summaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-05-12 06:40:51 +0900
committerJames Morris <jmorris@namei.org>2011-05-12 11:07:21 +1000
commite77dc3460fa59be5759e9327ad882868eee9d61b (patch)
treedc342433cce9dbdaa3ad36f250d21d575d1c8775
parent3a852d3bd53e718206a18b015909c4b575952692 (diff)
downloadop-kernel-dev-e77dc3460fa59be5759e9327ad882868eee9d61b.zip
op-kernel-dev-e77dc3460fa59be5759e9327ad882868eee9d61b.tar.gz
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating "<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given. As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected. Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r--security/tomoyo/util.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index 9bfc1ee..6d53932 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname)
if (!cp)
break;
if (*domainname != '/' ||
- !tomoyo_correct_word2(domainname, cp - domainname - 1))
+ !tomoyo_correct_word2(domainname, cp - domainname))
goto out;
domainname = cp + 1;
}
OpenPOWER on IntegriCloud