Re: Format specifier issue when building kernel
On Thu, Oct 31, 2013 at 12:25:55PM -0700, William Roberts wrote:
> + if (msg_type != AUDIT_USER_TTY) {
> + char fmt[64];
> + strcat(fmt, " msg='%.");
> + strcat(fmt, "AUDIT_MESSAGE_TEXT_MAX");
> + strcat(fmt, "s'");
> + audit_log_format(ab, fmt, (char *)data);
> + } else {
I am ok with this. In fact I was going to do this the first time, but I
thought their would be some explicit reason to avoid the additional
run time overhead as the concat could be made at compile time.
Ok, this was in danger of starting with fmt in an unknown state. Latest
patch:
diff --git a/kernel/audit.c b/kernel/audit.c
@@ -148,6 +148,8 @@ DEFINE_MUTEX(audit_cmd_mutex);
* should be at least that large. */
#define AUDIT_BUFSIZ 1024
+char usermsg_format[64] = "";
+
/* AUDIT_MAXFREE is the number of empty audit_buffers we keep on the
* audit_freelist. Doing so eliminates many kmalloc/kfree calls. */
#define AUDIT_MAXFREE (2*NR_CPUS)
@@ -714,11 +716,15 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr
*nlh)
break;
}
audit_log_common_recv_msg(&ab, msg_type);
- if (msg_type != AUDIT_USER_TTY)
- audit_log_format(ab,
- " msg='%.AUDIT_MESSAGE_TEXT_MAXs'",
+ if (msg_type != AUDIT_USER_TTY) {
+ if (unlikely(usermsg_format[0] == 0))
+ snprintf(usermsg_format,
+ sizeof(usermsg_format),
+ " msg=\'%%.%ds\'",
+ AUDIT_MESSAGE_TEXT_MAX);
+ audit_log_format(ab, usermsg_format,
(char *)data);
- else {
+ } else {
int size;
audit_log_format(ab, " data=");
- RGB
--
Richard Guy Briggs <rbriggs(a)redhat.com>
Senior Software Engineer
Kernel Security
AMER ENG Base Operating Systems
Remote, Ottawa, Canada
Voice: +1.647.777.2635
Internal: (81) 32635
Alt: +1.613.693.0684x3545