From e9e247d4c3b4b662d4847ed53f52ae79682fb835 Mon Sep 17 00:00:00 2001 From: Jarkko Sakkinen Date: Fri, 10 Jan 2014 09:47:25 +0200 Subject: [PATCH] MSM: fix access type length and validation This patch fixes three issues with access type: - SMACK_ACCESS_TYPE_LENGHT -> SMACK_ACCESS_TYPE_LENGTH - Changed the value of SMACK_ACCESS_TYPE_LENGTH from 5 to 6. - String length was calculated with unsafe 'strlen()'. Changed to use strlen(type, SMACK_LABEL_LENGTH + 1) instead. Change-Id: I127d7b2beb8a3258ec1e4a5142f253f842b2fa7a Signed-off-by: Jarkko Sakkinen --- plugins/msm.h | 2 +- plugins/msmmanifest.c | 3 ++- 2 files changed, 3 insertions(+), 2 deletions(-) diff --git a/plugins/msm.h b/plugins/msm.h index f1bdcc8..30f85a7 100644 --- a/plugins/msm.h +++ b/plugins/msm.h @@ -39,7 +39,7 @@ #define SMACK_ISOLATED_LABEL "Isolated" #define SMACK_LABEL_LENGTH 255 -#define SMACK_ACCESS_TYPE_LENGHT 5 +#define SMACK_ACCESS_TYPE_LENGTH 6 #define SMACK_UNINSTALL 1 #define RANK_LIMIT 10000 diff --git a/plugins/msmmanifest.c b/plugins/msmmanifest.c index 5c14e09..73f7c4b 100644 --- a/plugins/msmmanifest.c +++ b/plugins/msmmanifest.c @@ -51,7 +51,8 @@ static int msmVerifyAccessType(const char* type) int res = 0, idx = 0; if (type) { - if (strlen(type) > SMACK_ACCESS_TYPE_LENGHT) { + if (strnlen(type, SMACK_ACCESS_TYPE_LENGTH + 1) > + SMACK_ACCESS_TYPE_LENGTH) { rpmlog(RPMLOG_ERR, "Lenght of the access type is bigger than allowed value: %s\n", type); return -1; } -- 2.7.4