On 2013年04月16日 18:38, Chen Gang wrote:
> On 2013年04月16日 18:25, Chen Gang wrote:
>> On 2013年04月12日 17:42, Chen Gang wrote:
>>> On 2013年04月11日 12:10, Chen Gang wrote:
On 2013年04月11日 05:19, Eric Paris wrote:
> - Original Message -
>
>>> b. has an new issue for AUDIT_DIR:
On 2013年04月16日 18:25, Chen Gang wrote:
> On 2013年04月12日 17:42, Chen Gang wrote:
>> On 2013年04月11日 12:10, Chen Gang wrote:
>>> On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
>> b. has an new issue for AUDIT_DIR:
>>after AUDIT_DIR succeed, it will
On 2013年04月12日 17:42, Chen Gang wrote:
> On 2013年04月11日 12:10, Chen Gang wrote:
>> On 2013年04月11日 05:19, Eric Paris wrote:
>>> - Original Message -
>>>
> b. has an new issue for AUDIT_DIR:
>after AUDIT_DIR succeed, it will set rule->tree.
>next, the other case
On 2013年04月12日 17:42, Chen Gang wrote:
On 2013年04月11日 12:10, Chen Gang wrote:
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call
On 2013年04月16日 18:25, Chen Gang wrote:
On 2013年04月12日 17:42, Chen Gang wrote:
On 2013年04月11日 12:10, Chen Gang wrote:
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next,
On 2013年04月16日 18:38, Chen Gang wrote:
On 2013年04月16日 18:25, Chen Gang wrote:
On 2013年04月12日 17:42, Chen Gang wrote:
On 2013年04月11日 12:10, Chen Gang wrote:
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR
On 2013年04月11日 12:10, Chen Gang wrote:
> On 2013年04月11日 05:19, Eric Paris wrote:
>> - Original Message -
>>
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule->tree.
next, the other case fail, then will call audit_free_rule.
On 2013年04月11日 12:10, Chen Gang wrote:
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call audit_free_rule.
but
On 2013年04月11日 22:34, Chen Gang wrote:
> On 2013年04月11日 21:40, Eric Paris wrote:
>> > can we add it in audit_free_rule ?
>> >
>> > maybe like this:
>> >
>> > @@ -75,6 +75,8 @@ static inline void audit_free_rule(struct
>> > audit_entry *e)
>> > /*
On 2013年04月11日 21:40, Eric Paris wrote:
>> > can we add it in audit_free_rule ?
>> >
>> > maybe like this:
>> >
>> > @@ -75,6 +75,8 @@ static inline void audit_free_rule(struct audit_entry *e)
>> >/* some rules don't have associated watches */
>> >if (erule->watch)
>> >
- Original Message -
> On 2013年04月11日 05:19, Eric Paris wrote:
> > - Original Message -
> >
> >> > b. has an new issue for AUDIT_DIR:
> >> >after AUDIT_DIR succeed, it will set rule->tree.
> >> >next, the other case fail, then will call audit_free_rule.
> >> >
- Original Message -
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call audit_free_rule.
but
On 2013年04月11日 21:40, Eric Paris wrote:
can we add it in audit_free_rule ?
maybe like this:
@@ -75,6 +75,8 @@ static inline void audit_free_rule(struct audit_entry *e)
/* some rules don't have associated watches */
if (erule-watch)
On 2013年04月11日 22:34, Chen Gang wrote:
On 2013年04月11日 21:40, Eric Paris wrote:
can we add it in audit_free_rule ?
maybe like this:
@@ -75,6 +75,8 @@ static inline void audit_free_rule(struct
audit_entry *e)
/* some rules don't have associated watches */
On 2013年04月11日 05:19, Eric Paris wrote:
> - Original Message -
>
>> > b. has an new issue for AUDIT_DIR:
>> >after AUDIT_DIR succeed, it will set rule->tree.
>> >next, the other case fail, then will call audit_free_rule.
>> >but audit_free_rule will not free
On 2013年04月11日 04:08, Eric Paris wrote:
> We only allow one filter key per rule. So we should never be able to get
> into this situation. See audit_data_to_entry()
really it is, thanks.
:-)
--
Chen Gang
Asianux Corporation
--
To unsubscribe from this list: send the line "unsubscribe
On 2013年04月11日 04:29, Eric Paris wrote:
> - Original Message -
>> >
>> >
>> > in another function: audit_data_to_entry:
>> >
>> > a. has the same issue for case AUDIT_WATCH.
> You are saying if there were 2 of them it will leak the old one? No. If you
> have 2 AUDIT_WATCH entries
On 2013年04月11日 05:32, Eric Paris wrote:
> - Original Message -
>> >
>> > also for function audit_list:
>> > when call audit_make_reply fails (will return NULL).
>> > we need free all its related variables instead of only kfree rull.
>> > (such as call autit_free_rule)
>> >
On 2013年04月11日 05:38, Eric Paris wrote:
> - Original Message -
>> >
>> > also for function audit_list_rules:
>> > when call audit_make_reply fails (will return NULL).
>> > we also need process data->buf, not only data itself.
>> >
>> > please help check, thanks.
> struct
- Original Message -
>
> also for function audit_list_rules:
> when call audit_make_reply fails (will return NULL).
> we also need process data->buf, not only data itself.
>
> please help check, thanks.
struct audit_rule_data {
[...]
charbuf[0]; /* string
- Original Message -
>
> also for function audit_list:
> when call audit_make_reply fails (will return NULL).
