hardenedbsd/HardenedBSD
1
0
Fork 0
mirror of https://git.hardenedbsd.org/hardenedbsd/HardenedBSD.git synced 2025-01-01 00:18:15 +01:00
Code Issues Actions Packages Projects Releases Wiki Activity

Only audit pathnames in namei(9) if copying the directory string completes

Browse Source 
successfully.  Continue to do this before the empty path check so that the
ENOENT returned in that case gets an empty string token in the BSM record.

MFC after:	3 days
This commit is contained in:
Robert Watson 2010-02-02 23:10:27 +00:00
parent 38907b4cc7
commit b10c6cf467
1 changed files with 10 additions and 5 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

15
sys/kern/vfs_lookup.c
View File

@ -162,11 +162,16 @@ namei(struct nameidata *ndp)
error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf,
MAXPATHLEN, (size_t *)&ndp->ni_pathlen);
/* If we are auditing the kernel pathname, save the user pathname. */
if (cnp->cn_flags & AUDITVNODE1)
AUDIT_ARG_UPATH1(td, cnp->cn_pnbuf);
if (cnp->cn_flags & AUDITVNODE2)
AUDIT_ARG_UPATH2(td, cnp->cn_pnbuf);
if (error == 0) {
/*
* If we are auditing the kernel pathname, save the user
* pathname.
*/
if (cnp->cn_flags & AUDITVNODE1)
AUDIT_ARG_UPATH1(td, cnp->cn_pnbuf);
if (cnp->cn_flags & AUDITVNODE2)
AUDIT_ARG_UPATH2(td, cnp->cn_pnbuf);
}
/*
* Don't allow empty pathnames.