diff -aurN audit-2.1.3/src/auditctl.c audit-2.1.3_patch//src/auditctl.c --- audit-2.1.3/src/auditctl.c 2011-08-15 21:31:00.000000000 +0400 +++ audit-2.1.3_patch//src/auditctl.c 2011-10-24 11:14:02.000000000 +0400 @@ -939,6 +939,82 @@ return NULL; } + +void preprocess(char *buf) +{ + char esc_ctx = 0; + + while (*buf) + { + if (*buf == '\\' && !esc_ctx) + { + esc_ctx++; + } + else + { + if (esc_ctx) + { + if (*buf == ' ') + { + *buf = 0x07; + *(buf - 1) = 0x07; + } + else if (*buf == '\\') + { + *buf = 0x04; + *(buf - 1) = 0x04; + } + + esc_ctx--; + } + } + + buf++; + } +} + + +void postprocess(unsigned char *buf) +{ + unsigned char *str = strdup(buf); + unsigned char *pos1 = str; + unsigned char *pos2 = buf; + int i = 0; + + if (!str) + return; + + while (*pos1) + { + if (*pos1 == 0x07) + { + *pos2 = ' '; + pos1 += 2; + pos2++; + + continue; + } + else if (*pos1 == 0x04) + { + *pos2 = '\\'; + pos1 += 2; + pos2++; + + continue; + } + + *pos2 = *pos1; + + pos2++; + pos1++; + } + + *pos2 = 0; + + free(str); +} + + /* * This function reads the given file line by line and executes the rule. * It returns 0 if everything went OK, 1 if there are problems before reading @@ -1001,6 +1077,8 @@ char *options[NUM_OPTIONS]; char *ptr; int idx=0; + char apst = 0; + char *pos = 0; /* Weed out blank lines */ while (buf[idx] == ' ') @@ -1009,9 +1087,13 @@ lineno++; continue; } + + preprocess(buf); + ptr = strtok(buf, " "); if (ptr == NULL) break; + /* allow comments */ if (ptr[0] == '#') { lineno++; @@ -1021,8 +1103,10 @@ options[i++] = "auditctl"; options[i++] = ptr; while( (ptr=strtok(NULL, " ")) && i