[patch] improved SELinux auditing

Colin Walters walters at verbum.org
Mon Nov 8 21:43:40 PST 2004


On Tue, 2004-11-09 at 00:13 -0500, Havoc Pennington wrote:
> On Mon, 2004-11-08 at 19:41 -0500, Colin Walters wrote:
> > +      const char *dest = dbus_message_get_destination (message);
> > +       
> 
> Split into "const char *dest;" and "dest = " would make me feel warm and
> fuzzy

Well, I was shuffling around existing code :)  This is already fixed in
a further pending patch, but I went ahead and fixed it in this patch
(and the other instances).

> > +  buflen = MIN (len, real->len);
> 
> real->len is without the nul termination according to comments in dbus-
> string-private.h... does that mean the memcpy here does not get a nul if
> len > real->len?

Hm, I had thought ->len included the nul, but it makes sense that it
doesn't.  I think I didn't notice this in testing because the SELinux
auxiliary audit data doesn't actually need to be nul-terminated.
Anyways, take 3:




-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus-better-selinux-audit-3.patch
Type: text/x-patch
Size: 15279 bytes
Desc: not available
Url : http://freedesktop.org/pipermail/dbus/attachments/20041109/81b81498/dbus-better-selinux-audit-3-0001.bin


More information about the dbus mailing list