-----BEGIN PGP SIGNED MESSAGE----- Hash: SHA1 This patch looks good to me. acked. -----BEGIN PGP SIGNATURE----- Version: GnuPG v1.4.12 (GNU/Linux) Comment: Using GnuPG with Mozilla - http://enigmail.mozdev.org/ iEYEARECAAYFAk+Vv9sACgkQrlYvE4MpobOE9gCg2G1dwcOlmyEeIPjx1VEPIqWU ii4AoIHWZbQ8T/TKxrMlniWeG/bzfxQN =l3eh -----END PGP SIGNATURE-----
>From f9e4c42a3cd1691d1eef9cb2c06f875f5f52ca64 Mon Sep 17 00:00:00 2001 From: Eric Paris <eparis@xxxxxxxxxx> Date: Mon, 23 Apr 2012 16:13:46 -0400 Subject: [PATCH 49/49] libsepol: allocate enough space to hold filename in trans rules There is an off by one bug in which the filename length stored with filename_trans_rules is stored as strlen (aka, no nul) however the code to allocate space and read the name back in from policy only allocates len, and not the len + 1 needed to hold the nul. Allocate enough space for the nul. Signed-off-by: Eric Paris <eparis@xxxxxxxxxx> --- libsepol/src/policydb.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/libsepol/src/policydb.c b/libsepol/src/policydb.c index a84de2f..ff292f6 100644 --- a/libsepol/src/policydb.c +++ b/libsepol/src/policydb.c @@ -2380,7 +2380,7 @@ int filename_trans_read(filename_trans_t **t, struct policy_file *fp) return -1; len = le32_to_cpu(buf[0]); - name = calloc(len, sizeof(*name)); + name = calloc(len + 1, sizeof(*name)); if (!name) return -1; -- 1.7.10
