[apparmor] [Bug 781961] Re: Format string bugs in apparmor-utils

[Kees Cook]

Thanks for the report! I've sent a patch to the mailing list and this
will likely get committed soon.

** Changed in: apparmor
       Status: Confirmed => In Progress

** Changed in: apparmor (Ubuntu)
       Status: Confirmed => In Progress

-- 
You received this bug notification because you are a member of AppArmor
Developers, which is the registrant for AppArmor.
https://bugs.launchpad.net/bugs/781961

Title:
  Format string bugs in apparmor-utils

Status in AppArmor Linux application security framework:
  In Progress
Status in “apparmor” package in Ubuntu:
  In Progress

Bug description:
  Binary package hint: apparmor-utils

  /usr/sbin/audit and /usr/sbin/autodep and /usr/sbin/enforce have
  format string bugs .

  test case :
  emanuel at emanuel-desktop:/tmp$ /usr/sbin/audit "/tmp/%n"
  Modification of a read-only value attempted at /usr/sbin/audit line 122.
  emanuel at emanuel-desktop:/tmp$ /usr/sbin/autodep "/tmp/%n"
  Modification of a read-only value attempted at /usr/sbin/autodep line 112.
  emanuel at emanuel-desktop:/tmp$ /usr/sbin/enforce "/tmp/%9999999999999s"
  Integer overflow in format string for sprintf at /usr/sbin/enforce line 132.

  the bug can be found at :
  UI_Info(sprintf(gettext('%s does not exist, please double-check the path.') . $profiling));

  fix : (like in /usr/sbin/complain)
  UI_Info(sprintf(gettext('%s does not exist, please double-check the path.'), $profiling));