Skip to content

L
lxc
Unverified Commit dc117b6b by Christian Brauner Committed by GitHub
Options

Merge pull request #3799 from evverx/apparmor-bytes

apparmor: turn bytes into null-terminated strings before calling strcspn
parents 44990884 699e7f88
Showing with 8 additions and 1 deletion
src/lxc/lsm/apparmor.c
...@@ -431,6 +431,7 @@ error: ...@@ -431,6 +431,7 @@ error:
static char *apparmor_process_label_get(struct lsm_ops *ops, pid_t pid) static char *apparmor_process_label_get(struct lsm_ops *ops, pid_t pid)
{ {
__do_close int fd_label = -EBADF; __do_close int fd_label = -EBADF;
__do_free char *buf = NULL;
__do_free char *label = NULL; __do_free char *label = NULL;
int ret; int ret;
size_t len; size_t len;
...@@ -439,13 +440,19 @@ static char *apparmor_process_label_get(struct lsm_ops *ops, pid_t pid) ...@@ -439,13 +440,19 @@ static char *apparmor_process_label_get(struct lsm_ops *ops, pid_t pid)
if (fd_label < 0) if (fd_label < 0)
return NULL; return NULL;
ret = fd_to_buf(fd_label, &label, &len); ret = fd_to_buf(fd_label, &buf, &len);
if (ret < 0) if (ret < 0)
return NULL; return NULL;
if (len == 0) if (len == 0)
return NULL; return NULL;
label = malloc(len + 1);
if (!label)
return NULL;
memcpy(label, buf, len);
label[len] = '\0';
len = strcspn(label, "\n \t"); len = strcspn(label, "\n \t");
if (len) if (len)
label[len] = '\0'; label[len] = '\0';
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment