[patch] improved SELinux auditing
Colin Walters
walters at verbum.org
Mon Nov 8 21:43:40 PST 2004
On Tue, 2004-11-09 at 00:13 -0500, Havoc Pennington wrote:
> On Mon, 2004-11-08 at 19:41 -0500, Colin Walters wrote:
> > + const char *dest = dbus_message_get_destination (message);
> > +
>
> Split into "const char *dest;" and "dest = " would make me feel warm and
> fuzzy
Well, I was shuffling around existing code :) This is already fixed in
a further pending patch, but I went ahead and fixed it in this patch
(and the other instances).
> > + buflen = MIN (len, real->len);
>
> real->len is without the nul termination according to comments in dbus-
> string-private.h... does that mean the memcpy here does not get a nul if
> len > real->len?
Hm, I had thought ->len included the nul, but it makes sense that it
doesn't. I think I didn't notice this in testing because the SELinux
auxiliary audit data doesn't actually need to be nul-terminated.
Anyways, take 3:
-------------- next part --------------
A non-text attachment was scrubbed...
Name: dbus-better-selinux-audit-3.patch
Type: text/x-patch
Size: 15279 bytes
Desc: not available
Url : http://freedesktop.org/pipermail/dbus/attachments/20041109/81b81498/dbus-better-selinux-audit-3-0001.bin
More information about the dbus
mailing list