Date: Sun, 22 Jul 2012 13:14:09 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 214753 for review Message-ID: <201207221314.q6MDE9cn062801@skunkworks.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://p4web.freebsd.org/@@214753?ac=10 Change 214753 by rwatson@rwatson_cinnamon on 2012/07/22 13:13:13 Add improved XML generation using vis(3) as submitted by Ryan Steinmetz. This will require further work, as vis(3) isn't portable, so must be added to our compat library for other platforms. Affected files ... .. //depot/projects/trustedbsd/openbsm/CREDITS#11 edit .. //depot/projects/trustedbsd/openbsm/NEWS#52 edit .. //depot/projects/trustedbsd/openbsm/README#39 edit .. //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/CREDITS#11 (text+ko) ==== @@ -33,6 +33,7 @@ Jonathan Anderson Pawel Jakub Dawidek Joel Dahl + Ryan Steinmetz In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel Software's FlexeLint tool were used to identify a number of bugs in the ==== //depot/projects/trustedbsd/openbsm/NEWS#52 (text+ko) ==== @@ -13,6 +13,7 @@ - Fix a directory descriptor leak that happened when audit trail partitions filled. - Support for more Linux distributions with a partial contemporary endian.h. +- Improved escaping of XML-encapsulated BSM. - A variety of minor documentation, style, and functional. OpenBSM 1.1p2 @@ -479,4 +480,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/NEWS#51 $ +$P4: //depot/projects/trustedbsd/openbsm/NEWS#52 $ ==== //depot/projects/trustedbsd/openbsm/README#39 (text+ko) ==== @@ -64,4 +64,4 @@ http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#38 $ +$P4: //depot/projects/trustedbsd/openbsm/README#39 $ ==== //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 (text+ko) ==== @@ -32,7 +32,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#71 $ + * $P4: //depot/projects/trustedbsd/openbsm/libbsm/bsm_io.c#72 $ */ #include <sys/types.h> @@ -76,6 +76,7 @@ #include <string.h> #include <pwd.h> #include <grp.h> +#include <vis.h> #include <bsm/audit_internal.h> @@ -217,6 +218,51 @@ } /* + * Prints the given data bytes as an XML-sanitized string. + */ +static void +print_xml_string(FILE *fp, const char *str, size_t len) +{ + u_int32_t i; + char visbuf[5]; + + if (len == 0) + return; + + for (i = 0; i < len; i++) { + switch (str[i]) { + case '\0': + return; + + case '&': + (void) fprintf(fp, "&"); + break; + + case '<': + (void) fprintf(fp, "<"); + break; + + case '>': + (void) fprintf(fp, ">"); + break; + + case '\"': + (void) fprintf(fp, """); + break; + + case '\'': + (void) fprintf(fp, "'"); + break; + + default: + (void) vis(visbuf, str[i], VIS_CSTYLE, 0); + (void) fprintf(fp, visbuf); + break; + } + } +} + +/* * Prints the beggining of attribute. */ static void @@ -1846,7 +1892,7 @@ for (i = 0; i < tok->tt.execarg.count; i++) { if (oflags & AU_OFLAG_XML) { fprintf(fp, "<arg>"); - print_string(fp, tok->tt.execarg.text[i], + print_xml_string(fp, tok->tt.execarg.text[i], strlen(tok->tt.execarg.text[i])); fprintf(fp, "</arg>"); } else { @@ -1904,7 +1950,7 @@ for (i = 0; i< tok->tt.execenv.count; i++) { if (oflags & AU_OFLAG_XML) { fprintf(fp, "<env>"); - print_string(fp, tok->tt.execenv.text[i], + print_xml_string(fp, tok->tt.execenv.text[i], strlen(tok->tt.execenv.text[i])); fprintf(fp, "</env>"); } else {
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?201207221314.q6MDE9cn062801>