diff options
author | <dwmw2@shinybook.infradead.org> | 2005-04-29 15:54:44 +0100 |
---|---|---|
committer | <dwmw2@shinybook.infradead.org> | 2005-04-29 15:54:44 +0100 |
commit | 83c7d09173fdb6b06b109e65895392db3e49ac9c (patch) | |
tree | 3f48367a4d1413e221a5367bcd0cf8df7322c368 /include/linux | |
parent | c60c390620e0abb60d4ae8c43583714bda27763f (diff) |
AUDIT: Avoid log pollution by untrusted strings.
We log strings from userspace, such as arguments to open(). These could
be formatted to contain \n followed by fake audit log entries. Provide
a function for logging such strings, which gives a hex dump when the
string contains anything but basic printable ASCII characters. Use it
for logging filenames.
Signed-off-by: David Woodhouse <dwmw2@infradead.org>
Diffstat (limited to 'include/linux')
-rw-r--r-- | include/linux/audit.h | 8 |
1 files changed, 7 insertions, 1 deletions
diff --git a/include/linux/audit.h b/include/linux/audit.h index 3628f7cfb17..9b77992c488 100644 --- a/include/linux/audit.h +++ b/include/linux/audit.h @@ -174,11 +174,15 @@ extern void audit_log_format(struct audit_buffer *ab, const char *fmt, ...) __attribute__((format(printf,2,3))); extern void audit_log_end(struct audit_buffer *ab); +extern void audit_log_hex(struct audit_buffer *ab, + const unsigned char *buf, + size_t len); +extern void audit_log_untrustedstring(struct audit_buffer *ab, + const char *string); extern void audit_log_d_path(struct audit_buffer *ab, const char *prefix, struct dentry *dentry, struct vfsmount *vfsmnt); - /* Private API (for auditsc.c only) */ extern void audit_send_reply(int pid, int seq, int type, int done, int multi, @@ -190,6 +194,8 @@ extern void audit_log_lost(const char *message); #define audit_log_vformat(b,f,a) do { ; } while (0) #define audit_log_format(b,f,...) do { ; } while (0) #define audit_log_end(b) do { ; } while (0) +#define audit_log_hex(a,b,l) do { ; } while (0) +#define audit_log_untrustedstring(a,s) do { ; } while (0) #define audit_log_d_path(b,p,d,v) do { ; } while (0) #endif #endif |