From owner-p4-projects@FreeBSD.ORG  Thu May 29 16:14:36 2003
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id 2ECCF37B404; Thu, 29 May 2003 16:14:36 -0700 (PDT)
Delivered-To: perforce@freebsd.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 70A5437B401
	for <perforce@freebsd.org>; Thu, 29 May 2003 16:14:35 -0700 (PDT)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 04C9543F75
	for <perforce@freebsd.org>; Thu, 29 May 2003 16:14:35 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.12.6/8.12.6) with ESMTP id h4TNEY0U070970
	for <perforce@freebsd.org>; Thu, 29 May 2003 16:14:34 -0700 (PDT)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by repoman.freebsd.org (8.12.6/8.12.6/Submit) id h4TNEYbs070967
	for perforce@freebsd.org; Thu, 29 May 2003 16:14:34 -0700 (PDT)
Date: Thu, 29 May 2003 16:14:34 -0700 (PDT)
Message-Id: <200305292314.h4TNEYbs070967@repoman.freebsd.org>
X-Authentication-Warning: repoman.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Subject: PERFORCE change 32072 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.1
Precedence: list
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Thu, 29 May 2003 23:14:37 -0000

http://perforce.freebsd.org/chv.cgi?CH=32072

Change 32072 by rwatson@rwatson_tislabs on 2003/05/29 16:14:02

	Temporary work-around for overflows in externalization of
	compartment strings in the Biba and MLS policies.  Validate
	that the nul we slap down in fact lands inside the string.
	This code generally needs cleaning up, since it fails to
	handle failures by snprintf().  If the provided string is
	too short, this result is preferable to kernel panics, etc.

Affected files ...

.. //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#209 edit
.. //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#167 edit

Differences ...

==== //depot/projects/trustedbsd/mac/sys/security/mac_biba/mac_biba.c#209 (text+ko) ====

@@ -583,7 +583,11 @@
 		} while(bit <= MAC_BIBA_MAX_COMPARTMENTS);
 
 		len = size - left - 1;
-		string[len] = '\0';
+		if (len > 0 && len < size)
+			string[len] = '\0';
+		else
+			string[0] = '\0';
+			
 		return (len);
 
 	default:

==== //depot/projects/trustedbsd/mac/sys/security/mac_mls/mac_mls.c#167 (text+ko) ====

@@ -547,7 +547,10 @@
 		} while(bit <= MAC_MLS_MAX_COMPARTMENTS);
 
 		len = size - left - 1;
-		string[len] = '\0';
+		if (len > 0 && len < size)
+			string[len] = '\0';
+		else
+			string[0] = '\0';
 		return (len);
 
 	default: