diff options
author | John Johansen <john.johansen@canonical.com> | 2013-02-27 12:45:05 +0100 |
---|---|---|
committer | John Johansen <john.johansen@canonical.com> | 2013-04-28 09:39:37 +0200 |
commit | 2654bfbc2bd0e1e64f0b257c21da23f6cec32c6c (patch) | |
tree | e82423fd02f8cb9911b7c39229bd98d754a063ea /security/apparmor/lib.c | |
parent | apparmor: fix setprocattr arg processing for onexec (diff) | |
download | linux-2654bfbc2bd0e1e64f0b257c21da23f6cec32c6c.tar.xz linux-2654bfbc2bd0e1e64f0b257c21da23f6cec32c6c.zip |
apparmor: fix fully qualified name parsing
currently apparmor name parsing is only correctly handling
:<NS>:<profile>
but
:<NS>://<profile>
is also a valid form and what is exported to userspace.
Signed-off-by: John Johansen <john.johansen@canonical.com>
Diffstat (limited to 'security/apparmor/lib.c')
-rw-r--r-- | security/apparmor/lib.c | 6 |
1 files changed, 4 insertions, 2 deletions
diff --git a/security/apparmor/lib.c b/security/apparmor/lib.c index d6e1f2148398..d40bc592180d 100644 --- a/security/apparmor/lib.c +++ b/security/apparmor/lib.c @@ -45,8 +45,10 @@ char *aa_split_fqname(char *fqname, char **ns_name) *ns_name = skip_spaces(&name[1]); if (split) { /* overwrite ':' with \0 */ - *split = 0; - name = skip_spaces(split + 1); + *split++ = 0; + if (strncmp(split, "//", 2) == 0) + split += 2; + name = skip_spaces(split); } else /* a ns name without a following profile is allowed */ name = NULL; |