misc/172279: OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_process32_ex documentation is incorrect

[Daniel U. Thibault]

>Number:         172279
>Category:       misc
>Synopsis:       OpenBSM-21/openbsm/libbsm/bsm_token.c au_to_process32_ex documentation is incorrect
>Confidential:   no
>Severity:       non-critical
>Priority:       low
>Responsible:    freebsd-bugs
>State:          open
>Quarter:        
>Keywords:       
>Date-Required:
>Class:          sw-bug
>Submitter-Id:   current-users
>Arrival-Date:   Tue Oct 02 17:10:14 UTC 2012
>Closed-Date:
>Last-Modified:
>Originator:     Daniel U. Thibault
>Release:        
>Organization:
DRDC Valcartier
>Environment:
>Description:
The au_to_process32_ex function of bsm_token.c (a component of the current libbsm implementation) reads in part:

/*
[...]
 *   machine address      16 bytes
 */
token_t *
au_to_process32_ex(au_id_t auid, uid_t euid, gid_t egid, uid_t ruid,
    gid_t rgid, pid_t pid, au_asid_t sid, au_tid_addr_t *tid)
{
[...]
	if (tid->at_type == AU_IPv4)
		GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
		    10 * sizeof(u_int32_t));
	else if (tid->at_type == AU_IPv6)
		GET_TOKEN_AREA(t, dptr, sizeof(u_char) +
		    13 * sizeof(u_int32_t));
[...]
	if (tid->at_type == AU_IPv6) {
		ADD_MEM(dptr, &tid->at_addr[1], sizeof(u_int32_t));
		ADD_MEM(dptr, &tid->at_addr[2], sizeof(u_int32_t));
		ADD_MEM(dptr, &tid->at_addr[3], sizeof(u_int32_t));
	}

   Clearly the token's size is variable, unlike what the preamble says.
>How-To-Repeat:
Look up http://www.opensource.apple.com/source/OpenBSM/OpenBSM-21/openbsm/libbsm/bsm_token.c and search for au_to_process32_ex.
>Fix:
Change the au_to_process32_ex preamble to conclude with:

 *   machine address       4 bytes/16 bytes (depending on address type-len)
 */


>Release-Note:
>Audit-Trail:
>Unformatted: