From owner-p4-projects@FreeBSD.ORG Wed Aug 13 19:03:31 2008 Return-Path: Delivered-To: p4-projects@freebsd.org Received: by hub.freebsd.org (Postfix, from userid 32767) id 1E8B61065683; Wed, 13 Aug 2008 19:03:31 +0000 (UTC) Delivered-To: perforce@FreeBSD.org Received: from mx1.freebsd.org (mx1.freebsd.org [IPv6:2001:4f8:fff6::34]) by hub.freebsd.org (Postfix) with ESMTP id D7C78106567D for ; Wed, 13 Aug 2008 19:03:30 +0000 (UTC) (envelope-from sson@FreeBSD.org) Received: from repoman.freebsd.org (repoman.freebsd.org [IPv6:2001:4f8:fff6::29]) by mx1.freebsd.org (Postfix) with ESMTP id D2E658FC23 for ; Wed, 13 Aug 2008 19:03:30 +0000 (UTC) (envelope-from sson@FreeBSD.org) Received: from repoman.freebsd.org (localhost [127.0.0.1]) by repoman.freebsd.org (8.14.2/8.14.2) with ESMTP id m7DJ3UAd089037 for ; Wed, 13 Aug 2008 19:03:30 GMT (envelope-from sson@FreeBSD.org) Received: (from perforce@localhost) by repoman.freebsd.org (8.14.2/8.14.1/Submit) id m7DJ3UZF089035 for perforce@freebsd.org; Wed, 13 Aug 2008 19:03:30 GMT (envelope-from sson@FreeBSD.org) Date: Wed, 13 Aug 2008 19:03:30 GMT Message-Id: <200808131903.m7DJ3UZF089035@repoman.freebsd.org> X-Authentication-Warning: repoman.freebsd.org: perforce set sender to sson@FreeBSD.org using -f From: Stacey Son To: Perforce Change Reviews Cc: Subject: PERFORCE change 147327 for review X-BeenThere: p4-projects@freebsd.org X-Mailman-Version: 2.1.5 Precedence: list List-Id: p4 projects tree changes List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , X-List-Received-Date: Wed, 13 Aug 2008 19:03:31 -0000 http://perforce.freebsd.org/chv.cgi?CH=147327 Change 147327 by sson@sson_amd64 on 2008/08/13 19:02:56 Bug fix: timestr buffer is not large enough. Clean up of some of the trail rotation code. Affected files ... .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#35 edit .. //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#10 edit Differences ... ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#35 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#34 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.c#35 $ */ #include @@ -160,9 +160,13 @@ syslog(LOG_DEBUG, "dir = %s", dirent->dirname); /* - * XXX may want to assert(asprintf(...) <= - * (strlen(dirent->dirname) + 1 + (2 * POSTFIX_LEN) + 1)) + * Sanity check on file name. It should be exactly the size + * (2 * POSTFIX_LEN) + 1. */ + if (strlen(name) != (2 * POSTFIX_LEN) + 1) { + syslog(LOG_ERR, "invalid filename (%s)", name); + return (NULL); + } asprintf(&fn, "%s/%s", dirent->dirname, name); return (fn); } @@ -186,8 +190,7 @@ /* Rename the last file -- append timestamp. */ if ((ptr = strstr(lastfile, NOT_TERMINATED)) != NULL) { - *ptr = '.'; - strlcpy(ptr+1, TS, POSTFIX_LEN); + strlcpy(ptr, TS, POSTFIX_LEN); if (rename(oldname, lastfile) != 0) syslog(LOG_ERR, "Could not rename %s to %s: %m", oldname, @@ -197,7 +200,9 @@ oldname, lastfile); audit_warn_closefile(lastfile); } - } + } else + syslog(LOG_ERR, "Could not rename %s to %s", oldname, + lastfile); free(lastfile); free(oldname); lastfile = NULL; @@ -239,7 +244,7 @@ static int swap_audit_file(void) { - char timestr[2 * POSTFIX_LEN]; + char timestr[(2 * POSTFIX_LEN) + 1]; char *fn; char TS[POSTFIX_LEN]; struct dir_ent *dirent; @@ -254,6 +259,7 @@ return (-1); strlcpy(timestr, TS, POSTFIX_LEN); + strlcat(timestr, ".", 1); strlcat(timestr, NOT_TERMINATED, POSTFIX_LEN); #ifdef AUDIT_REVIEW_GROUP ==== //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#10 (text+ko) ==== @@ -26,7 +26,7 @@ * (INCLUDING NEGLIGENCE OR OTHERWISE) ARISING IN ANY WAY OUT OF THE USE OF * THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF SUCH DAMAGE. * - * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#9 $ + * $P4: //depot/projects/trustedbsd/openbsm/bin/auditd/auditd.h#10 $ */ #ifndef _AUDITD_H_ @@ -46,8 +46,8 @@ */ #define AUDIT_REVIEW_GROUP "audit" -#define POSTFIX_LEN 16 -#define NOT_TERMINATED ".not_terminated" +#define POSTFIX_LEN (sizeof("YYYYMMDDhhmmss") - 1) +#define NOT_TERMINATED "not_terminated" struct dir_ent { char *dirname;