bk://linux-audit.bkbits.net/audit-2.6-mm dwmw2@shinybook.infradead.org|ChangeSet|20050318153750|30092 dwmw2 # This is a BitKeeper generated diff -Nru style patch. # # ChangeSet # 2005/03/19 09:19:30+00:00 akpm@osdl.org # audit_log_untrustedstring() warning fix # # kernel/audit.c: In function `audit_log_untrustedstring': # kernel/audit.c:736: warning: comparison is always false due to limited range of data type # # Signed-off-by: Andrew Morton # Signed-off-by: David Woodhouse # # kernel/audit.c # 2005/03/19 09:19:07+00:00 akpm@osdl.org +1 -1 # kernel/audit.c: In function `audit_log_untrustedstring': # kernel/audit.c:736: warning: comparison is always false due to limited range of data type # # ChangeSet # 2005/03/18 11:50:08-08:00 akpm@bix.(none) # Merge bk://linux-audit.bkbits.net/audit-2.6-mm # into bix.(none):/usr/src/bk-audit # # kernel/auditsc.c # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # include/linux/fs.h # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # include/linux/audit.h # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # fs/proc/base.c # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # fs/namei.c # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/um/kernel/ptrace.c # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/mips/kernel/ptrace.c # 2005/03/18 11:50:03-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/18 15:37:50+00:00 dwmw2@shinybook.infradead.org # AUDIT: Avoid log pollution by untrusted strings. # # We log strings from userspace, such as arguments to open(). These could # be formatted to contain \n followed by fake audit log entries. Provide # a function for logging such strings, which gives a hex dump when the # string contains anything but basic printable ASCII characters. Use it # for logging filenames. # # Signed-off-by: David Woodhouse # # kernel/auditsc.c # 2005/03/18 15:37:33+00:00 dwmw2@shinybook.infradead.org +4 -3 # Use audit_log_untrustedstring() for logging names. # # kernel/audit.c # 2005/03/18 15:37:33+00:00 dwmw2@shinybook.infradead.org +23 -0 # Add audit_log_hex() and audit_log_untrustedstring() # # include/linux/audit.h # 2005/03/18 15:37:33+00:00 dwmw2@shinybook.infradead.org +7 -1 # Add definitions of audit_log_hex() and audit_log_untrustedstring() # # ChangeSet # 2005/03/17 16:20:18-08:00 akpm@bix.(none) # Merge bix.(none):/usr/src/bk25 into bix.(none):/usr/src/bk-audit # # kernel/auditsc.c # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # include/linux/fs.h # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # include/linux/audit.h # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # fs/proc/base.c # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # fs/namei.c # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/um/kernel/ptrace.c # 2005/03/17 16:20:14-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/mips/kernel/ptrace.c # 2005/03/17 16:20:13-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/17 13:10:52+00:00 dwmw2@shinybook.infradead.org # Merge # # fs/proc/base.c # 2005/03/17 13:10:39+00:00 dwmw2@shinybook.infradead.org +0 -0 # SCCS merged # # kernel/auditsc.c # 2005/03/17 13:07:53+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # include/linux/fs.h # 2005/03/17 13:07:53+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # include/linux/audit.h # 2005/03/17 13:07:53+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # fs/namei.c # 2005/03/17 13:07:53+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # arch/um/kernel/ptrace.c # 2005/03/17 13:07:52+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # arch/mips/kernel/ptrace.c # 2005/03/17 13:07:52+00:00 dwmw2@shinybook.infradead.org +0 -0 # Auto merged # # ChangeSet # 2005/03/15 23:46:54-08:00 akpm@bix.