[PATCH] Fix remaining cases of direct logging of untrusted strings by avc_audit
David Woodhouse
dwmw2 at infradead.org
Wed May 25 14:22:34 UTC 2005
On Wed, 2005-05-25 at 10:08 -0400, Stephen Smalley wrote:
> The fact that d_alloc always nul-terminates isn't sufficient for you?
> You are concerned about manually constructed dentries outside of the
> dcache?
> FWIW, in addition to prior usage by avc_audit, there is other kernel
> code that directly uses d_name.name as a string, e.g. as an argument
> for a %s format string to printk.
It should be fine. If we were newly introducing this assumption, I'd
have to go trawling through all the evil code like vfat which switches
dentries around because of aliasing, but since we were _already_
assuming it was true, I'm willing to believe it without proving it for
myself.
--
dwmw2
More information about the Linux-audit
mailing list