[PATCH] name_count array overrun
Steve Grubb
sgrubb at redhat.com
Thu Sep 7 20:53:22 UTC 2006
On Thursday 07 September 2006 16:43, Amy Griffis wrote:
> What about this conditional, which translates to context->name_count >= 13?
> Leaving the code as is means we'll never reach the new printk below,
> where context->name_count == 19.
Good point, I'll drop that part.
> > - idx = context->name_count++;
> > + idx = context->name_count;
> > + if (context->name_count == (AUDIT_NAMES - 1)) {
> > + printk(KERN_DEBUG
> > + "name_count maxed and losing entry
> > [%d]=%s\n", + context->name_count,
> > + context->names[context->name_count].name ?:
> > + "(null)");
>
> Did you consider just dropping any data encountered after we've filled
> AUDIT_NAMES, instead of copying over the data for the last element?
That might be better. Is this the way we want to handle it? If there's no
objections, I'll repost a patch tomorrow.
Thanks,
-Steve
More information about the Linux-audit
mailing list