Signed-off-by: William Roberts <[email protected]>
---
kernel/auditsc.c | 19 +++++++++++++++----
1 file changed, 15 insertions(+), 4 deletions(-)
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index a4c2003..9ba1f2a 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1292,9 +1292,20 @@ static void audit_log_cmdline(struct audit_buffer *ab,
struct task_struct *tsk,
if (!buf)
goto out;
res = get_cmdline(tsk, buf, PATH_MAX);
- /* Ensure NULL terminated */
- if (buf[res-1] != '\0')
- buf[res-1] = '\0';
+ if (res == 0) {
+ kfree(buf);
+ goto out;
+ }
+ /*
+ * Ensure NULL terminated but don't clobber the end
+ * unless the buffer is full. Worst case you end up
+ * with 2 null bytes ending it. By doing it this way
+ * one avoids additional branching. One checking if the
+ * end is null and another to check if their should be
+ * an increment before setting the null byte.
+ */
+ res += res < PATH_MAX;
+ buf[res-1] = '\0';
context->cmdline = buf;
}
msg = context->cmdline;
@@ -1333,8 +1344,8 @@ static void audit_log_exit(struct audit_context *context,
struct task_struct *ts
context->name_count);
audit_log_task_info(ab, tsk);
- audit_log_cmdline(ab, tsk, context);
audit_log_key(ab, context->filterkey);
+ audit_log_cmdline(ab, tsk, context);
audit_log_end(ab);
for (aux = context->aux; aux; aux = aux->next) {
--
1.7.9.5
--
Linux-audit mailing list
[email protected]
https://www.redhat.com/mailman/listinfo/linux-audit
