Is a bug in function getauditflagschar() of libbsm?!
Robert Watson
rwatson at FreeBSD.org
Mon Nov 28 22:08:12 GMT 2005
On Mon, 14 Nov 2005, Yuan MailList wrote:
> The function getauclassent() will always return NULL in line 8, when
> reading "#" from configure file /etc/security/audit_class. So the
> function getauditflagschar() will always return in line 1.
>
> In my opinion, the for{} statement should loop until file is ended.
>
> Any problems in my opinion? And how to patch it?
Yuan,
I've done some cleanup of the class file parser in the perforce change
listed below; could you see if the bug you're experiencing persists with
this fix in place? I suspect other file parsing code in OpenBSM also
needs cleaning up.
Thanks,
Robert N M Watson
http://perforce.freebsd.org/chv.cgi?CH=87385
Change 87385 by rwatson at rwatson_peppercorn on 2005/11/28 22:07:01
Make the class file parser a little more flexible and correct:
when a comment is encountered in getauclassent(), don't abort
parsing, just skip to the next line. Implement getauclassnam()
using getauclassent() to fix the same bug there. This parser
could be further improved.
Affected files ...
.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_class.c#5 edit
To Unsubscribe: send mail to majordomo at trustedbsd.org
with "unsubscribe trustedbsd-audit" in the body of the message
More information about the trustedbsd-audit
mailing list