This patch fixes the address length checks in the selinux_socket_connect
hook to be no more restrictive than the underlying ipv4 and ipv6 code;
otherwise, this hook can reject valid connect calls. This patch is in
response to a bug report where an application was calling connect on an
INET6 socket with an address that didn't include the optional scope id
and failing due to these checks. Please apply. To 2.6.13, if possible.
Signed-off-by: Stephen Smalley <[EMAIL PROTECTED]>
Signed-off-by: James Morris <[EMAIL PROTECTED]>
---
security/selinux/hooks.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff -rup linux-2.6.13-rc3-mm3/security/selinux/hooks.c
linux-2.6.13-rc3-mm3-fix/security/selinux/hooks.c
--- linux-2.6.13-rc3-mm3/security/selinux/hooks.c 2005-07-28
14:59:58.000000000 -0400
+++ linux-2.6.13-rc3-mm3-fix/security/selinux/hooks.c 2005-07-28
14:56:58.000000000 -0400
@@ -3073,12 +3073,12 @@ static int selinux_socket_connect(struct
if (sk->sk_family == PF_INET) {
addr4 = (struct sockaddr_in *)address;
- if (addrlen != sizeof(struct sockaddr_in))
+ if (addrlen < sizeof(struct sockaddr_in))
return -EINVAL;
snum = ntohs(addr4->sin_port);
} else {
addr6 = (struct sockaddr_in6 *)address;
- if (addrlen != sizeof(struct sockaddr_in6))
+ if (addrlen < SIN6_LEN_RFC2133)
return -EINVAL;
snum = ntohs(addr6->sin6_port);
}
--
Stephen Smalley
National Security Agency
-
To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to [EMAIL PROTECTED]
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/
