Date: Thu, 20 Oct 2005 18:44:37 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 85610 for review Message-ID: <200510201844.j9KIibhB019752@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=85610 Change 85610 by rwatson@rwatson_zoo on 2005/10/20 18:44:37 Simplify token allocation code: because we allocate with M_WAITOK, failure isn't permitted. When we abandon an audit record because we don't know how to convert it to BSM, make sure that we free the BSM subject token allocated before this decision was made. Affected files ... .. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_audit.c#27 edit .. //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_token.c#12 edit Differences ... ==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_audit.c#27 (text+ko) ==== @@ -116,16 +116,11 @@ tm.tv_usec = ctime->tv_nsec / 1000; tm.tv_sec = ctime->tv_sec; hdr = au_to_header32(tot_rec_size, event, 0, tm); - - if (hdr != NULL) { - /* Add to head of list */ - TAILQ_INSERT_HEAD(&rec->token_q, hdr, tokens); + TAILQ_INSERT_HEAD(&rec->token_q, hdr, tokens); + + trail = au_to_trailer(tot_rec_size); + TAILQ_INSERT_TAIL(&rec->token_q, trail, tokens); - trail = au_to_trailer(tot_rec_size); - if (trail != NULL) - TAILQ_INSERT_TAIL(&rec->token_q, trail, - tokens); - } /* Serialize token data to the record. */ rec->len = tot_rec_size; @@ -1052,6 +1047,8 @@ default: /* We shouldn't fall through to here. */ printf("BSM conversion requested for unknown event %d\n", ar->ar_event); + /* Write the subject token so it is properly freed here. */ + kau_write(rec, subj_tok); kau_free(rec); return (BSM_NOAUDIT); } ==== //depot/projects/trustedbsd/audit3/sys/security/audit/kern_bsm_token.c#12 (text+ko) ==== @@ -59,16 +59,9 @@ #define GET_TOKEN_AREA(t, dptr, length) do { \ t = malloc(sizeof(token_t), M_AUDITBSM, M_WAITOK); \ - if (t != NULL) { \ - t->len = length; \ - t->t_data = malloc(length * sizeof(u_char), \ - M_AUDITBSM, M_WAITOK); \ - if ((dptr = t->t_data) == NULL) { \ - free(t, M_AUDITBSM); \ - t = NULL; \ - } else \ - memset(dptr, 0, length); \ - } \ + t->t_data = malloc(length, M_AUDITBSM, M_WAITOK | M_ZERO); \ + t->len = length; \ + dptr = t->t_data; \ } while (0) /*
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200510201844.j9KIibhB019752>