* [PATCH] tomoyo: Fix incorrect return value from tomoyo_find_next_domain()
@ 2019-08-01 3:03 Takeshi Misawa
0 siblings, 0 replies; only message in thread
From: Takeshi Misawa @ 2019-08-01 3:03 UTC (permalink / raw)
To: Tetsuo Handa, Kentaro Takeda; +Cc: linux-kernel
When filename exceeds PATH_MAX,
tomoyo_find_next_domain() retval is not ENAMETOOLONG, but ENOENT.
Fix this by retuen kern_path() error.
Signed-off-by: Takeshi Misawa <jeliantsurux@gmail.com>
---
Dear Tetsuo Handa
I found unexpected return value from TOMOYO and try to create a patch.
If this is not acceptable for security reason, please discard this patch.
Regards.
---
security/tomoyo/domain.c | 7 +++++--
security/tomoyo/realpath.c | 9 +++++++--
2 files changed, 12 insertions(+), 4 deletions(-)
diff --git a/security/tomoyo/domain.c b/security/tomoyo/domain.c
index 8526a0a74023..3d8034701344 100644
--- a/security/tomoyo/domain.c
+++ b/security/tomoyo/domain.c
@@ -723,8 +723,10 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
/* Get symlink's pathname of program. */
retval = -ENOENT;
exename.name = tomoyo_realpath_nofollow(original_name);
- if (!exename.name)
+ if (IS_ERR(exename.name)) {
+ retval = PTR_ERR(exename.name);
goto out;
+ }
tomoyo_fill_path_info(&exename);
retry:
/* Check 'aggregator' directive. */
@@ -870,7 +872,8 @@ int tomoyo_find_next_domain(struct linux_binprm *bprm)
s->domain_info = domain;
atomic_inc(&domain->users);
}
- kfree(exename.name);
+ if (!IS_ERR(exename.name))
+ kfree(exename.name);
if (!retval) {
ee->r.domain = domain;
retval = tomoyo_environ(ee);
diff --git a/security/tomoyo/realpath.c b/security/tomoyo/realpath.c
index e7832448d721..d73e66be05ef 100644
--- a/security/tomoyo/realpath.c
+++ b/security/tomoyo/realpath.c
@@ -332,10 +332,15 @@ char *tomoyo_realpath_from_path(const struct path *path)
char *tomoyo_realpath_nofollow(const char *pathname)
{
struct path path;
+ char *buf = NULL;
+ int err;
- if (pathname && kern_path(pathname, 0, &path) == 0) {
- char *buf = tomoyo_realpath_from_path(&path);
+ if (pathname) {
+ err = kern_path(pathname, 0, &path);
+ if (unlikely(err))
+ return ERR_PTR(err);
+ buf = tomoyo_realpath_from_path(&path);
path_put(&path);
return buf;
}
--
2.17.1
^ permalink raw reply related [flat|nested] only message in thread
only message in thread, other threads:[~2019-08-01 3:03 UTC | newest]
Thread overview: (only message) (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2019-08-01 3:03 [PATCH] tomoyo: Fix incorrect return value from tomoyo_find_next_domain() Takeshi Misawa
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox;
as well as URLs for NNTP newsgroup(s).