On Tue, Jan 7, 2014 at 12:44 PM, William Roberts <[email protected]> wrote: > Signed-off-by: William Roberts <[email protected]> > --- > kernel/auditsc.c | 19 +++++++++++++++---- > 1 file changed, 15 insertions(+), 4 deletions(-) > > diff --git a/kernel/auditsc.c b/kernel/auditsc.c > index a4c2003..9ba1f2a 100644 > --- a/kernel/auditsc.c > +++ b/kernel/auditsc.c > @@ -1292,9 +1292,20 @@ static void audit_log_cmdline(struct audit_buffer *ab, > struct task_struct *tsk, > if (!buf) > goto out; > res = get_cmdline(tsk, buf, PATH_MAX); > - /* Ensure NULL terminated */ > - if (buf[res-1] != '\0') > - buf[res-1] = '\0'; > + if (res == 0) { > + kfree(buf); > + goto out; > + } > + /* > + * Ensure NULL terminated but don't clobber the end > + * unless the buffer is full. Worst case you end up > + * with 2 null bytes ending it. By doing it this way > + * one avoids additional branching. One checking if the > + * end is null and another to check if their should be > + * an increment before setting the null byte. > + */ > + res += res < PATH_MAX; > + buf[res-1] = '\0'; > context->cmdline = buf; > } > msg = context->cmdline; > @@ -1333,8 +1344,8 @@ static void audit_log_exit(struct audit_context > *context, struct task_struct *ts > context->name_count); > > audit_log_task_info(ab, tsk); > - audit_log_cmdline(ab, tsk, context); > audit_log_key(ab, context->filterkey); > + audit_log_cmdline(ab, tsk, context); > audit_log_end(ab); > > for (aux = context->aux; aux; aux = aux->next) { > -- > 1.7.9.5 >
FYI for those wondering. Page 205 and 206, Sections A7.9 and A7.10 in the K+R C book 2nd edition explicitly states that relational and equality operators return a 0 or 1. -- Respectfully, William C Roberts -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
