[grsec] Broken compilation on 2.1.10-2.6.19.2-200702011940
Dinko Korunic
kreator at srce.hr
Sun Feb 4 04:25:30 EST 2007
Brad,
Grsecurity patch 2.1.10-2.6.19.2-200702011940 is broken in static int
pid_getattr() in fs/proc/base.c. Specifically, the code won't
compile if undefined CONFIG_GRKERNSEC_PROC_USER and undefined
CONFIG_GRKERNSEC_PROC_USERGROUP:
+ if (task &&
+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
+ (!tmp->uid || (tmp->uid == task->uid)
+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
+ || in_group_p(CONFIG_GRKERNSEC_PROC_GID)
+#endif
+ )
+#endif
+ ) {
The problem is in "if (task &&" line which will be left closed with ")" if
both preprocessor constants undefined. This is probably a typo, since fix
is trivial:
+ if (task
+#if defined(CONFIG_GRKERNSEC_PROC_USER) || defined(CONFIG_GRKERNSEC_PROC_USERGROUP)
+ && (!tmp->uid || (tmp->uid == task->uid)
+#ifdef CONFIG_GRKERNSEC_PROC_USERGROUP
+ || in_group_p(CONFIG_GRKERNSEC_PROC_GID)
+#endif
+ )
+#endif
+ ) {
Cheers,
D.
--
NAME:Dinko.kreator.Korunic DISCLAIMER:Standard.disclaimer.applies
IRC:kre ICQ:16965294 JAB:kreatorMoo at jabber.org PGP:0xea160d0b
HOME:http://dkorunic.net BLOG:http://dkorunic.wordpress.com
More information about the grsecurity
mailing list