From: Stephen Smalley <sds@tycho.nsa.gov>
Date: Tue, 24 May 2005 20:28:28 +0000 (+0100)
Subject: AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit
X-Git-Tag: v2.6.14-rc2~49^2~43
X-Git-Url: http://git.openpandora.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=37ca5389b863e5ffba6fb7c22331bf57dbf7764a;p=pandora-kernel.git

AUDIT: Fix remaining cases of direct logging of untrusted strings by avc_audit

Per Steve Grubb's observation that there are some remaining cases where
avc_audit() directly logs untrusted strings without escaping them, here
is a patch that changes avc_audit() to use audit_log_untrustedstring()
or audit_log_hex() as appropriate.  Note that d_name.name is nul-
terminated by d_alloc(), and that sun_path is nul-terminated by
unix_mkname(), so it is not necessary for the AVC to create nul-
terminated copies or to alter audit_log_untrustedstring to take a length
argument.  In the case of an abstract name, we use audit_log_hex() with
an explicit length.

Signed-off-by: Stephen Smalley <sds@tycho.nsa.gov>
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
---

Reading git-diff-tree failed