From: "Serge E. Hallyn" <serge@hallyn.com> To: Tyler Hicks <tyhicks@canonical.com> Cc: John Johansen <john.johansen@canonical.com>, James Morris <jmorris@namei.org>, Serge Hallyn <serge@hallyn.com>, Seth Arnold <seth.arnold@canonical.com>, linux-security-module@vger.kernel.org, linux-kernel@vger.kernel.org Subject: Re: [PATCH 2/2] apparmor: Fully initialize aa_perms struct when answering userspace query Date: Tue, 10 Jul 2018 10:03:58 -0500 [thread overview] Message-ID: <20180710150358.GD1661@mail.hallyn.com> (raw) In-Reply-To: <1530854701-7348-3-git-send-email-tyhicks@canonical.com> Quoting Tyler Hicks (tyhicks@canonical.com): > Fully initialize the aa_perms struct in profile_query_cb() to avoid the > potential of using an uninitialized struct member's value in a response > to a query from userspace. > > Detected by CoverityScan CID#1415126 ("Uninitialized scalar variable") > > Fixes: 4f3b3f2d79a4 ("apparmor: add profile permission query ability") > Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Serge Hallyn <serge@hallyn.com> > --- > security/apparmor/apparmorfs.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c > index 949dd8a48164..e09fe4d7307c 100644 > --- a/security/apparmor/apparmorfs.c > +++ b/security/apparmor/apparmorfs.c > @@ -603,7 +603,7 @@ static const struct file_operations aa_fs_ns_revision_fops = { > static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > const char *match_str, size_t match_len) > { > - struct aa_perms tmp; > + struct aa_perms tmp = { }; > struct aa_dfa *dfa; > unsigned int state = 0; > > @@ -613,7 +613,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > dfa = profile->file.dfa; > state = aa_dfa_match_len(dfa, profile->file.start, > match_str + 1, match_len - 1); > - tmp = nullperms; > if (state) { > struct path_cond cond = { }; > > @@ -627,8 +626,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > match_str, match_len); > if (state) > aa_compute_perms(dfa, state, &tmp); > - else > - tmp = nullperms; > } > aa_apply_modes_to_perms(profile, &tmp); > aa_perms_accum_raw(perms, &tmp); > -- > 2.7.4
WARNING: multiple messages have this Message-ID (diff)
From: serge@hallyn.com (Serge E. Hallyn) To: linux-security-module@vger.kernel.org Subject: [PATCH 2/2] apparmor: Fully initialize aa_perms struct when answering userspace query Date: Tue, 10 Jul 2018 10:03:58 -0500 [thread overview] Message-ID: <20180710150358.GD1661@mail.hallyn.com> (raw) In-Reply-To: <1530854701-7348-3-git-send-email-tyhicks@canonical.com> Quoting Tyler Hicks (tyhicks at canonical.com): > Fully initialize the aa_perms struct in profile_query_cb() to avoid the > potential of using an uninitialized struct member's value in a response > to a query from userspace. > > Detected by CoverityScan CID#1415126 ("Uninitialized scalar variable") > > Fixes: 4f3b3f2d79a4 ("apparmor: add profile permission query ability") > Signed-off-by: Tyler Hicks <tyhicks@canonical.com> Acked-by: Serge Hallyn <serge@hallyn.com> > --- > security/apparmor/apparmorfs.c | 5 +---- > 1 file changed, 1 insertion(+), 4 deletions(-) > > diff --git a/security/apparmor/apparmorfs.c b/security/apparmor/apparmorfs.c > index 949dd8a48164..e09fe4d7307c 100644 > --- a/security/apparmor/apparmorfs.c > +++ b/security/apparmor/apparmorfs.c > @@ -603,7 +603,7 @@ static const struct file_operations aa_fs_ns_revision_fops = { > static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > const char *match_str, size_t match_len) > { > - struct aa_perms tmp; > + struct aa_perms tmp = { }; > struct aa_dfa *dfa; > unsigned int state = 0; > > @@ -613,7 +613,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > dfa = profile->file.dfa; > state = aa_dfa_match_len(dfa, profile->file.start, > match_str + 1, match_len - 1); > - tmp = nullperms; > if (state) { > struct path_cond cond = { }; > > @@ -627,8 +626,6 @@ static void profile_query_cb(struct aa_profile *profile, struct aa_perms *perms, > match_str, match_len); > if (state) > aa_compute_perms(dfa, state, &tmp); > - else > - tmp = nullperms; > } > aa_apply_modes_to_perms(profile, &tmp); > aa_perms_accum_raw(perms, &tmp); > -- > 2.7.4 -- To unsubscribe from this list: send the line "unsubscribe linux-security-module" in the body of a message to majordomo at vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
next prev parent reply other threads:[~2018-07-10 15:04 UTC|newest] Thread overview: 14+ messages / expand[flat|nested] mbox.gz Atom feed top 2018-07-06 5:24 [PATCH 0/2] Fix AppArmor issues found through static analysis Tyler Hicks 2018-07-06 5:24 ` Tyler Hicks 2018-07-06 5:25 ` [PATCH 1/2] apparmor: Check buffer bounds when mapping permissions mask Tyler Hicks 2018-07-06 5:25 ` Tyler Hicks 2018-07-10 15:00 ` Serge E. Hallyn 2018-07-10 15:00 ` Serge E. Hallyn 2018-07-19 23:28 ` John Johansen 2018-07-19 23:28 ` John Johansen 2018-07-06 5:25 ` [PATCH 2/2] apparmor: Fully initialize aa_perms struct when answering userspace query Tyler Hicks 2018-07-06 5:25 ` Tyler Hicks 2018-07-10 15:03 ` Serge E. Hallyn [this message] 2018-07-10 15:03 ` Serge E. Hallyn 2018-07-19 23:28 ` John Johansen 2018-07-19 23:28 ` John Johansen
Reply instructions: You may reply publicly to this message via plain-text email using any one of the following methods: * Save the following mbox file, import it into your mail client, and reply-to-all from there: mbox Avoid top-posting and favor interleaved quoting: https://en.wikipedia.org/wiki/Posting_style#Interleaved_style * Reply using the --to, --cc, and --in-reply-to switches of git-send-email(1): git send-email \ --in-reply-to=20180710150358.GD1661@mail.hallyn.com \ --to=serge@hallyn.com \ --cc=jmorris@namei.org \ --cc=john.johansen@canonical.com \ --cc=linux-kernel@vger.kernel.org \ --cc=linux-security-module@vger.kernel.org \ --cc=seth.arnold@canonical.com \ --cc=tyhicks@canonical.com \ /path/to/YOUR_REPLY https://kernel.org/pub/software/scm/git/docs/git-send-email.html * If your mail client supports setting the In-Reply-To header via mailto: links, try the mailto: linkBe sure your reply has a Subject: header at the top and a blank line before the message body.
This is an external index of several public inboxes, see mirroring instructions on how to clone and mirror all data and code used by this external index.