MIRRORS/linux-yocto
1
0
Fork 0
mirror of git://git.yoctoproject.org/linux-yocto.git synced 2025-08-22 00:42:01 +02:00
Code Issues Actions Packages Projects Releases Wiki Activity
v6.1.147
linux-yocto/security/selinux
History
Stephen Smalley 210a773703 selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len 
commit 86c8db86af upstream.

We should count the terminating NUL byte as part of the ctx_len.
Otherwise, UBSAN logs a warning:
  UBSAN: array-index-out-of-bounds in security/selinux/xfrm.c:99:14
  index 60 is out of range for type 'char [*]'

The allocation itself is correct so there is no actual out of bounds
indexing, just a warning.

Cc: stable@vger.kernel.org
Suggested-by: Christian Göttsche <cgzones@googlemail.com>
Link: https://lore.kernel.org/selinux/CAEjxPJ6tA5+LxsGfOJokzdPeRomBHjKLBVR6zbrg+_w3ZZbM3A@mail.gmail.com/
Signed-off-by: Stephen Smalley <stephen.smalley.work@gmail.com>
Signed-off-by: Paul Moore <paul@paul-moore.com>
Signed-off-by: Greg Kroah-Hartman <gregkh@linuxfoundation.org>
2025-06-27 11:07:37 +01:00
..
include ima: Avoid blocking in RCU read-side critical section 2024-07-11 12:47:16 +02:00
ss selinux: ignore unknown extended permissions 2025-01-09 13:29:56 +01:00
.gitignore .gitignore: add SPDX License Identifier 2020-03-25 11:50:48 +01:00
avc.c selinux: fix potential counting error in avc_add_xperms_decision() 2024-08-29 17:30:15 +02:00
hooks.c selinux,smack: don't bypass permissions check in inode_setsecctx hook 2024-10-17 15:21:15 +02:00
ibpkey.c selinux: various sparse fixes 2022-02-01 19:08:28 -05:00
ima.c selinux/stable-5.18 PR 20220321 2022-03-21 20:47:54 -07:00
Kconfig Documentation,selinux: deprecate setting checkreqprot to 1 2020-02-10 10:49:01 -05:00
Makefile selinux: don't use make's grouped targets feature yet 2023-06-09 10:34:24 +02:00
netif.c selinux: remove unused global variables 2021-01-12 09:49:01 -05:00
netlabel.c security: pass asoc to sctp_assoc_request and sctp_sk_clone 2021-11-03 11:09:20 +00:00
netlink.c selinux: mark some global variables __ro_after_init 2021-01-12 10:08:55 -05:00
netnode.c selinux: various sparse fixes 2022-02-01 19:08:28 -05:00
netport.c selinux: various sparse fixes 2022-02-01 19:08:28 -05:00
nlmsgtab.c selinux: resolve checkpatch errors 2022-05-03 13:59:15 -04:00
selinuxfs.c selinux: improve error checking in sel_write_load() 2024-11-01 01:56:07 +01:00
status.c selinux: move status variables out of selinux_ss 2020-02-10 10:49:01 -05:00
xfrm.c selinux: fix selinux_xfrm_alloc_user() to set correct ctx_len 2025-06-27 11:07:37 +01:00