Skip to content

Commit 86aea56

Browse files
chggrjrjohansen
chggr
authored and
jrjohansen
committed
apparmor: Fix logical error in verify_header()
verify_header() is currently checking whether interface version is less than 5 *and* greater than 7, which always evaluates to false. Instead it should check whether it is less than 5 *or* greater than 7. Signed-off-by: Christos Gkekas <chris.gekas@gmail.com> Signed-off-by: John Johansen <john.johansen@canonical.com>
1 parent 19fe43a commit 86aea56

File tree

1 file changed

+1
-1
lines changed

1 file changed

+1
-1
lines changed

security/apparmor/policy_unpack.c

Lines changed: 1 addition & 1 deletion
Original file line numberDiff line numberDiff line change
@@ -832,7 +832,7 @@ static int verify_header(struct aa_ext *e, int required, const char **ns)
832832
* if not specified use previous version
833833
* Mask off everything that is not kernel abi version
834834
*/
835-
if (VERSION_LT(e->version, v5) && VERSION_GT(e->version, v7)) {
835+
if (VERSION_LT(e->version, v5) || VERSION_GT(e->version, v7)) {
836836
audit_iface(NULL, NULL, NULL, "unsupported interface version",
837837
e, error);
838838
return error;

0 commit comments

Comments
 (0)