(none) # Merge bix.(none):/usr/src/bk25 into bix.(none):/usr/src/bk-audit # # fs/proc/base.c # 2005/03/15 23:46:49-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/12 12:49:23-08:00 akpm@bix.(none) # Merge bk://linux-audit.bkbits.net/audit-2.6-mm # into bix.(none):/usr/src/bk-audit # # include/linux/audit.h # 2005/03/12 12:49:19-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/12 12:48:02-08:00 akpm@bix.(none) # Merge bix.(none):/usr/src/bk25 into bix.(none):/usr/src/bk-audit # # include/linux/audit.h # 2005/03/12 12:47:57-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/10 17:50:49-08:00 akpm@bix.(none) # Merge bix.(none):/usr/src/bk25 into bix.(none):/usr/src/bk-audit # # fs/namei.c # 2005/03/10 17:50:44-08:00 akpm@bix.(none) +0 -0 # Auto merged # # ChangeSet # 2005/03/10 12:59:07-08:00 akpm@bix.(none) # Merge # # fs/proc/base.c # 2005/03/10 12:59:05-08:00 akpm@bix.(none) +0 -0 # SCCS merged # # kernel/auditsc.c # 2005/03/10 12:53:45-08:00 akpm@bix.(none) +0 -0 # Auto merged # # include/linux/fs.h # 2005/03/10 12:53:45-08:00 akpm@bix.(none) +0 -0 # Auto merged # # fs/namei.c # 2005/03/10 12:53:45-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/um/kernel/ptrace.c # 2005/03/10 12:53:45-08:00 akpm@bix.(none) +0 -0 # Auto merged # # arch/mips/kernel/ptrace.c # 2005/03/10 12:53:45-08:00 akpm@bix.(none) +0 -0 # Auto merged # diff -Nru a/include/linux/audit.h b/include/linux/audit.h --- a/include/linux/audit.h 2005-03-20 16:39:17 -08:00 +++ b/include/linux/audit.h 2005-03-20 16:39:17 -08:00 @@ -174,11 +174,15 @@ const char *fmt, ...) __attribute__((format(printf,2,3))); extern void audit_log_end(struct audit_buffer *ab); +extern void audit_log_hex(struct audit_buffer *ab, + const unsigned char *buf, + size_t len); +extern void audit_log_untrustedstring(struct audit_buffer *ab, + const char *string); extern void audit_log_d_path(struct audit_buffer *ab, const char *prefix, struct dentry *dentry, struct vfsmount *vfsmnt); - /* Private API (for auditsc.c only) */ extern void audit_send_reply(int pid, int seq, int type, int done, int multi, @@ -190,6 +194,8 @@ #define audit_log_vformat(b,f,a) do { ; } while (0) #define audit_log_format(b,f,...) do { ; } while (0) #define audit_log_end(b) do { ; } while (0) +#define audit_log_hex(a,b,l) do { ; } while (0) +#define audit_log_untrustedstring(a,s) do { ; } while (0) #define audit_log_d_path(b,p,d,v) do { ; } while (0) #endif #endif diff -Nru a/kernel/audit.c b/kernel/audit.c --- a/kernel/audit.c 2005-03-20 16:39:17 -08:00 +++ b/kernel/audit.c 2005-03-20 16:39:17 -08:00 @@ -720,6 +720,29 @@ va_end(args); } +void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len) +{ + int i; + + for (i=0; i 0x7f) { + audit_log_hex(ab, string, strlen(string)); + return; + } + p++; + } + audit_log_format(ab, "\"%s\"", string); +} + + /* This is a helper-function to print the d_path without using a static * buffer or allocating another buffer in addition to the one in * audit_buffer. */ diff -Nru a/kernel/auditsc.c b/kernel/auditsc.c --- a/kernel/auditsc.c 2005-03-20 16:39:17 -08:00 +++ b/kernel/auditsc.c 2005-03-20 16:39:17 -08:00 @@ -668,9 +668,10 @@ if (!ab) continue; /* audit_panic has been called */ audit_log_format(ab, "item=%d", i); - if (context->names[i].name) - audit_log_format(ab, " name=%s", - context->names[i].name); + if (context->names[i].name) { + audit_log_format(ab, " name="); + audit_log_untrustedstring(ab, context->names[i].name); + } if (context->names[i].ino != (unsigned long)-1) audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o" " uid=%d gid=%d rdev=%02x:%02x",