diff options
author | Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> | 2011-05-11 23:40:51 +0200 |
---|---|---|
committer | James Morris <jmorris@namei.org> | 2011-05-12 03:07:21 +0200 |
commit | e77dc3460fa59be5759e9327ad882868eee9d61b (patch) | |
tree | dc342433cce9dbdaa3ad36f250d21d575d1c8775 /security | |
parent | CRED: Fix load_flat_shared_library() to initialise bprm correctly (diff) | |
download | linux-e77dc3460fa59be5759e9327ad882868eee9d61b.tar.xz linux-e77dc3460fa59be5759e9327ad882868eee9d61b.zip |
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating
"<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given.
As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected.
Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp>
Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>
Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r-- | security/tomoyo/util.c | 2 |
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c index 9bfc1ee8222d..6d5393204d95 100644 --- a/security/tomoyo/util.c +++ b/security/tomoyo/util.c @@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname) if (!cp) break; if (*domainname != '/' || - !tomoyo_correct_word2(domainname, cp - domainname - 1)) + !tomoyo_correct_word2(domainname, cp - domainname)) goto out; domainname = cp + 1; } |