Gary Winiger writes:
> Tom,
>
> > Quoth Tom Whitten on Wed, Dec 03, 2008 at 10:43:29AM -0700:
> > > I've posted a webrev at
> > > http://cr.opensolaris.org/~fourctom/audit_02_dec_2008/ that contains a
> > > number of fixes for bugs in the SMF audit code. Specifically, there are
>
> Sorry I missed your original mail though I saw David's.
>
> Gary..
> > cmd/svc/configd/client.c
> > start_audit_session(): Won't this code still produce a syslog LOG_ERR
> > message when door_ucred() fails with EINVAL? Why not just return
> > instead? Or set cp->rc_adt_session and return?
>
> While setting session to NULL will likely fix the possible
> segv/memory leak. I think David's proposal the if the door_ucred
> fails, syslog, set cp->rc_adt_session = NULL; and return is better.
> then 1967-1968 could be combined. Perhaps all the ifs could
> get rid of the adt_rc == 0 and all failures "goto" a set cp->rc_adt...
> and return point, which looks like it could just be a fall through
> at the end. I realize it's a bigger rewrite, consider it as
> possibly cleaner and more maintainable in the future ;-)
>
> Gary..
Thanks for your response, Gary. This is a good suggestion. It will make
things cleaner.
You and David seem to be differing on whether or not I should call
syslog(). I'm inclined to not call syslog() if door_ucred() returns
EINVAL, since that means that the door client went away. All other error
returns from door_ucred() should probably cause an abort by calling
bad_error(). They are:
EAGAIN The location pointed to by info was NULL and allo-
cating memory sufficient to hold a ucred failed.
EFAULT The address of the info argument is invalid.
ENOMEM The location pointed to by info was NULL and allo-
cating memory sufficient to hold a ucred failed.
tom
