diff options
Diffstat (limited to 'Xext/xselinux.c')
| -rw-r--r-- | Xext/xselinux.c | 22 |
1 files changed, 9 insertions, 13 deletions
diff --git a/Xext/xselinux.c b/Xext/xselinux.c index 9898b2986..b9b16b6ce 100644 --- a/Xext/xselinux.c +++ b/Xext/xselinux.c @@ -1,6 +1,6 @@ /************************************************************ -Author: Eamon Walsh <ewalsh@epoch.ncsc.mil> +Author: Eamon Walsh <ewalsh@tycho.nsa.gov> Permission to use, copy, modify, distribute, and sell this software and its documentation for any purpose is hereby granted without fee, provided that @@ -913,6 +913,10 @@ SELinuxProperty(CallbackListPtr *pcbl, pointer unused, pointer calldata) security_id_t tsid; int rc; + /* Don't care about the new content check */ + if (rec->access_mode & DixPostAccess) + return; + subj = dixLookupPrivate(&rec->client->devPrivates, subjectKey); obj = dixLookupPrivate(&pProp->devPrivates, objectKey); @@ -1279,7 +1283,7 @@ SELinuxSendContextReply(ClientPtr client, security_id_t sid) } rep.type = X_Reply; - rep.length = (len + 3) >> 2; + rep.length = bytes_to_int32(len); rep.sequenceNumber = client->sequence; rep.context_len = len; @@ -1314,14 +1318,6 @@ ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) return BadAlloc; } - if (offset == CTX_DEV) { - /* Device create context currently requires manage permission */ - rc = XaceHook(XACE_SERVER_ACCESS, client, DixManageAccess); - if (rc != Success) - goto out; - privPtr = &serverClient->devPrivates; - } - ptr = dixLookupPrivate(privPtr, subjectKey); pSid = (security_id_t *)(ptr + offset); sidput(*pSid); @@ -1333,7 +1329,7 @@ ProcSELinuxSetCreateContext(ClientPtr client, unsigned offset) avc_context_to_sid_raw(ctx, pSid) < 0) rc = BadValue; } -out: + xfree(ctx); return rc; } @@ -1506,8 +1502,8 @@ SELinuxPopulateItem(SELinuxListItemRec *i, PrivateRec **privPtr, CARD32 id, return BadValue; i->id = id; - i->octx_len = (strlen(i->octx) + 4) >> 2; - i->dctx_len = (strlen(i->dctx) + 4) >> 2; + i->octx_len = bytes_to_int32(strlen(i->octx) + 1); + i->dctx_len = bytes_to_int32(strlen(i->dctx) + 1); *size += i->octx_len + i->dctx_len + 3; return Success; |