aboutsummaryrefslogtreecommitdiff
path: root/COPYING
diff options
context:
space:
mode:
authorStephen Smalley <sds@tycho.nsa.gov>2005-05-24 21:28:28 +0100
committerDavid Woodhouse <dwmw2@shinybook.infradead.org>2005-05-24 21:28:28 +0100
commit37ca5389b863e5ffba6fb7c22331bf57dbf7764a (patch)
tree4869477a27fbd8ad91b0ce42f0b2e4b6817e5105 /COPYING
parent99e45eeac867d51ff3395dcf3d7aedf5ac2812c8 (diff)
AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit
Per Steve Grubb's observation that there are some remaining cases where avc_audit() directly logs untrusted strings without escaping them, here is a patch that changes avc_audit() to use audit_log_untrustedstring() or audit_log_hex() as appropriate. Note that d_name.name is nul- terminated by d_alloc(), and that sun_path is nul-terminated by unix_mkname(), so it is not necessary for the AVC to create nul- terminated copies or to alter audit_log_untrustedstring to take a length argument. In the case of an abstract name, we use audit_log_hex() with an explicit length. Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov> Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'COPYING')
0 files changed, 0 insertions, 0 deletions