From: Jan Kara <jack@suse.cz>
Date: Tue, 2 Jun 2015 15:08:29 +0000 (+0200)
Subject: audit: Fix check of return value of strnlen_user()
X-Git-Tag: v3.18.40~40
X-Git-Url: http://git.ipfire.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=c786cc5ea29cca704eed6af508d32c9e0d498b77;p=thirdparty%2Fkernel%2Fstable.git

audit: Fix check of return value of strnlen_user()

[ Upstream commit 0b08c5e59441d08ab4b5e72afefd5cd98a4d83df ]

strnlen_user() returns 0 when it hits fault, not -1. Fix the test in
audit_log_single_execve_arg(). Luckily this shouldn't ever happen unless
there's a kernel bug so it's mostly a cosmetic fix.

CC: Paul Moore <pmoore@redhat.com>
Signed-off-by: Jan Kara <jack@suse.cz>
Signed-off-by: Paul Moore <pmoore@redhat.com>
Signed-off-by: Sasha Levin <alexander.levin@verizon.com>
---

diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index cc3416f0dedac..c06f13fa5a993 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1046,7 +1046,7 @@ static int audit_log_single_execve_arg(struct audit_context *context,
 	 * for strings that are too long, we should not have created
 	 * any.
 	 */
-	if (unlikely((len == -1) || len > MAX_ARG_STRLEN - 1)) {
+	if (unlikely((len == 0) || len > MAX_ARG_STRLEN - 1)) {
 		WARN_ON(1);
 		send_sig(SIGKILL, current, 0);
 		return -1;