...@canonical.com> Acked-by: Steve Beattie <st...@nxnw.org>
Thanks. > --- > tests/regression/apparmor/unix_socket.c | 13 +++++++++++-- > tests/regression/apparmor/unix_socket_client.c | 13 +++++++++++-- > 2 files changed, 22 insertions(+), 4 deletions(-) > > diff --git a/tests/regression/apparmor/unix_socket.c > b/tests/regression/apparmor/unix_socket.c > index 3d86225..cd492e3 100644 > --- a/tests/regression/apparmor/unix_socket.c > +++ b/tests/regression/apparmor/unix_socket.c > @@ -107,11 +107,20 @@ int main (int argc, char *argv[]) > sun_path = argv[1]; > sun_path_len = strlen(sun_path); > if (sun_path[0] == '@') { > + if (sun_path_len > sizeof(addr.sun_path)) { > + fprintf(stderr, "FAIL - socket addr too big\n"); > + exit(1); > + } > memcpy(addr.sun_path, sun_path, sun_path_len); > addr.sun_path[0] = '\0'; > - sun_path_len = sizeof(addr.sun_path); > } else { > - memcpy(addr.sun_path, sun_path, sun_path_len + 1); > + /* include the nul terminator for pathname addr types */ > + sun_path_len++; > + if (sun_path_len > sizeof(addr.sun_path)) { > + fprintf(stderr, "FAIL - socket addr too big\n"); > + exit(1); > + } > + memcpy(addr.sun_path, sun_path, sun_path_len); > } > > if (!strcmp(argv[2], "stream")) { > diff --git a/tests/regression/apparmor/unix_socket_client.c > b/tests/regression/apparmor/unix_socket_client.c > index ac53ecd..d7d5510 100644 > --- a/tests/regression/apparmor/unix_socket_client.c > +++ b/tests/regression/apparmor/unix_socket_client.c > @@ -98,11 +98,20 @@ int main(int argc, char *argv[]) > sun_path = argv[1]; > sun_path_len = strlen(sun_path); > if (sun_path[0] == '@') { > + if (sun_path_len > sizeof(peer_addr.sun_path)) { > + fprintf(stderr, "FAIL CLIENT - socket addr too big\n"); > + exit(1); > + } > memcpy(peer_addr.sun_path, sun_path, sun_path_len); > peer_addr.sun_path[0] = '\0'; > - sun_path_len = sizeof(peer_addr.sun_path); > } else { > - memcpy(peer_addr.sun_path, sun_path, sun_path_len + 1); > + /* include the nul terminator for pathname addr types */ > + sun_path_len++; > + if (sun_path_len > sizeof(peer_addr.sun_path)) { > + fprintf(stderr, "FAIL CLIENT - socket addr too big\n"); > + exit(1); > + } > + memcpy(peer_addr.sun_path, sun_path, sun_path_len); > } > > if (!strcmp(argv[2], "stream")) { -- Steve Beattie <sbeat...@ubuntu.com> http://NxNW.org/~steve/
signature.asc
Description: Digital signature
-- AppArmor mailing list AppArmor@lists.ubuntu.com Modify settings or unsubscribe at: https://lists.ubuntu.com/mailman/listinfo/apparmor