From: Massimiliano Pellizzer <[email protected]>
[ Upstream commit e38c55d9f834e5b848bfed0f5c586aaf45acb825 ]
The function sets `*ns = NULL` on every call, leaking the namespace
string allocated in previous iterations when multiple profiles are
unpacked. This also breaks namespace consistency checking since *ns
is always NULL when the comparison is made.
Remove the incorrect assignment.
The caller (aa_unpack) initializes *ns to NULL once before the loop,
which is sufficient.
Fixes: dd51c8485763 ("apparmor: provide base for multiple profiles to be
replaced at once")
Reported-by: Qualys Security Advisory <[email protected]>
Tested-by: Salvatore Bonaccorso <[email protected]>
Reviewed-by: Georgia Garcia <[email protected]>
Reviewed-by: Cengiz Can <[email protected]>
Signed-off-by: Massimiliano Pellizzer <[email protected]>
Signed-off-by: John Johansen <[email protected]>
Signed-off-by: Li hongliang <[email protected]>
---
security/apparmor/policy_unpack.c | 1 -
1 file changed, 1 deletion(-)
diff --git a/security/apparmor/policy_unpack.c
b/security/apparmor/policy_unpack.c
index 851fd6212831..3bbd28603c8c 100644
--- a/security/apparmor/policy_unpack.c
+++ b/security/apparmor/policy_unpack.c
@@ -959,7 +959,6 @@ static int verify_header(struct aa_ext *e, int required,
const char **ns)
{
int error = -EPROTONOSUPPORT;
const char *name = NULL;
- *ns = NULL;
/* get the interface version */
if (!unpack_u32(e, &e->version, "version")) {
--
2.34.1
