• Stephen Smalley's avatar
    AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit · 37ca5389
    Stephen Smalley authored
    Per Steve Grubb's observation that there are some remaining cases where
    avc_audit() directly logs untrusted strings without escaping them, here
    is a patch that changes avc_audit() to use audit_log_untrustedstring()
    or audit_log_hex() as appropriate.  Note that d_name.name is nul-
    terminated by d_alloc(), and that sun_path is nul-terminated by
    unix_mkname(), so it is not necessary for the AVC to create nul-
    terminated copies or to alter audit_log_untrustedstring to take a length
    argument.  In the case of an abstract name, we use audit_log_hex() with
    an explicit length.
    Signed-off-by: default avatarStephen Smalley <sds@tycho.nsa.gov>
    Signed-off-by: default avatarDavid Woodhouse <dwmw2@infradead.org>
    37ca5389
avc.c 23 KB