[PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit
David Woodhouse
dwmw2 at infradead.org
Tue May 24 21:16:55 UTC 2005
On Tue, 2005-05-24 at 16:11 -0500, Klaus Weidner wrote:
> > I wouldn't claim to be 100% convinced that it's always nul-terminated,
> > but we were relying on that already so OK.
>
> Good thing we're not trying to get certified at EAL7, this doesn't quite
> meet "formally verified design" requirements ;-)
Heh, yeah. I do remember going through the code at one point for some
reason any trying to convince myself it was always NUL-terminated. I
_think_ it is, but I don't 100% recall my conclusion, or even why I was
checking. Once upon a time it certainly wasn't, but now I think it is.
I wouldn't have introduced such an assumption without going through and
checking for myself, but since we were already making that assumption
I'm prepared to trust it for now.
--
dwmw2
More information about the Linux-audit
mailing list