Gitiles
Code Review Sign In
gerrit-public.fairphone.software / kernel / msm / 37ca5389b863e5ffba6fb7c22331bf57dbf7764a
commit37ca5389b863e5ffba6fb7c22331bf57dbf7764a[log] [tgz]
authorStephen Smalley <sds@tycho.nsa.gov>Tue May 24 21:28:28 2005 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>Tue May 24 21:28:28 2005 +0100
tree4869477a27fbd8ad91b0ce42f0b2e4b6817e5105
parent99e45eeac867d51ff3395dcf3d7aedf5ac2812c8 [diff]
AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit

Per Steve Grubb's observation that there are some remaining cases where
avc_audit() directly logs untrusted strings without escaping them, here
is a patch that changes avc_audit() to use audit_log_untrustedstring()
or audit_log_hex() as appropriate.  Note that d_name.name is nul-
terminated by d_alloc(), and that sun_path is nul-terminated by
unix_mkname(), so it is not necessary for the AVC to create nul-
terminated copies or to alter audit_log_untrustedstring to take a length
argument.  In the case of an abstract name, we use audit_log_hex() with
an explicit length.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
1 file changed
tree: 4869477a27fbd8ad91b0ce42f0b2e4b6817e5105
  1. arch/
  2. crypto/
  3. Documentation/
  4. drivers/
  5. fs/
  6. include/
  7. init/
  8. ipc/
  9. kernel/
  10. lib/
  11. mm/
  12. net/
  13. scripts/
  14. security/
  15. sound/
  16. usr/
  17. COPYING
  18. CREDITS
  19. MAINTAINERS
  20. Makefile
  21. README
  22. REPORTING-BUGS