Ubuntu
apparmor package

[REGRESSION] Task based libapparmor getcon functions don't always NUL-terminate con strings properly

Bug #1220861 reported by Tyler Hicks
6
This bug affects 1 person
Affects Status Importance Assigned to Milestone
AppArmor
Fix Released
High
Tyler Hicks
AppArmor 2.9.0
apparmor (Ubuntu)
Fix Released
High
Tyler Hicks

Bug Description

Starting with upstream revision 2125 and Ubuntu package 2.8.0-0ubuntu25,
the task based libapparmor getcon functions changed behavior on how they
handled NULL mode strings.

Old behavior:

$ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
$ echo "profile getcon { file, }" | sudo apparmor_parser -qr
$ aa-exec -p getcon -- ./getcon
con = [getcon]

New behavior:

$ gcc -Wall -pedantic -o getcon getcon.c -lapparmor
$ echo "profile getcon { file, }" | sudo apparmor_parser -qr
$ aa-exec -p getcon -- ./getcon
con = [getcon (enforce)]

The con string is not being NUL-terminated before the mode string when
the mode pointer is NULL.

Revision history for this message
Tyler Hicks (tyhicks) wrote :
Changed in apparmor:
status: New → In Progress
importance: Undecided → High
assignee: nobody → Tyler Hicks (tyhicks)
Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package apparmor - 2.8.0-0ubuntu28

---------------
apparmor (2.8.0-0ubuntu28) saucy; urgency=low

  [ Tyler Hicks ]
  * Move the aa-exec man page out of apparmor-utils into apparmor, since
    aa-exec is now in apparmor
    - debian/control: adjust Breaks/Replaces to use apparmor-utils
      (<< 2.8.0-0ubuntu28)
    - debian/apparmor.manpages: install the aa-exec man page
    - debian/apparmor-utils.manpages: don't install the aa-exec man page
  * debian/patches/0065-lp1220861.patch: Always NUL-terminate confinement
    context strings returned from libapparmor (LP: #1220861)
  * debian/patches/0066-lp1196880.patch: Don't assign mode pointer in
    aa_getprocattr() if caller passed in NULL (LP: #1196880)
  * debian/patches/0067-libapparmor-mode-strings-are-not-to-be-freed.patch:
    Update man page and code comments to make it clear that freeing the *con
    string returned from libapparmor's getcon functions also frees the *mode
    string
  * debian/patches/0068-libapparmor-mention-dbus-method-in-getcon-man.patch:
    Document the D-Bus method, in the aa_getcon man page, that returns the
    AppArmor task confinement string of a D-Bus connection

  [ Jamie Strandboge ]
  * debian/patches/0069-p11kit-abstraction.patch: p11-kit needs access to
    /usr/share/p11-kit/modules
 -- Jamie Strandboge <email address hidden> Tue, 10 Sep 2013 12:06:06 -0500

Changed in apparmor (Ubuntu):
status: In Progress → Fix Released
Revision history for this message
Tyler Hicks (tyhicks) wrote :

The fix was committed upstream as r2162

Changed in apparmor:
status: In Progress → Fix Committed
Steve Beattie (sbeattie)
Changed in apparmor:
milestone: none → 2.9.0
Revision history for this message
Steve Beattie (sbeattie) wrote :

Apparmor 2.9.0 has been released; closing.

Changed in apparmor:
status: Fix Committed → Fix Released
To post a comment you must log in.
This report contains Public information  
Everyone can see this information.
Subscribing...

Other bug subscribers

Bug attachments

Remote bug watches

Bug watches keep track of this bug in other bug trackers.