From owner-p4-projects@FreeBSD.ORG  Sun Jul 22 13:14:10 2012
Return-Path: <owner-p4-projects@FreeBSD.ORG>
Delivered-To: p4-projects@freebsd.org
Received: by hub.freebsd.org (Postfix, from userid 32767)
	id C65A41065670; Sun, 22 Jul 2012 13:14:09 +0000 (UTC)
Delivered-To: perforce@freebsd.org
Received: from mx1.freebsd.org (mx1.freebsd.org [69.147.83.52])
	by hub.freebsd.org (Postfix) with ESMTP id 7D3AF106564A
	for <perforce@freebsd.org>; Sun, 22 Jul 2012 13:14:09 +0000 (UTC)
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: from skunkworks.freebsd.org (skunkworks.freebsd.org
	[IPv6:2001:4f8:fff6::2d])
	by mx1.freebsd.org (Postfix) with ESMTP id 652AD8FC08
	for <perforce@freebsd.org>; Sun, 22 Jul 2012 13:14:09 +0000 (UTC)
Received: from skunkworks.freebsd.org (localhost [127.0.0.1])
	by skunkworks.freebsd.org (8.14.4/8.14.4) with ESMTP id q6MDE9tm062804
	for <perforce@freebsd.org>; Sun, 22 Jul 2012 13:14:09 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Received: (from perforce@localhost)
	by skunkworks.freebsd.org (8.14.4/8.14.4/Submit) id q6MDE9cn062801
	for perforce@freebsd.org; Sun, 22 Jul 2012 13:14:09 GMT
	(envelope-from bb+lists.freebsd.perforce@cyrus.watson.org)
Date: Sun, 22 Jul 2012 13:14:09 GMT
Message-Id: <201207221314.q6MDE9cn062801@skunkworks.freebsd.org>
X-Authentication-Warning: skunkworks.freebsd.org: perforce set sender to
	bb+lists.freebsd.perforce@cyrus.watson.org using -f
From: Robert Watson <rwatson@FreeBSD.org>
To: Perforce Change Reviews <perforce@freebsd.org>
Precedence: bulk
Cc: 
Subject: PERFORCE change 214753 for review
X-BeenThere: p4-projects@freebsd.org
X-Mailman-Version: 2.1.5
List-Id: p4 projects tree changes <p4-projects.freebsd.org>
List-Unsubscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=unsubscribe>
List-Archive: <http://lists.freebsd.org/pipermail/p4-projects>
List-Post: <mailto:p4-projects@freebsd.org>
List-Help: <mailto:p4-projects-request@freebsd.org?subject=help>
List-Subscribe: <http://lists.freebsd.org/mailman/listinfo/p4-projects>,
	<mailto:p4-projects-request@freebsd.org?subject=subscribe>
X-List-Received-Date: Sun, 22 Jul 2012 13:14:11 -0000

http://p4web.freebsd.org/@@214753?ac=10

Change 214753 by rwatson@rwatson_cinnamon on 2012/07/22 13:13:13

	Add improved XML generation using vis(3) as submitted by
	Ryan Steinmetz.  This will require further work, as vis(3) isn't
	portable, so must be added to our compat library for other
	platforms.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/CREDITS#11 edit
.. //depot/projects/trustedbsd/openbsm/NEWS#52 edit
.. //depot/projects/trustedbsd/openbsm/README#39 edit
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 edit

Differences ...

==== //depot/projects/trustedbsd/openbsm/CREDITS#11 (text+ko) ====

@@ -33,6 +33,7 @@
     Jonathan Anderson
     Pawel Jakub Dawidek
     Joel Dahl
+    Ryan Steinmetz
 
 In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel
 Software's FlexeLint tool were used to identify a number of bugs in the

==== //depot/projects/trustedbsd/openbsm/NEWS#52 (text+ko) ====

@@ -13,6 +13,7 @@
 - Fix a directory descriptor leak that happened when audit trail partitions
   filled.
 - Support for more Linux distributions with a partial contemporary endian.h.
+- Improved escaping of XML-encapsulated BSM.
 - A variety of minor documentation, style, and functional.
 
 OpenBSM 1.1p2
@@ -479,4 +480,4 @@
   to support reloading of kernel event table.
 - Allow comments in /etc/security configuration files.
 
-$P4: //depot/projects/trustedbsd/openbsm/NEWS#51 $
+$P4: //depot/projects/trustedbsd/openbsm/NEWS#52 $

==== //depot/projects/trustedbsd/openbsm/README#39 (text+ko) ====

@@ -64,4 +64,4 @@
 
     http://www.TrustedBSD.org/
 
-$P4: //depot/projects/trustedbsd/openbsm/README#38 $
+$P4: //depot/projects/trustedbsd/openbsm/README#39 $

==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 (text+ko) ====

@@ -32,7 +32,7 @@
  * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE
  * POSSIBILITY OF SUCH DAMAGE.
  *
- * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#71 $
+ * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 $
  */
 
 #include <sys/types.h>
@@ -76,6 +76,7 @@
 #include <string.h>
 #include <pwd.h>
 #include <grp.h>
+#include <vis.h>
 
 #include <bsm/audit_internal.h>
 
@@ -217,6 +218,51 @@
 }
 
 /*
+ * Prints the given data bytes as an XML-sanitized string.
+ */
+static void
+print_xml_string(FILE *fp, const char *str, size_t len)
+{
+	u_int32_t i;
+	char visbuf[5];
+
+	if (len == 0)
+		return;
+
+	for (i = 0; i < len; i++) {
+		switch (str[i]) {
+		case '\0':
+			return;
+
+		case '&':
+			(void) fprintf(fp, "&amp;");
+			break;
+
+		case '<':
+			(void) fprintf(fp, "&lt;");
+			break;
+
+		case '>':
+			(void) fprintf(fp, "&gt;");
+			break;
+
+		case '\"':
+			(void) fprintf(fp, "&quot;");
+			break;
+
+		case '\'':
+			(void) fprintf(fp, "&apos;");
+			break;
+
+		default:
+			(void) vis(visbuf, str[i], VIS_CSTYLE, 0);
+			(void) fprintf(fp, visbuf);
+			break;
+		}
+	}
+}
+
+/*
  * Prints the beggining of attribute.
  */
 static void
@@ -1846,7 +1892,7 @@
 	for (i = 0; i < tok->tt.execarg.count; i++) {
 		if (oflags & AU_OFLAG_XML) {
 			fprintf(fp, "<arg>");
-			print_string(fp, tok->tt.execarg.text[i],
+			print_xml_string(fp, tok->tt.execarg.text[i],
 			    strlen(tok->tt.execarg.text[i]));
 			fprintf(fp, "</arg>");
 		} else {
@@ -1904,7 +1950,7 @@
 	for (i = 0; i< tok->tt.execenv.count; i++) {
 		if (oflags & AU_OFLAG_XML) {
 			fprintf(fp, "<env>");
-			print_string(fp, tok->tt.execenv.text[i],
+			print_xml_string(fp, tok->tt.execenv.text[i],
 			    strlen(tok->tt.execenv.text[i]));
 			fprintf(fp, "</env>");
 		} else {