[PATCH] sanitize security_getprocattr() API have it return the buffer it had allocated Acked-by: Stephen Smalley <sds@tycho.nsa.gov> Acked-by: James Morris <jmorris@namei.org> Signed-off-by: Al Viro <viro@zeniv.linux.org.uk> Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>

commit: 04ff97086b1a3237bbd1fe6390fa80fe75207e23 [log] [tgz]
author: Al Viro <viro@ftp.linux.org.uk> Mon Mar 12 16:17:58 2007 +0000
committer: Linus Torvalds <torvalds@woody.linux-foundation.org> Wed Mar 14 15:27:48 2007 -0700
tree: 877e26055759d84a726c6bc68245bc6f9a4a5753
parent: c4823bce033be74c0fcfbcae2f1be0854fdc2e18 [diff] [blame]
diff --git a/security/selinux/hooks.c b/security/selinux/hooks.c
index 19a385e..d41e24d 100644
--- a/security/selinux/hooks.c
+++ b/security/selinux/hooks.c

@@ -4468,11 +4468,12 @@
 }
 
 static int selinux_getprocattr(struct task_struct *p,
-			       char *name, void *value, size_t size)
+			       char *name, char **value)
 {
 	struct task_security_struct *tsec;
 	u32 sid;
 	int error;
+	unsigned len;
 
 	if (current != p) {
 		error = task_has_perm(current, p, PROCESS__GETATTR);
@@ -4500,7 +4501,10 @@
 	if (!sid)
 		return 0;
 
-	return selinux_getsecurity(sid, value, size);
+	error = security_sid_to_context(sid, value, &len);
+	if (error)
+		return error;
+	return len;
 }
 
 static int selinux_setprocattr(struct task_struct *p,
commit	04ff97086b1a3237bbd1fe6390fa80fe75207e23	[log] [tgz]
author	Al Viro <viro@ftp.linux.org.uk>	Mon Mar 12 16:17:58 2007 +0000
committer	Linus Torvalds <torvalds@woody.linux-foundation.org>	Wed Mar 14 15:27:48 2007 -0700
tree	877e26055759d84a726c6bc68245bc6f9a4a5753
parent	c4823bce033be74c0fcfbcae2f1be0854fdc2e18 [diff] [blame]