Subject: [SMACK-discuss][PATCH] libsmack: Terminate attribute string The smack_new_label_from_path function reads an xattr that may not be null byte terminated. This occurs in the SMACK64TRANSMUTE case. Technically, the transmute attribute isn't a label, so this function shouldn't be used to fetch the value, but we'll let that go. This is just good string hygiene in any case. This is an issue because chsmack prints transmute="TRUE0" without this fix. Signed-off-by: Casey Schaufler <casey.schaufler(a)intel.com&gt; --- libsmack/libsmack.c | 3 +++ 1 file changed, 3 insertions(+) diff --git a/libsmack/libsmack.c b/libsmack/libsmack.c index db14c32..17f62ec 100644 --- a/libsmack/libsmack.c +++ b/libsmack/libsmack.c @@ -643,6 +643,9 @@ ssize_t smack_new_label_from_path(const char *path, const char *xattr, if (result == NULL) return -1; + /* It is possible that the attribute is not terminated */ + buf[ret] = '\0'; + ret = get_label(result, buf, NULL); if (ret < 0) { free(result);