> we need free all its related variables instead of only kfree rull.
> (such as call autit_free_rule)
>
> please help check, thanks.
audit_free_rule() takes a
- Original Message -
> b. has an new issue for AUDIT_DIR:
>after AUDIT_DIR succeed, it will set rule->tree.
>next, the other case fail, then will call audit_free_rule.
>but audit_free_rule will not free rule->tree.
Definitely a couple of leaks here...
I'm
- Original Message -
>
>
> in another function: audit_data_to_entry:
>
> a. has the same issue for case AUDIT_WATCH.
You are saying if there were 2 of them it will leak the old one? No. If you
have 2 AUDIT_WATCH entries the first one will set entry->rule->watch and the
second
We only allow one filter key per rule. So we should never be able to get into
this situation. See audit_data_to_entry()
-Eric
- Original Message -
>
> in the 'fcount' looping,
> if 'new->fields[*].type" has 2 or more AUDIT_FILTERKEYs
> need judge new->filterkey whether has
also for function audit_list_rules:
when call audit_make_reply fails (will return NULL).
we also need process data->buf, not only data itself.
please help check, thanks.
:-)
gchen.
On 2013年04月10日 18:28, Chen Gang wrote:
>
> also for function audit_list:
> when call
also for function audit_list:
when call audit_make_reply fails (will return NULL).
we need free all its related variables instead of only kfree rull.
(such as call autit_free_rule)
please help check, thanks.
:-)
gchen.
On 2013年04月10日 18:18, Chen Gang wrote:
>
>
> in
in another function: audit_data_to_entry:
a. has the same issue for case AUDIT_WATCH.
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule->tree.
next, the other case fail, then will call audit_free_rule.
but audit_free_rule will not free
in the 'fcount' looping,
if 'new->fields[*].type" has 2 or more AUDIT_FILTERKEYs
need judge new->filterkey whether has value, or memory leak.
Signed-off-by: Chen Gang
---
kernel/auditfilter.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git
in the 'fcount' looping,
if 'new-fields[*].type has 2 or more AUDIT_FILTERKEYs
need judge new-filterkey whether has value, or memory leak.
Signed-off-by: Chen Gang gang.c...@asianux.com
---
kernel/auditfilter.c |2 ++
1 files changed, 2 insertions(+), 0 deletions(-)
diff --git
in another function: audit_data_to_entry:
a. has the same issue for case AUDIT_WATCH.
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call audit_free_rule.
but audit_free_rule will not free
also for function audit_list:
when call audit_make_reply fails (will return NULL).
we need free all its related variables instead of only kfree rull.
(such as call autit_free_rule)
please help check, thanks.
:-)
gchen.
On 2013年04月10日 18:18, Chen Gang wrote:
in another
also for function audit_list_rules:
when call audit_make_reply fails (will return NULL).
we also need process data-buf, not only data itself.
please help check, thanks.
:-)
gchen.
On 2013年04月10日 18:28, Chen Gang wrote:
also for function audit_list:
when call
We only allow one filter key per rule. So we should never be able to get into
this situation. See audit_data_to_entry()
-Eric
- Original Message -
in the 'fcount' looping,
if 'new-fields[*].type has 2 or more AUDIT_FILTERKEYs
need judge new-filterkey whether has value,
- Original Message -
in another function: audit_data_to_entry:
a. has the same issue for case AUDIT_WATCH.
You are saying if there were 2 of them it will leak the old one? No. If you
have 2 AUDIT_WATCH entries the first one will set entry-rule-watch and the
second will bomb
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call audit_free_rule.
but audit_free_rule will not free rule-tree.
Definitely a couple of leaks here...
I'm seeing
- Original Message -
also for function audit_list:
when call audit_make_reply fails (will return NULL).
we need free all its related variables instead of only kfree rull.
(such as call autit_free_rule)
please help check, thanks.
audit_free_rule() takes a struct
- Original Message -
also for function audit_list_rules:
when call audit_make_reply fails (will return NULL).
we also need process data-buf, not only data itself.
please help check, thanks.
struct audit_rule_data {
[...]
charbuf[0]; /* string fields
On 2013年04月11日 05:38, Eric Paris wrote:
- Original Message -
also for function audit_list_rules:
when call audit_make_reply fails (will return NULL).
we also need process data-buf, not only data itself.
please help check, thanks.
struct audit_rule_data {
[...]
On 2013年04月11日 05:32, Eric Paris wrote:
- Original Message -
also for function audit_list:
when call audit_make_reply fails (will return NULL).
we need free all its related variables instead of only kfree rull.
(such as call autit_free_rule)
please help
On 2013年04月11日 04:29, Eric Paris wrote:
- Original Message -
in another function: audit_data_to_entry:
a. has the same issue for case AUDIT_WATCH.
You are saying if there were 2 of them it will leak the old one? No. If you
have 2 AUDIT_WATCH entries the first one will
On 2013年04月11日 04:08, Eric Paris wrote:
We only allow one filter key per rule. So we should never be able to get
into this situation. See audit_data_to_entry()
really it is, thanks.
:-)
--
Chen Gang
Asianux Corporation
--
To unsubscribe from this list: send the line unsubscribe
On 2013年04月11日 05:19, Eric Paris wrote:
- Original Message -
b. has an new issue for AUDIT_DIR:
after AUDIT_DIR succeed, it will set rule-tree.
next, the other case fail, then will call audit_free_rule.
but audit_free_rule will not free rule-tree.
42 matches
Mail list logo