On Thursday 12 February 2009 02:50:05 pm Eric Paris wrote:
> @@ -1290,12 +1290,13 @@ static int inode_doinit_with_dentry(struct inode
> *inode, struct dentry *opt_dent }
>
> len = INITCONTEXTLEN;
> - context = kmalloc(len, GFP_NOFS);
> + context = kmalloc(len+1, GFP_NOFS);
> if (!context) {
> rc = -ENOMEM;
> dput(dentry);
> goto out_unlock;
> }
> + context[len] = '\0';
> rc = inode->i_op->getxattr(dentry, XATTR_NAME_SELINUX,
> context, len);
> if (rc == -ERANGE) {
Perhaps move the "context[len] = '\0';" to just after the getxattr() call? It
might help provide a little extra protection in case getxattr() gets a little
buggy ... then again maybe not, your call.
--
paul moore
linux @ hp
--
This message was distributed to subscribers of the selinux mailing list.
If you no longer wish to subscribe, send mail to majordomo@xxxxxxxxxxxxx with
the words "unsubscribe selinux" without quotes as the message.
