[patch] selinux: Fix address length checks in connect hook

From: Stephen Smalley
Date: Thu Jul 28 2005 - 15:31:21 EST

This patch fixes the address length checks in the selinux_socket_connect
hook to be no more restrictive than the underlying ipv4 and ipv6 code;
otherwise, this hook can reject valid connect calls. This patch is in
response to a bug report where an application was calling connect on an
INET6 socket with an address that didn't include the optional scope id
and failing due to these checks. Please apply. To 2.6.13, if possible.

Signed-off-by: Stephen Smalley <sds@xxxxxxxxxxxxx>
Signed-off-by: James Morris <jmorris@xxxxxxxxxx>


security/selinux/hooks.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)

diff -rup linux-2.6.13-rc3-mm3/security/selinux/hooks.c linux-2.6.13-rc3-mm3-fix/security/selinux/hooks.c
--- linux-2.6.13-rc3-mm3/security/selinux/hooks.c 2005-07-28 14:59:58.000000000 -0400
+++ linux-2.6.13-rc3-mm3-fix/security/selinux/hooks.c 2005-07-28 14:56:58.000000000 -0400
@@ -3073,12 +3073,12 @@ static int selinux_socket_connect(struct

if (sk->sk_family == PF_INET) {
addr4 = (struct sockaddr_in *)address;
- if (addrlen != sizeof(struct sockaddr_in))
+ if (addrlen < sizeof(struct sockaddr_in))
return -EINVAL;
snum = ntohs(addr4->sin_port);
} else {
addr6 = (struct sockaddr_in6 *)address;
- if (addrlen != sizeof(struct sockaddr_in6))
+ if (addrlen < SIN6_LEN_RFC2133)
return -EINVAL;
snum = ntohs(addr6->sin6_port);

Stephen Smalley
National Security Agency

To unsubscribe from this list: send the line "unsubscribe linux-kernel" in
the body of a message to majordomo@xxxxxxxxxxxxxxx
More majordomo info at http://vger.kernel.org/majordomo-info.html
Please read the FAQ at http://www.tux.org/lkml/