audit-0.6.2 released
Chris Wright
chrisw at osdl.org
Wed Apr 27 20:32:20 UTC 2005
* Steve Grubb (sgrubb at redhat.com) wrote:
> On Wednesday 27 April 2005 03:26, Chris Wright wrote:
> > What was your test case? This patch will potentially corrupt data in
> > skb->data[offset + len].
>
> Chris,
>
> It may be more expedient to just submit a corrected patch to the mail list.
I don't have a good patch yet. NULL terminating the buffer doesn't look
safe. I was beginning to suspect audit_log_vformat buffer size
handling, but can't make it break (nor figure when ab->len could become
suspect. I'll keep digging, but a way to trigger would sure help.
thanks,
-chris
--
Linux Security Modules http://lsm.immunix.org http://lsm.bkbits.net
More information about the Linux-audit
mailing list