GitHub-Mirror/Star64_linux
2
0
Fork 0
mirror of https://github.com/Fishwaldo/Star64_linux.git synced 2025-06-20 05:31:15 +00:00
Code Issues Projects Releases Packages Wiki Activity Actions

AUDIT: Avoid log pollution by untrusted strings.

Browse source 
We log strings from userspace, such as arguments to open(). These could
be formatted to contain \n followed by fake audit log entries. Provide
a function for logging such strings, which gives a hex dump when the
string contains anything but basic printable ASCII characters. Use it
for logging filenames.

Signed-off-by: David Woodhouse <dwmw2@infradead.org>
This commit is contained in:
2005-04-29 15:54:44 +01:00
parent c60c390620
commit 83c7d09173
3 changed files with 34 additions and 4 deletions
Download patch file Download diff file Expand all files Collapse all files

7
kernel/auditsc.c
View file

@ -696,9 +696,10 @@ static void audit_log_exit(struct audit_context *context)
if (!ab)
continue; /* audit_panic has been called */
audit_log_format(ab, "item=%d", i);
if (context->names[i].name)
audit_log_format(ab, " name=%s",
context->names[i].name);
if (context->names[i].name) {
audit_log_format(ab, " name=");
audit_log_untrustedstring(ab, context->names[i].name);
}
if (context->names[i].ino != (unsigned long)-1)
audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o"
" uid=%d gid=%d rdev=%02x:%02x",