-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
This patch looks good to me. acked.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.13 (GNU/Linux)
Comment: Using GnuPG with Thunderbird - http://www.enigmail.net/
iEYEARECAAYFAlD+nwwACgkQrlYvE4MpobPxcwCePzY64JhlL2NmZ1p7m/iOh1as
d0AAoLIN8AW+C+buxy3DYBuNqIYPIpue
=Zn4Y
-----END PGP SIGNATURE-----
>From f939b3423b0d928d206cd9a912848515bcdcb21b Mon Sep 17 00:00:00 2001
From: Eric Paris <eparis@xxxxxxxxxx>
Date: Tue, 4 Dec 2012 15:23:57 -0500
Subject: [PATCH 04/84] libselinux: audit2why: make sure path is nul terminated
We use strncpy which could leave a non-nul terminated string if the
source is longer than PATH_MAX. Add that nul.
Signed-off-by: Eric Paris <eparis@xxxxxxxxxx>
---
libselinux/src/audit2why.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/libselinux/src/audit2why.c b/libselinux/src/audit2why.c
index 02483a3..807bc42 100644
--- a/libselinux/src/audit2why.c
+++ b/libselinux/src/audit2why.c
@@ -195,8 +195,9 @@ static int __policy_init(const char *init_path)
int rc;
unsigned int cnt;
+ path[PATH_MAX-1] = '\0';
if (init_path) {
- strncpy(path, init_path, PATH_MAX);
+ strncpy(path, init_path, PATH_MAX-1);
fp = fopen(path, "r");
if (!fp) {
snprintf(errormsg, sizeof(errormsg),
--
1.8.1
