From: John Johansen <john.johansen@canonical.com>
Date: Wed, 22 Feb 2012 08:32:30 +0000 (-0800)
Subject: AppArmor: Fix underflow in xindex calculation
X-Git-Tag: v3.4-rc1~165^2~9
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=8b964eae204d791421677ec56b94a7b18cf8740d;p=pandora-kernel.git

AppArmor: Fix underflow in xindex calculation

If the xindex value stored in the accept tables is 0, the extraction of
that value will result in an underflow (0 - 4).

In properly compiled policy this should not happen for file rules but
it may be possible for other rule types in the future.

To exploit this underflow a user would have to be able to load a corrupt
policy, which requires CAP_MAC_ADMIN, overwrite system policy in kernel
memory or know of a compiler error resulting in the flaw being present
for loaded policy (no such flaw is known at this time).

Signed-off-by: John Johansen <john.johansen@canonical.com>
Acked-by: Kees Cook <kees@ubuntu.com>
---

Reading git-diff-tree failed