Is a bug in function getauditflagschar() of libbsm?!

Robert Watson rwatson at
Mon Nov 28 22:08:12 GMT 2005

On Mon, 14 Nov 2005, Yuan MailList wrote:

> The function getauclassent() will always return NULL in line 8, when 
> reading "#" from configure file /etc/security/audit_class. So the 
> function getauditflagschar() will always return in line 1.
> In my opinion, the for{} statement should loop until file is ended.
> Any problems in my opinion? And how to patch it?


I've done some cleanup of the class file parser in the perforce change 
listed below; could you see if the bug you're experiencing persists with 
this fix in place?  I suspect other file parsing code in OpenBSM also 
needs cleaning up.


Robert N M Watson

Change 87385 by rwatson at rwatson_peppercorn on 2005/11/28 22:07:01

         Make the class file parser a little more flexible and correct:
         when a comment is encountered in getauclassent(), don't abort
         parsing, just skip to the next line.  Implement getauclassnam()
         using getauclassent() to fix the same bug there.  This parser
         could be further improved.

Affected files ...

.. //depot/projects/trustedbsd/openbsm/libbsm/bsm_class.c#5 edit

To Unsubscribe: send mail to majordomo at
with "unsubscribe trustedbsd-audit" in the body of the message

More information about the trustedbsd-audit mailing list