aboutsummaryrefslogtreecommitdiffstats
diff options
context:
space:
mode:
authorAl Viro <viro@zeniv.linux.org.uk>2006-06-05 08:15:59 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2006-06-20 05:25:27 -0400
commit0a73dccc4fd472e65887eae6fbf4afc030541709 (patch)
treee9578332e31d0e88c681ac710acf2b196293ba8e
parentf368c07d7214a7c41dfceb76c8db473b850f0229 (diff)
[PATCH] validate rule fields' types
Signed-off-by: Al Viro <viro@zeniv.linux.org.uk>
-rw-r--r--kernel/auditfilter.c57
1 files changed, 48 insertions, 9 deletions
diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c
index 03a6919103d4..9f985dd5e937 100644
--- a/kernel/auditfilter.c
+++ b/kernel/auditfilter.c
@@ -348,17 +348,31 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule)
348 f->val = rule->values[i]; 348 f->val = rule->values[i];
349 349
350 err = -EINVAL; 350 err = -EINVAL;
351 if (f->type & AUDIT_UNUSED_BITS)
352 goto exit_free;
353
354 switch(f->type) { 351 switch(f->type) {
355 case AUDIT_SE_USER: 352 default:
356 case AUDIT_SE_ROLE:
357 case AUDIT_SE_TYPE:
358 case AUDIT_SE_SEN:
359 case AUDIT_SE_CLR:
360 case AUDIT_WATCH:
361 goto exit_free; 353 goto exit_free;
354 case AUDIT_PID:
355 case AUDIT_UID:
356 case AUDIT_EUID:
357 case AUDIT_SUID:
358 case AUDIT_FSUID:
359 case AUDIT_GID:
360 case AUDIT_EGID:
361 case AUDIT_SGID:
362 case AUDIT_FSGID:
363 case AUDIT_LOGINUID:
364 case AUDIT_PERS:
365 case AUDIT_ARCH:
366 case AUDIT_MSGTYPE:
367 case AUDIT_DEVMAJOR:
368 case AUDIT_DEVMINOR:
369 case AUDIT_EXIT:
370 case AUDIT_SUCCESS:
371 case AUDIT_ARG0:
372 case AUDIT_ARG1:
373 case AUDIT_ARG2:
374 case AUDIT_ARG3:
375 break;
362 case AUDIT_INODE: 376 case AUDIT_INODE:
363 err = audit_to_inode(&entry->rule, f); 377 err = audit_to_inode(&entry->rule, f);
364 if (err) 378 if (err)
@@ -432,6 +446,29 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
432 f->se_str = NULL; 446 f->se_str = NULL;
433 f->se_rule = NULL; 447 f->se_rule = NULL;
434 switch(f->type) { 448 switch(f->type) {
449 case AUDIT_PID:
450 case AUDIT_UID:
451 case AUDIT_EUID:
452 case AUDIT_SUID:
453 case AUDIT_FSUID:
454 case AUDIT_GID:
455 case AUDIT_EGID:
456 case AUDIT_SGID:
457 case AUDIT_FSGID:
458 case AUDIT_LOGINUID:
459 case AUDIT_PERS:
460 case AUDIT_ARCH:
461 case AUDIT_MSGTYPE:
462 case AUDIT_PPID:
463 case AUDIT_DEVMAJOR:
464 case AUDIT_DEVMINOR:
465 case AUDIT_EXIT:
466 case AUDIT_SUCCESS:
467 case AUDIT_ARG0:
468 case AUDIT_ARG1:
469 case AUDIT_ARG2:
470 case AUDIT_ARG3:
471 break;
435 case AUDIT_SE_USER: 472 case AUDIT_SE_USER:
436 case AUDIT_SE_ROLE: 473 case AUDIT_SE_ROLE:
437 case AUDIT_SE_TYPE: 474 case AUDIT_SE_TYPE:
@@ -474,6 +511,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data,
474 if (err) 511 if (err)
475 goto exit_free; 512 goto exit_free;
476 break; 513 break;
514 default:
515 goto exit_free;
477 } 516 }
478 } 517 }
479 518