kernel-ark/kernel
Steve Grubb 168b717395 AUDIT: Clean up logging of untrusted strings
* If vsnprintf returns -1, it will mess up the sk buffer space accounting. 
This is fixed by not calling skb_put with bogus len values.

* audit_log_hex was a loop that called audit_log_vformat with %02X for each 
character. This is very inefficient since conversion from unsigned character 
to Ascii representation is essentially masking, shifting, and byte lookups. 
Also, the length of the converted string is well known - it's twice the 
original. Fixed by rewriting the function.

* audit_log_untrustedstring had no comments. This makes it hard for 
someone to understand what the string format will be.

* audit_log_d_path was never fixed to use untrustedstring. This could mess
up user space parsers. This was fixed to make a temp buffer, call d_path, 
and log temp buffer using untrustedstring. 

From: Steve Grubb <sgrubb@redhat.com>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
2005-05-19 10:24:22 +01:00
..
irq Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
power [PATCH] DocBook: changes and extensions to the kernel documentation 2005-05-01 08:59:25 -07:00
acct.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
audit.c AUDIT: Clean up logging of untrusted strings 2005-05-19 10:24:22 +01:00
auditsc.c AUDIT: Capture sys_socketcall arguments and sockaddrs 2005-05-17 12:08:48 +01:00
capability.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
compat.c [PATCH] Fix get_compat_sigevent() 2005-04-16 15:24:01 -07:00
configs.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cpu.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
cpuset.c [PATCH] cpuset: remove function attribute const 2005-04-16 15:25:59 -07:00
dma.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exec_domain.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
exit.c [patch] MCA recovery module undefined symbol fix 2005-05-03 13:58:17 -07:00
extable.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
fork.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
futex.c [PATCH] convert that currently tests _NSIG directly to use valid_signal() 2005-05-01 08:59:14 -07:00
intermodule.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
itimer.c [PATCH] setitimer timer expires too early 2005-05-05 16:36:41 -07:00
kallsyms.c [PATCH] ppc32: platform-specific functions missing from kallsyms. 2005-05-05 16:36:31 -07:00
kfifo.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
kmod.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
kprobes.c [PATCH] kprobes: Allow multiple kprobes at the same address 2005-05-05 16:36:39 -07:00
ksysfs.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
kthread.c [PATCH] use smp_mb/wmb/rmb where possible 2005-05-01 08:58:47 -07:00
Makefile [PATCH] ppc64: remove hidden -fno-omit-frame-pointer for schedule.c 2005-05-05 16:36:32 -07:00
module.c [PATCH] Change synchronize_kernel to _rcu and _sched 2005-05-01 08:59:04 -07:00
panic.c [SPARC]: Stop-A printk cleanup 2005-04-24 20:38:02 -07:00
params.c [PATCH] kernel/param.c: don't use .max when .num is NULL in param_array_set() 2005-04-16 15:25:42 -07:00
pid.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
posix-cpu-timers.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
posix-timers.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
printk.c [PATCH] clean up kernel messages 2005-05-01 08:59:02 -07:00
profile.c [PATCH] Change synchronize_kernel to _rcu and _sched 2005-05-01 08:59:04 -07:00
ptrace.c [PATCH] convert that currently tests _NSIG directly to use valid_signal() 2005-05-01 08:59:14 -07:00
rcupdate.c [PATCH] Deprecate synchronize_kernel, GPL replacement 2005-05-01 08:59:04 -07:00
resource.c [PATCH] pci enumeration on ixp2000: overflow in kernel/resource.c 2005-04-16 15:25:58 -07:00
sched.c [PATCH] DocBook: fix some descriptions 2005-05-01 08:59:26 -07:00
seccomp.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
signal.c The attached patch addresses the problem with getting the audit daemon 2005-05-06 12:38:39 +01:00
softirq.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
spinlock.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
stop_machine.c [PATCH] use smp_mb/wmb/rmb where possible 2005-05-01 08:58:47 -07:00
sys_ni.c [PATCH] consolidate sys_shmat 2005-05-01 08:59:12 -07:00
sys.c [PATCH] correctly name the Shell sort 2005-05-05 16:36:50 -07:00
sysctl.c [PATCH] DocBook: fix some descriptions 2005-05-01 08:59:26 -07:00
time.c [PATCH] time interpolator: Fix settimeofday inaccuracy 2005-04-28 08:13:58 -07:00
timer.c [PATCH] use smp_mb/wmb/rmb where possible 2005-05-01 08:58:47 -07:00
uid16.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
user.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
wait.c Linux-2.6.12-rc2 2005-04-16 15:20:36 -07:00
workqueue.c [PATCH] re-export cancel_rearming_delayed_workqueue 2005-04-16 15:23:59 -07:00