Date: Sat, 14 Jul 2007 17:09:40 GMT From: Robert Watson <rwatson@FreeBSD.org> To: Perforce Change Reviews <perforce@freebsd.org> Subject: PERFORCE change 123491 for review Message-ID: <200707141709.l6EH9eaK020725@repoman.freebsd.org>
next in thread | raw e-mail | index | archive | help
http://perforce.freebsd.org/chv.cgi?CH=123491 Change 123491 by rwatson@rwatson_peppercorn on 2007/07/14 17:08:53 Apply patch from bin/113534 correctings bugs due to not zeroing tm before passing it to strptime(3), which in the presence of a partial time string, will only initialize fields specified by the user. Submitted by: "Alex Samorukov" <samm at os2 dot kiev dot ua> Affected files ... .. //depot/projects/trustedbsd/openbsm/HISTORY#55 edit .. //depot/projects/trustedbsd/openbsm/README#24 edit .. //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#19 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/HISTORY#55 (text+ko) ==== @@ -6,6 +6,8 @@ - Synchronized audit event list to Solaris, picking up the *at(2) system call definitions, now required for FreeBSD and Linux. Added additional events for *at(2) system calls not present in Solaris. +- Bugs in auditreduce(8) fixed allowing partial date strings to be used in + filtering events. OpenBSM 1.0 alpha 14 @@ -293,4 +295,4 @@ to support reloading of kernel event table. - Allow comments in /etc/security configuration files. -$P4: //depot/projects/trustedbsd/openbsm/HISTORY#54 $ +$P4: //depot/projects/trustedbsd/openbsm/HISTORY#55 $ ==== //depot/projects/trustedbsd/openbsm/README#24 (text+ko) ==== @@ -89,6 +89,7 @@ Ruslan Ermilov Martin Voros Diego Giagio + Alex Samorukov In addition, Coverity, Inc.'s Prevent(tm) static analysis tool and Gimpel Software's FlexeLint tool were used to identify a number of bugs in the @@ -110,4 +111,4 @@ http://www.TrustedBSD.org/ -$P4: //depot/projects/trustedbsd/openbsm/README#23 $ +$P4: //depot/projects/trustedbsd/openbsm/README#24 $ ==== //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#19 (text+ko) ==== @@ -26,7 +26,7 @@ * IN ANY WAY OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE * POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#18 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditreduce/auditreduce.c#19 $ */ /* @@ -629,6 +629,7 @@ usage("d is exclusive with a and b"); } SETOPT(opttochk, OPT_a); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d%H%M%S", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", &tm); @@ -641,6 +642,7 @@ usage("d is exclusive with a and b"); } SETOPT(opttochk, OPT_b); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d%H%M%S", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d%H%M%S", &tm); @@ -661,6 +663,7 @@ OPT_a)) usage("'d' is exclusive with 'a' and 'b'"); SETOPT(opttochk, OPT_d); + bzero(&tm, sizeof(tm)); strptime(optarg, "%Y%m%d", &tm); strftime(timestr, sizeof(timestr), "%Y%m%d", &tm); /* fprintf(stderr, "Time converted = %s\n", timestr); */
Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?200707141709.l6EH9eaK020725>