Skip site navigation (1)Skip section navigation (2) 
Date:      Tue, 2 Oct 2012 17:00:21 GMT
From:      "Daniel U. Thibault" <daniel.thibault@drdc-rddc.gc.ca>
To:        freebsd-gnats-submit@FreeBSD.org
Subject:   misc/172279: OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_process32_ex documentation is incorrect
Message-ID:  <201210021700.q92H0LWI067193@red.freebsd.org>
Resent-Message-ID: <201210021710.q92HAECo091075@freefall.freebsd.org>
next in thread | raw e-mail | index | archive | help 


>Number:         172279
>Category:       misc
>Synopsis:       OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_process32_ex documentation is incorrect
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 02 17:10:14 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Daniel U. Thibault
>Release:        
>Organization:
DRDC Valcartier
>Environment:
>Description:
The au_to_process32_ex function of bsm_token.c (a component of the current libbsm implementation) reads in part:

/*
[...]
 *   machine address      16 bytes
 */
token_t *
au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
    gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid)
{
[...]
	if (tid->at_type == AU_IPv4)
		GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
		    10 * sizeof(u_int32_t));
	else if (tid->at_type == AU_IPv6)
		GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
		    13 * sizeof(u_int32_t));
[...]
	if (tid->at_type == AU_IPv6) {
		ADD_MEM(dptr, &tid->at_addr[1], sizeof(u_int32_t));
		ADD_MEM(dptr, &tid->at_addr[2], sizeof(u_int32_t));
		ADD_MEM(dptr, &tid->at_addr[3], sizeof(u_int32_t));
	}

   Clearly the token's size is variable, unlike what the preamble says.
>How-To-Repeat:
Look up http://www.opensource.apple.com/source/OpenBSM/OpenBSM-21/openbsm/libbsm/bsm_token.c and search for au_to_process32_ex.
>Fix:
Change the au_to_process32_ex preamble to conclude with:

 *   machine address       4 bytes/16 bytes (depending on address type-len)
 */


>Release-Note:
>Audit-Trail:
>Unformatted:

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201210021700.q92H0LWI067193>