touch-packages team mailing list archive

Thread
Date

[Bug 1220861] Re: [REGRESSION] Task based libapparmor getcon functions don't always NUL-terminate con strings properly

To: touch-packages@xxxxxxxxxxxxxxxxxxx
From: Steve Beattie <sbeattie@xxxxxxxxxx>
Date: Fri, 17 Oct 2014 23:30:17 -0000
Reply-to: Bug 1220861 <1220861@xxxxxxxxxxxxxxxxxx>
Sender: bounces@xxxxxxxxxxxxx

Apparmor 2.9.0 has been released; closing.

** Changed in: apparmor
       Status: Fix Committed => Fix Released

-- 
You received this bug notification because you are a member of Ubuntu
Touch seeded packages, which is subscribed to apparmor in Ubuntu.
https://bugs.launchpad.net/bugs/1220861

Title:
  [REGRESSION] Task based libapparmor getcon functions don't always NUL-
  terminate con strings properly

Status in AppArmor Linux application security framework:
  Fix Released
Status in “apparmor” package in Ubuntu:
  Fix Released

Bug description:
  Starting with upstream revision 2125 and Ubuntu package 2.8.0-0ubuntu25,
  the task based libapparmor getcon functions changed behavior on how they
  handled NULL mode strings.

  Old behavior:

  $ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
  $ echo "profile getcon { file, }" | sudo apparmor_parser -qr
  $ aa-exec -p getcon -- ./getcon
  con = [getcon]

  New behavior:

  $ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
  $ echo "profile getcon { file, }" | sudo apparmor_parser -qr
  $ aa-exec -p getcon -- ./getcon
  con = [getcon (enforce)]

  The con string is not being NUL-terminated before the mode string when
  the mode pointer is NULL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/apparmor/+bug/1220861/+subscriptions