diff options
Diffstat (limited to 'security/selinux/avc.c')
| -rw-r--r-- | security/selinux/avc.c | 10 |
1 files changed, 8 insertions, 2 deletions
diff --git a/security/selinux/avc.c b/security/selinux/avc.c index 8346a4f7c5d7..a99be508f93d 100644 --- a/security/selinux/avc.c +++ b/security/selinux/avc.c | |||
| @@ -739,14 +739,20 @@ static void avc_audit_post_callback(struct audit_buffer *ab, void *a) | |||
| 739 | rc = security_sid_to_context_inval(sad->state, sad->ssid, &scontext, | 739 | rc = security_sid_to_context_inval(sad->state, sad->ssid, &scontext, |
| 740 | &scontext_len); | 740 | &scontext_len); |
| 741 | if (!rc && scontext) { | 741 | if (!rc && scontext) { |
| 742 | audit_log_format(ab, " srawcon=%s", scontext); | 742 | if (scontext_len && scontext[scontext_len - 1] == '\0') |
| 743 | scontext_len--; | ||
| 744 | audit_log_format(ab, " srawcon="); | ||
| 745 | audit_log_n_untrustedstring(ab, scontext, scontext_len); | ||
| 743 | kfree(scontext); | 746 | kfree(scontext); |
| 744 | } | 747 | } |
| 745 | 748 | ||
| 746 | rc = security_sid_to_context_inval(sad->state, sad->tsid, &scontext, | 749 | rc = security_sid_to_context_inval(sad->state, sad->tsid, &scontext, |
| 747 | &scontext_len); | 750 | &scontext_len); |
| 748 | if (!rc && scontext) { | 751 | if (!rc && scontext) { |
| 749 | audit_log_format(ab, " trawcon=%s", scontext); | 752 | if (scontext_len && scontext[scontext_len - 1] == '\0') |
| 753 | scontext_len--; | ||
| 754 | audit_log_format(ab, " trawcon="); | ||
| 755 | audit_log_n_untrustedstring(ab, scontext, scontext_len); | ||
| 750 | kfree(scontext); | 756 | kfree(scontext); |
| 751 | } | 757 | } |
| 752 | } | 758 | } |