[PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit
James Morris
jmorris at redhat.com
Tue May 24 20:08:12 UTC 2005
On Tue, 24 May 2005, Stephen Smalley wrote:
> Per Steve Grubb's observation that there are some remaining cases where
> avc_audit() directly logs untrusted strings without escaping them, here
> is a patch that changes avc_audit() to use audit_log_untrustedstring()
> or audit_log_hex() as appropriate. Note that d_name.name is nul-
> terminated by d_alloc(), and that sun_path is nul-terminated by
> unix_mkname(), so it is not necessary for the AVC to create nul-
> terminated copies or to alter audit_log_untrustedstring to take a length
> argument. In the case of an abstract name, we use audit_log_hex() with
> an explicit length.
>
> Signed-off-by: Stephen Smalley <sds at tycho.nsa.gov>
Ack.
- James
--
James Morris
<jmorris at redhat.com>
More information about the Linux-audit
mailing list