From owner-p4-projects Mon Oct 7 14:41: 8 2002 Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 3910037B404; Mon, 7 Oct 2002 14:41:06 -0700 (PDT) Delivered-To: perforce@freebsd.org Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125]) by hub.freebsd.org (Postfix) with ESMTP id DA66437B401; Mon, 7 Oct 2002 14:41:05 -0700 (PDT) Received: from fledge.watson.org (fledge.watson.org [204.156.12.50]) by mx1.FreeBSD.org (Postfix) with ESMTP id 2AB5C43E42; Mon, 7 Oct 2002 14:41:05 -0700 (PDT) (envelope-from robert@fledge.watson.org) Received: from fledge.watson.org (fledge.pr.watson.org [192.0.2.3]) by fledge.watson.org (8.12.4/8.12.4) with SMTP id g97LeaOo099951; Mon, 7 Oct 2002 17:40:37 -0400 (EDT) (envelope-from robert@fledge.watson.org) Date: Mon, 7 Oct 2002 17:40:36 -0400 (EDT) From: Robert Watson X-Sender: robert@fledge.watson.org To: Brian Feldman Cc: Perforce Change Reviews Subject: Re: PERFORCE change 18882 for review In-Reply-To: <200210072056.g97KuUGG056842@freefall.freebsd.org> Message-ID: MIME-Version: 1.0 Content-Type: TEXT/PLAIN; charset=US-ASCII Sender: owner-p4-projects@FreeBSD.ORG Precedence: bulk List-ID: List-Archive: (Web Archive) List-Help: (List Instructions) List-Subscribe: List-Unsubscribe: X-Loop: FreeBSD.ORG You can use the in-kernel strvalid() routine to check that a character buffer contains a valid nul-terminated string, btw. Robert N M Watson FreeBSD Core Team, TrustedBSD Projects robert@fledge.watson.org Network Associates Laboratories On Mon, 7 Oct 2002, Brian Feldman wrote: > http://people.freebsd.org/~peter/p4db/chv.cgi?CH=18882 > > Change 18882 by green@green_laptop_2 on 2002/10/07 13:56:09 > > Don't print past the end of the context from the disk if it's > not nul-terminated. > > Affected files ... > > .. //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#31 edit > > Differences ... > > ==== //depot/projects/trustedbsd/mac/sys/security/sebsd/sebsd.c#31 (text+ko) ==== > > @@ -406,7 +406,7 @@ > > vsec = SLOT(vnodelabel); > > - context_len = 128; /* TBD: bad fixed length */ > + context_len = sizeof(context) - 1; /* TBD: bad fixed length */ > error = vn_extattr_get(vp, IO_NODELOCKED, > SEBSD_MAC_EXTATTR_NAMESPACE, > SEBSD_MAC_EXTATTR_NAME, > @@ -424,20 +424,19 @@ > if (error) { > return (error); /* Fail closed */ > } > - > if (sebsd_verbose > 1) { > struct vattr va; > > VOP_GETATTR(vp, &va, curthread->td_ucred, curthread); > - printf("sebsd_vnode_from_extattr: len=%d: context=%s " > - "inode=%ld, fsid=%d\n", context_len, context, > - va.va_fileid, va.va_fsid); > + printf("sebsd_vnode_from_extattr: len=%d: context=%.*s " > + "inode=%ld, fsid=%d\n", context_len, context_len, > + context, va.va_fileid, va.va_fsid); > } > > error = security_context_to_sid(context, context_len, &vsec->sid); > if (error) { > printf("sebsd_update_vnode_from_extattr: ERROR mapping " > - "context to sid: %s\n", context); > + "context to sid: %.*s\n", context_len, context); > return (0); /* TBD bad, bad, bad */ > } > > To Unsubscribe: send mail to majordomo@FreeBSD.org with "unsubscribe p4-projects" in the body of the message