summaryrefslogtreecommitdiffstats
path: root/security
diff options
context:
space:
mode:
authorTetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp>2011-05-11 23:40:51 +0200
committerJames Morris <jmorris@namei.org>2011-05-12 03:07:21 +0200
commite77dc3460fa59be5759e9327ad882868eee9d61b (patch)
treedc342433cce9dbdaa3ad36f250d21d575d1c8775 /security
parentCRED: Fix load_flat_shared_library() to initialise bprm correctly (diff)
downloadlinux-e77dc3460fa59be5759e9327ad882868eee9d61b.tar.xz
linux-e77dc3460fa59be5759e9327ad882868eee9d61b.zip
TOMOYO: Fix wrong domainname validation.
In tomoyo_correct_domain() since 2.6.36, TOMOYO was by error validating "<kernel>" + "/foo/\" + "/bar" when "<kernel> /foo/\* /bar" was given. As a result, legal domainnames like "<kernel> /foo/\* /bar" are rejected. Reported-by: Hayama Yossihiro <yossi@yedo.src.co.jp> Signed-off-by: Tetsuo Handa <penguin-kernel@I-love.SAKURA.ne.jp> Signed-off-by: James Morris <jmorris@namei.org>
Diffstat (limited to 'security')
-rw-r--r--security/tomoyo/util.c2
1 files changed, 1 insertions, 1 deletions
diff --git a/security/tomoyo/util.c b/security/tomoyo/util.c
index 9bfc1ee8222d..6d5393204d95 100644
--- a/security/tomoyo/util.c
+++ b/security/tomoyo/util.c
@@ -390,7 +390,7 @@ bool tomoyo_correct_domain(const unsigned char *domainname)
if (!cp)
break;
if (*domainname != '/' ||
- !tomoyo_correct_word2(domainname, cp - domainname - 1))
+ !tomoyo_correct_word2(domainname, cp - domainname))
goto out;
domainname = cp + 1;
}