bin/161936: [openbsm][patch] praudit can produce invalid XML
output
Ryan Steinmetz
zi at FreeBSD.org
Sat Feb 25 00:05:35 UTC 2012
This updated patch addresses all known conditions that result in invalid
XML being produced by praudit(1).
-r
-------------- next part --------------
--- contrib/openbsm/libbsm/bsm_io.c.orig 2012-02-24 18:18:03.000000000 -0500
+++ contrib/openbsm/libbsm/bsm_io.c 2012-02-24 18:45:11.000000000 -0500
@@ -73,6 +73,7 @@
#include <string.h>
#include <pwd.h>
#include <grp.h>
+#include <vis.h>
#include <bsm/audit_internal.h>
@@ -214,6 +215,45 @@
}
/*
+ * Prints the given data bytes as an XML-sanitized string.
+ */
+static void
+print_xml_string(FILE *fp, const char *str, size_t len)
+{
+ u_int32_t i;
+ char visbuf[5];
+
+ if (len == 0)
+ return;
+
+ for (i = 0; i < len; i++) {
+ switch (str[i]) {
+ case '\0':
+ return;
+ case '&':
+ (void) fprintf(fp, "&");
+ break;
+ case '<':
+ (void) fprintf(fp, "<");
+ break;
+ case '>':
+ (void) fprintf(fp, ">");
+ break;
+ case '\"':
+ (void) fprintf(fp, """);
+ break;
+ case '\'':
+ (void) fprintf(fp, "'");
+ break;
+ default:
+ (void) vis(visbuf, str[i], VIS_CSTYLE, 0);
+ (void) fprintf(fp, visbuf);
+ break;
+ }
+ }
+}
+
+/*
* Prints the beggining of attribute.
*/
static void
@@ -1855,7 +1895,7 @@
for (i = 0; i < tok->tt.execarg.count; i++) {
if (xml) {
fprintf(fp, "<arg>");
- print_string(fp, tok->tt.execarg.text[i],
+ print_xml_string(fp, tok->tt.execarg.text[i],
strlen(tok->tt.execarg.text[i]));
fprintf(fp, "</arg>");
} else {
@@ -1914,7 +1954,7 @@
for (i = 0; i< tok->tt.execenv.count; i++) {
if (xml) {
fprintf(fp, "<env>");
- print_string(fp, tok->tt.execenv.text[i],
+ print_xml_string(fp, tok->tt.execenv.text[i],
strlen(tok->tt.execenv.text[i]));
fprintf(fp, "</env>");
} else {
More information about the freebsd-bugs
mailing list