← Back to branch summary

~ubuntu-branches/ubuntu/raring/apparmor/raring

« back to all changes in this revision

Viewing changes to kernel-patches/for-mainline/unreachabe-paths.diff

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2007-03-23 16:42:01 UTC
  • Revision ID: james.westby@ubuntu.com-20070323164201-jkax6f0oku087b7l
Tags: upstream-2.0.1+510.dfsg
ImportĀ upstreamĀ versionĀ 2.0.1+510.dfsg

Show diffs side-by-side

added added

removed removed

Lines of Context:
kernel-patches/for-mainline/unreachabe-paths.diff
 
1
There is no need to go throught the whole state machine for unreachable
 
2
dentries; they will never match.
 
3
 
 
4
Index: b/security/apparmor/main.c
 
5
===================================================================
 
6
--- a/security/apparmor/main.c
 
7
+++ b/security/apparmor/main.c
 
8
@@ -172,6 +172,14 @@ static char *aa_get_name(struct dentry *
 
9
 
 
10
                name = d_namespace_path(dentry, mnt, buf, size);
 
11
                if (!IS_ERR(name)) {
 
12
+                       if (name[0] != '/') {
 
13
+                               /*
 
14
+                                * This dentry is not connected to the
 
15
+                                * namespace root -- reject access.
 
16
+                                */
 
17
+                               kfree(buf);
 
18
+                               return ERR_PTR(-ENOENT);
 
19
+                       }
 
20
                        *buffer = buf;
 
21
                        return name;
 
22
                }