diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-05-12 06:40:51 +0900 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-05-12 11:07:21 +1000 |
commit | e77dc3460fa59be5759e9327ad882868eee9d61b (patch) | |
tree | dc342433cce9dbdaa3ad36f250d21d575d1c8775 | |
parent | 3a852d3bd53e718206a18b015909c4b575952692 (diff) | |
download | op-kernel-dev-e77dc3460fa59be5759e9327ad882868eee9d61b.zip op-kernel-dev-e77dc3460fa59be5759e9327ad882868eee9d61b.tar.gz |
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating
"<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given.
As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected.
Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
-rw-r--r-- | security/tomoyo/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 9bfc1ee..6d53932 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname) if (!cp) break; if (*domainname != '/' || - !tomoyo_correct_word2(domainname, cp - domainname - 1)) + !tomoyo_correct_word2(domainname, cp - domainname)) goto out; domainname = cp + 1; } |