diff options
author | Mickaël Salaün <mic@digikod.net> | 2024-02-23 20:05:46 +0100 |
---|---|---|
committer | Paul Moore <paul@paul-moore.com> | 2024-02-23 17:16:33 -0500 |
commit | 6d2fb472ea9ea27f765f10ba65ec73d30f6b7977 (patch) | |
tree | 8b39d68c46c7859cc90d8bf1063e2c67d9c05536 /net/netfilter/nft_synproxy.c | |
parent | 86dc9693145bc3b2c21d2bc6a2563376ba8b15ff (diff) |
apparmor: fix lsm_get_self_attr()
In apparmor_getselfattr() when an invalid AppArmor attribute is
requested, or a value hasn't been explicitly set for the requested
attribute, the label passed to aa_put_label() is not properly
initialized which can cause problems when the pointer value is non-NULL
and AppArmor attempts to drop a reference on the bogus label object.
Cc: Casey Schaufler <casey@schaufler-ca.com>
Cc: John Johansen <john.johansen@canonical.com>
Fixes: 223981db9baf ("AppArmor: Add selfattr hooks")
Signed-off-by: Mickaël Salaün <mic@digikod.net>
Reviewed-by: Paul Moore <paul@paul-moore.com>
[PM: description changes as discussed with MS]
Signed-off-by: Paul Moore <paul@paul-moore.com>
Diffstat (limited to 'net/netfilter/nft_synproxy.c')
0 files changed, 0 insertions, 0 deletions