Commit fe705dd0 authored by Mike Salvatore's avatar Mike Salvatore Committed by Khalid Elmously
Browse files

apparmor: reset pos on failure to unpack for various functions

BugLink: https://bugs.launchpad.net/bugs/1844558



[ Upstream commit 156e4299 ]

Each function that manipulates the aa_ext struct should reset it's "pos"
member on failure. This ensures that, on failure, no changes are made to
the state of the aa_ext struct.

There are paths were elements are optional and the error path is
used to indicate the optional element is not present. This means
instead of just aborting on error the unpack stream can become
unsynchronized on optional elements, if using one of the affected
functions.

Cc: stable@vger.kernel.org
Fixes: 736ec752 ("AppArmor: policy routines for loading and unpacking policy")
Signed-off-by: default avatarMike Salvatore <mike.salvatore@canonical.com>
Signed-off-by: default avatarJohn Johansen <john.johansen@canonical.com>
Signed-off-by: default avatarSasha Levin <sashal@kernel.org>
Signed-off-by: default avatarKamal Mostafa <kamal@canonical.com>
Signed-off-by: default avatarKhalid Elmously <khalid.elmously@canonical.com>
parent c81f9402
Loading
Loading
Loading
Loading
0% Loading or .
You are about to add 0 people to the discussion. Proceed with caution.
Please to comment