From: Mateusz Guzik <mguzik@redhat.com>
To: William Roberts <bill.c.roberts@gmail.com>
Cc: linux-audit@redhat.com, linux-mm@kvack.org,
linux-kernel@vger.kernel.org, rgb@redhat.com,
viro@zeniv.linux.org.uk, akpm@linux-foundation.org,
sds@tycho.nsa.gov, William Roberts <wroberts@tresys.com>
Subject: Re: [RFC][PATCH 3/3] audit: Audit proc cmdline value
Date: Mon, 6 Jan 2014 18:08:56 +0100 [thread overview]
Message-ID: <20140106170855.GA1828@mguzik.redhat.com> (raw)
In-Reply-To: <1389022230-24664-3-git-send-email-wroberts@tresys.com>
I can't comment on the concept, but have one nit.
On Mon, Jan 06, 2014 at 07:30:30AM -0800, William Roberts wrote:
> +static void audit_log_cmdline(struct audit_buffer *ab, struct task_struct *tsk,
> + struct audit_context *context)
> +{
> + int res;
> + char *buf;
> + char *msg = "(null)";
> + audit_log_format(ab, " cmdline=");
> +
> + /* Not cached */
> + if (!context->cmdline) {
> + buf = kmalloc(PATH_MAX, GFP_KERNEL);
> + if (!buf)
> + goto out;
> + res = get_cmdline(tsk, buf, PATH_MAX);
> + /* Ensure NULL terminated */
> + if (buf[res-1] != '\0')
> + buf[res-1] = '\0';
This accesses memory below the buffer if get_cmdline returned 0, which I
believe will be the case when someone jokingly unmaps the area (all
maybe when it is swapped out but can't be swapped in due to I/O errors).
Also since you are just putting 0 in there anyway I don't see much point
in testing for it.
> + context->cmdline = buf;
> + }
> + msg = context->cmdline;
> +out:
> + audit_log_untrustedstring(ab, msg);
> +}
> +
--
Mateusz Guzik
--
To unsubscribe, send a message with 'unsubscribe linux-mm' in
the body to majordomo@kvack.org. For more info on Linux MM,
see: http://www.linux-mm.org/ .
Don't email: <a href=mailto:"dont@kvack.org"> email@kvack.org </a>
next prev parent reply other threads:[~2014-01-06 17:09 UTC|newest]
Thread overview: 12+ messages / expand[flat|nested] mbox.gz Atom feed top
2014-01-06 15:30 [RFC][PATCH 1/3] mm: Create utility function for accessing a tasks commandline value William Roberts
2014-01-06 15:30 ` [RFC][PATCH 2/3] proc: Update get proc_pid_cmdline() to use mm.h helpers William Roberts
2014-01-06 15:30 ` [RFC][PATCH 3/3] audit: Audit proc cmdline value William Roberts
2014-01-06 17:08 ` Mateusz Guzik [this message]
2014-01-06 17:26 ` William Roberts
2014-01-06 17:30 ` William Roberts
2014-01-14 22:45 ` Richard Guy Briggs
2014-01-15 0:50 ` William Roberts
2014-01-15 0:56 ` William Roberts
2014-01-15 3:44 ` Richard Guy Briggs
2014-01-15 12:40 ` Paul Davies C
-- strict thread matches above, loose matches on Subject: below --
2013-12-23 21:01 [RFC][PATCH 1/3] mm: Create utility function for accessing a tasks commandline value William Roberts
2013-12-23 21:01 ` [RFC][PATCH 3/3] audit: Audit proc cmdline value William Roberts
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=20140106170855.GA1828@mguzik.redhat.com \
--to=mguzik@redhat.com \
--cc=akpm@linux-foundation.org \
--cc=bill.c.roberts@gmail.com \
--cc=linux-audit@redhat.com \
--cc=linux-kernel@vger.kernel.org \
--cc=linux-mm@kvack.org \
--cc=rgb@redhat.com \
--cc=sds@tycho.nsa.gov \
--cc=viro@zeniv.linux.org.uk \
--cc=wroberts@tresys.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox