linux-stable-rt/security
Stephen Smalley 37ca5389b8 AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit
Per Steve Grubb's observation that there are some remaining cases where
avc_audit() directly logs untrusted strings without escaping them, here
is a patch that changes avc_audit() to use audit_log_untrustedstring()
or audit_log_hex() as appropriate.  Note that d_name.name is nul-
terminated by d_alloc(), and that sun_path is nul-terminated by
unix_mkname(), so it is not necessary for the AVC to create nul-
terminated copies or to alter audit_log_untrustedstring to take a length
argument.  In the case of an abstract name, we use audit_log_hex() with
an explicit length.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2005-05-24 21:28:28 +01:00
..
keys Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
selinux AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit 2005-05-24 21:28:28 +01:00
Kconfig Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
Makefile Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
capability.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
commoncap.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
dummy.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
root_plug.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
seclvl.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
security.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00