Re: Format specifier issue when building kernel

On Thu, Oct 31, 2013 at 12:25:55PM -0700, William Roberts wrote: > > + if (msg_type != AUDIT_USER_TTY) { > > + char fmt[64]; > > + strcat(fmt, " msg='%."); > > + strcat(fmt, "AUDIT_MESSAGE_TEXT_MAX"); > > + strcat(fmt, "s'"); > > + audit_log_format(ab, fmt, (char *)data); > > + } else { > > I am ok with this. In fact I was going to do this the first time, but I > thought their would be some explicit reason to avoid the additional > run time overhead as the concat could be made at compile time. Ok, this was in danger of starting with fmt in an unknown state. Latest patch: diff --git a/kernel/audit.c b/kernel/audit.c @@ -148,6 +148,8 @@ DEFINE_MUTEX(audit_cmd_mutex); * should be at least that large. */ #define AUDIT_BUFSIZ 1024 +char usermsg_format[64] = "";

/* AUDIT_MAXFREE is the number of empty audit_buffers we keep on the * audit_freelist. Doing so eliminates many kmalloc/kfree calls. */ #define AUDIT_MAXFREE (2*NR_CPUS) @@ -714,11 +716,15 @@ static int audit_receive_msg(struct sk_buff *skb, struct nlmsghdr *nlh) break; } audit_log_common_recv_msg(&ab, msg_type); - if (msg_type != AUDIT_USER_TTY) - audit_log_format(ab, - " msg='%.AUDIT_MESSAGE_TEXT_MAXs'", + if (msg_type != AUDIT_USER_TTY) { + if (unlikely(usermsg_format[0] == 0)) + snprintf(usermsg_format, + sizeof(usermsg_format), + " msg=\'%%.%ds\'", + AUDIT_MESSAGE_TEXT_MAX); + audit_log_format(ab, usermsg_format, (char *)data); - else { + } else { int size; audit_log_format(ab, " data="); - RGB -- Richard Guy Briggs <rbriggs(a)redhat.com&gt; Senior Software Engineer Kernel Security AMER ENG Base Operating Systems Remote, Ottawa, Canada Voice: +1.647.777.2635 Internal: (81) 32635 Alt: +1.613.693.0684x3545 -- Linux-audit mailing list Linux-audit(a)redhat.com https://www.redhat.com/mailman/listinfo/linux-audit