From owner-cvs-src@FreeBSD.ORG  Mon Nov  6 00:15:45 2006
Return-Path: <owner-cvs-src@FreeBSD.ORG>
X-Original-To: cvs-src@FreeBSD.org
Delivered-To: cvs-src@FreeBSD.org
Received: from mx1.FreeBSD.org (mx1.freebsd.org [216.136.204.125])
	by hub.freebsd.org (Postfix) with ESMTP id 91A1B16A415;
	Mon,  6 Nov 2006 00:15:45 +0000 (UTC)
	(envelope-from csjp@FreeBSD.org)
Received: from repoman.freebsd.org (repoman.freebsd.org [216.136.204.115])
	by mx1.FreeBSD.org (Postfix) with ESMTP id 59DE443D64;
	Mon,  6 Nov 2006 00:15:45 +0000 (GMT)
	(envelope-from csjp@FreeBSD.org)
Received: from repoman.freebsd.org (localhost [127.0.0.1])
	by repoman.freebsd.org (8.13.6/8.13.6) with ESMTP id kA60Fjw8021055;
	Mon, 6 Nov 2006 00:15:45 GMT (envelope-from csjp@repoman.freebsd.org)
Received: (from csjp@localhost)
	by repoman.freebsd.org (8.13.6/8.13.4/Submit) id kA60Fj8v021054;
	Mon, 6 Nov 2006 00:15:45 GMT (envelope-from csjp)
Message-Id: <200611060015.kA60Fj8v021054@repoman.freebsd.org>
From: "Christian S.J. Peron" <csjp@FreeBSD.org>
Date: Mon, 6 Nov 2006 00:15:45 +0000 (UTC)
To: src-committers@FreeBSD.org, cvs-src@FreeBSD.org, cvs-all@FreeBSD.org
X-FreeBSD-CVS-Branch: HEAD
Cc: 
Subject: cvs commit: src/sys/security/audit audit_arg.c audit_private.h
X-BeenThere: cvs-src@freebsd.org
X-Mailman-Version: 2.1.5
Precedence: list
List-Id: CVS commit messages for the src tree <cvs-src.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/cvs-src>
List-Post: <mailto:cvs-src@freebsd.org>
List-Help: <mailto:cvs-src-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/cvs-src>,
	<mailto:cvs-src-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Mon, 06 Nov 2006 00:15:45 -0000

csjp        2006-11-06 00:15:45 UTC

  FreeBSD src repository

  Modified files:
    sys/security/audit   audit_arg.c audit_private.h 
  Log:
  Change the type of ar_arg_sockaddr from struct sockaddr to struct
  sockaddr_storage.  This structure is defined in RFC 2553 and is a more
  semantically correct structure for holding IP and IP6 sockaddr information.
  struct sockaddr is not big enough to hold all the required information for
  IP6, resulting in truncated addresses et al when auditing IP6 sockaddr
  information.
  
  We also need to assume that the sa->sa_len has been validated before the call to
  audit_arg_sockaddr() is made, otherwise it could result in a buffer overflow.
  This is being done to accommodate auditing of network related arguments (like
  connect, bind et al) that will be added soon.
  
  Discussed with: rwatson
  Obtained from:  TrustedBSD Project
  MFC after:      2 weeks
  
  Revision  Changes    Path
  1.7       +1 -2      src/sys/security/audit/audit_arg.c
  1.12      +1 -1      src/sys/security/audit/audit_private.h