aboutsummaryrefslogtreecommitdiffstats
path: root/kernel/auditsc.c
diff options
context:
space:
mode:
authorEric Paris <eparis@redhat.com>2009-06-11 14:31:34 -0400
committerAl Viro <viro@zeniv.linux.org.uk>2009-06-23 23:50:34 -0400
commitb87ce6e4187c24b06483c8266822ce5e6b7fa7f3 (patch)
tree24b56d53dc03b0a6c8434ad2250c1c40d179d0ce /kernel/auditsc.c
parent35aa901c0b66cb3c2eeee23f13624014825a44a8 (diff)
Audit: better estimation of execve record length
The audit execve record splitting code estimates the length of the message generated. But it forgot to include the "" that wrap each string in its estimation. This means that execve messages with lots of tiny (1-2 byte) arguments could still cause records greater than 8k to be emitted. Simply fix the estimate. Signed-off-by: Eric Paris <eparis@redhat.com>
Diffstat (limited to 'kernel/auditsc.c')
-rw-r--r--kernel/auditsc.c4
1 files changed, 2 insertions, 2 deletions
diff --git a/kernel/auditsc.c b/kernel/auditsc.c
index 7d6ac7c1f414..b14d234b85f3 100644
--- a/kernel/auditsc.c
+++ b/kernel/auditsc.c
@@ -1024,8 +1024,8 @@ static int audit_log_single_execve_arg(struct audit_context *context,
1024{ 1024{
1025 char arg_num_len_buf[12]; 1025 char arg_num_len_buf[12];
1026 const char __user *tmp_p = p; 1026 const char __user *tmp_p = p;
1027 /* how many digits are in arg_num? 3 is the length of " a=" */ 1027 /* how many digits are in arg_num? 5 is the length of ' a=""' */
1028 size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 3; 1028 size_t arg_num_len = snprintf(arg_num_len_buf, 12, "%d", arg_num) + 5;
1029 size_t len, len_left, to_send; 1029 size_t len, len_left, to_send;
1030 size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN; 1030 size_t max_execve_audit_len = MAX_EXECVE_AUDIT_LEN;
1031 unsigned int i, has_cntl = 0, too_long = 0; 1031 unsigned int i, has_cntl = 0, too_long = 0;