audit: Handle embedded NUL in TTY input auditing

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

From: Linux Kernel Mailing List

Subject: audit: Handle embedded NUL in TTY input auditing

Date: Monday, October 13, 2008 - 10:59 am

Gitweb:     http://git.kernel.org/git/?p=linux/kernel/git/torvalds/linux-2.6.git;a=commit;h=7459b6...
Commit:     7459b6ff36ab5e7d160980c3cb2be2f8cd194778
Parent:     9d020a2e5fd2c79f5b08a6cab2b02e7231d7cb84
Author:     Miloslav Trmac <mitr@redhat.com>
AuthorDate: Mon Oct 13 10:35:15 2008 +0100
Committer:  Linus Torvalds <torvalds@linux-foundation.org>
CommitDate: Mon Oct 13 09:51:39 2008 -0700

    audit: Handle embedded NUL in TTY input auditing
    
    Data read from a TTY can contain an embedded NUL byte (e.g. after
    pressing Ctrl-2, or sent to a PTY).  After the previous patch, the data
    would be logged only up to the first NUL.
    
    This patch modifies the AUDIT_TTY record to always use the hexadecimal
    format, which does not terminate at the first NUL byte.  The vast
    majority of recorded TTY input data will contain either ' ' or '\n', so
    the hexadecimal format would have been used anyway.
    
    Signed-off-by: Miloslav Trmac <mitr@redhat.com>
    Signed-off-by: Alan Cox <alan@redhat.com>
    Signed-off-by: Linus Torvalds <torvalds@linux-foundation.org>
---
 drivers/char/tty_audit.c |    2 +-
 1 files changed, 1 insertions(+), 1 deletions(-)

diff --git a/drivers/char/tty_audit.c b/drivers/char/tty_audit.c
index 3582f43..5787249 100644
--- a/drivers/char/tty_audit.c
+++ b/drivers/char/tty_audit.c
@@ -93,7 +93,7 @@ static void tty_audit_buf_push(struct task_struct *tsk, uid_t loginuid,
 		get_task_comm(name, tsk);
 		audit_log_untrustedstring(ab, name);
 		audit_log_format(ab, " data=");
-		audit_log_n_untrustedstring(ab, buf->data, buf->valid);
+		audit_log_n_hex(ab, buf->data, buf->valid);
 		audit_log_end(ab);
 	}
 	buf->valid = 0;
--
To unsubscribe from this list: send the line "unsubscribe git-commits-head" in
the body of a message to majordomo@vger.kernel.org
More majordomo info at  http://vger.kernel.org/majordomo-info.html

Previous message: [thread] [date] [author]
Next message: [thread] [date] [author]

Messages in current thread:

audit: Handle embedded NUL in TTY input auditing, Linux Kernel Mailing ..., (Mon Oct 13, 10:59 am)


linux-kernel:
Paul Turner	[tg_shares_up rewrite v2 11/11] sched: update tg->shares after cpu.shares write
Ingo Molnar	Re: [RFC] Cpu-hotplug: Using the Process Freezer (try2)
Michal Nazarewicz	Re: [PATCH] USB: Gadget: g_multi: added INF file for gadget with multiple configur...
Eric W. Biederman	Re: init's children list is long and slows reaping children.
Jeffrey V. Merkey	Re: Versioning file system
git:
Matthieu Moy	Re: Bugs in Gitosis
Daniel Barkalow	Re: About git and the use of SHA-1
David Lang	Re: mingw, windows, crlf/lf, and git
Shawn O. Pearce	Re: Bugs in Gitosis
Junio C Hamano	Re: [PATCH 14/21] Convert ce_path_match() to use struct pathspec
linux-netdev:
David Miller	Re: [2.6.30-rc3] powerpc: compilation error of mace module
David Miller	Re: [PATCH] ipv6: fix display of local and remote sit endpoints
Cong Wang	Re: [PATCH] s2io: add dynamic LRO disable support
Tobacco New Year Promo
Eric Dumazet	Re: [PATCH] net: implement emergency route cache rebulds when gc_elasticity is exc...
git-commits-head:
Linux Kernel Mailing List	V4L/DVB: tm6000: add special usb request to quit i2c tuner transfer
Linux Kernel Mailing List	of/flattree: merge early_init_dt_scan_memory() common code
Linux Kernel Mailing List	b43: N-PHY: add some registers and structs definitions
Linux Kernel Mailing List	powerpc: Move /proc/ppc64 to /proc/powerpc and add symlink
Linux Kernel Mailing List	drivers/acpi: use kasprintf
openbsd-misc:
Ted Bullock	Re: Proliant DL380 G3 cannot get on network
Eric Furman	Re: Defending OpenBSD Performance
Damien Miller	Re: Patching a SSH 'Weakness'
Tony Abernethy	Re: The Atheros story in much fewer words
Nick Holland	Re: 1 out of 3 hunks failed--saving rejects to kerberosV/src/lib/krb5/crypto.c.rej