hmm if I recall too the result from calling the underlying vma functions was the width of the field, not always necessarily the null byte, like you said, doing the combo you suggest corrects that.
However, strnlen is pricey id like to avoid. The code I have at least avoids branching, which is good. And is then directly known to be safe to pass to audit_log_untrusted_string(), which aborts printing on the first null byte. On Fri, Jan 10, 2014 at 1:37 PM, William Roberts <[email protected]> wrote: > I think your right.... > > On Fri, Jan 10, 2014 at 1:08 PM, Eric Paris <[email protected]> wrote: >> If you know the buf len, you can just use audit_log_n_untrusted_string() >> I think.... >> >> On Tue, 2014-01-07 at 12:44 -0800, William Roberts wrote: >>> Signed-off-by: William Roberts <[email protected]> >>> --- >>> kernel/auditsc.c | 19 +++++++++++++++---- >>> 1 file changed, 15 insertions(+), 4 deletions(-) >>> >>> diff --git a/kernel/auditsc.c b/kernel/auditsc.c >>> index a4c2003..9ba1f2a 100644 >>> --- a/kernel/auditsc.c >>> +++ b/kernel/auditsc.c >>> @@ -1292,9 +1292,20 @@ static void audit_log_cmdline(struct audit_buffer >>> *ab, struct task_struct *tsk, >>> if (!buf) >>> goto out; >>> res = get_cmdline(tsk, buf, PATH_MAX); >>> - /* Ensure NULL terminated */ >>> - if (buf[res-1] != '\0') >>> - buf[res-1] = '\0'; >>> + if (res == 0) { >>> + kfree(buf); >>> + goto out; >>> + } >>> + /* >>> + * Ensure NULL terminated but don't clobber the end >>> + * unless the buffer is full. Worst case you end up >>> + * with 2 null bytes ending it. By doing it this way >>> + * one avoids additional branching. One checking if the >>> + * end is null and another to check if their should be >>> + * an increment before setting the null byte. >>> + */ >>> + res += res < PATH_MAX; >>> + buf[res-1] = '\0'; >>> context->cmdline = buf; >>> } >>> msg = context->cmdline; >>> @@ -1333,8 +1344,8 @@ static void audit_log_exit(struct audit_context >>> *context, struct task_struct *ts >>> context->name_count); >>> >>> audit_log_task_info(ab, tsk); >>> - audit_log_cmdline(ab, tsk, context); >>> audit_log_key(ab, context->filterkey); >>> + audit_log_cmdline(ab, tsk, context); >>> audit_log_end(ab); >>> >>> for (aux = context->aux; aux; aux = aux->next) { >> >> > > > > -- > Respectfully, > > William C Roberts -- Respectfully, William C Roberts -- Linux-audit mailing list [email protected] https://www.redhat.com/mailman/listinfo/linux-audit
