From 4a26cc60e7c7981362b7000d835c76066a9d722e Mon Sep 17 00:00:00 2001
From: Jiwoong Im <jiwoong.im@samsung.com>
Date: Mon, 1 Feb 2016 16:28:23 +0900
Subject: [PATCH] daemon : modify code in getting client socket label

Change-Id: I67117bca6e7c70e625fa6d1d38527d019e59018f
Signed-off-by: Jiwoong Im <jiwoong.im@samsung.com>
---
 daemon/socks.c | 32 ++++++++++++++++----------------
 1 file changed, 16 insertions(+), 16 deletions(-)

diff --git a/daemon/socks.c b/daemon/socks.c
index b8ec210..699efcc 100644
--- a/daemon/socks.c
+++ b/daemon/socks.c
@@ -177,6 +177,7 @@ int sock_get_client_cred(int fd, struct ucred *cred)
 
 int sock_get_client_label(int fd, char **label)
 {
+	char buf[256];
 	int r;
 	socklen_t len;
 	char *l;
@@ -191,24 +192,23 @@ int sock_get_client_label(int fd, char **label)
 		return 0;
 	}
 
-	len = 0;
-	r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, NULL, &len);
-	if (r == 0) {
-		/* Never reach here */
-		bxt_err("Client %d: get SO_PEERSEC: 0", fd);
-		*label = NULL;
-		smack_not_supported = 1;
-		return 0;
-	}
-
-	if (errno == ENOPROTOOPT) {
-		smack_not_supported = 1;
-		*label = NULL;
+	len = sizeof(buf);
+	r = getsockopt(fd, SOL_SOCKET, SO_PEERSEC, &buf, &len);
+	/*
+	 * Becasue getsockopt can return zero in some kernel even there is an error,
+	 * check the case of returning longer 'len' than the size of stack buffer.
+	 */
+	if (r == 0 && sizeof(buf) > len) {
+		*label = strdup(buf);
+		bxt_dbg("Client %d: Label '%s'", fd, label);
 		return 0;
-	}
-
-	if (errno != ERANGE) {
+	} else if (errno != ERANGE) {
 		bxt_err("Client %d: get SO_PEERSEC: %d", fd, errno);
+		if (errno == ENOPROTOOPT) {
+			*label = NULL;
+			smack_not_supported = 1;
+			return 0;
+		}
 		return -1;
 	}
 
-- 
2.7.4