On 5/28/19 8:32 AM, Jann Horn wrote:
> A packed AppArmor policy contains null-terminated tag strings that are read
> by unpack_nameX(). However, unpack_nameX() uses string functions on them
> without ensuring that they are actually null-terminated, potentially
> leading to out-of-bounds accesses.
>
A packed AppArmor policy contains null-terminated tag strings that are read
by unpack_nameX(). However, unpack_nameX() uses string functions on them
without ensuring that they are actually null-terminated, potentially
leading to out-of-bounds accesses.
Make sure that the tag string is null-termina
2 matches
Mail list logo