Page MenuHomeFreeBSD
Differential D24445

audit_canon_path_vp: don't panic if cdir == NULL
ClosedPublic
Actions

Authored by kevans on Apr 16 2020, 5:21 PM.
Tags
None
Referenced Files
Unknown Object (File)
Feb 1 2024, 7:07 AM
Unknown Object (File)
Jan 20 2024, 1:29 PM
Unknown Object (File)
Dec 20 2023, 6:02 AM
Unknown Object (File)
Sep 9 2023, 2:10 AM
Unknown Object (File)
Sep 9 2023, 1:50 AM
Unknown Object (File)
Aug 12 2023, 5:35 AM
Unknown Object (File)
Jul 10 2023, 5:05 PM
Unknown Object (File)
Jul 2 2023, 2:00 PM
View All 22 Files
Subscribers
imp

Details

Reviewers
mjg
Commits
rS360031: audit_canon_path_vp: don't panic if cdir == NULL
Summary

cdir may have simply failed to resolve (e.g. fget_cap failure in namei leading to NULL dp passed to AUDIT_ARG_UPATH*_VP); restore the pre-rS358191 behavior of setting cpath[0] = '\0' and bailing out instead of panicking.

This was found by inadvertently running the libc/c063 tests with auditing enabled.

Diff Detail

Repository
rS FreeBSD src repository - subversion
Lint
Lint Not Applicable
Unit
Tests Not Applicable

Event Timeline

kevans created this revision.Apr 16 2020, 5:21 PM
Herald added a subscriber: imp. · View Herald TranscriptApr 16 2020, 5:21 PM
Harbormaster completed remote builds in B30533: Diff 70648.Apr 16 2020, 5:21 PM
mjg accepted this revision.Apr 16 2020, 7:07 PM
This revision is now accepted and ready to land.Apr 16 2020, 7:07 PM
mjg requested changes to this revision.Apr 16 2020, 7:16 PM

I would prefer extending if-else on *path but I'm not going to insist.

This revision now requires changes to proceed.Apr 16 2020, 7:16 PM
mjg accepted this revision.Apr 16 2020, 7:16 PM
This revision is now accepted and ready to land.Apr 16 2020, 7:16 PM
kevans added a comment.Apr 16 2020, 7:37 PM

I'm largely indifferent:

diff --git a/sys/security/audit/audit_bsm_klib.c b/sys/security/audit/audit_bsm_klib.c
index 64b7a344a60..71e326ee8ae 100644
--- a/sys/security/audit/audit_bsm_klib.c
+++ b/sys/security/audit/audit_bsm_klib.c
@@ -433,10 +433,14 @@ audit_canon_path_vp(struct thread *td, struct vnode *rdir, struct vnode *cdir,
            __func__,  __FILE__, __LINE__);

        copy = path;
-       if (*path == '/')
+       if (*path == '/') {
                vp = rdir;
-       else
+       } else if (cdir != NULL) {
                vp = cdir;
+       } else {
+               cpath[0] = '\0';
+               return;
+       }
        MPASS(vp != NULL);
        /*
         * NB: We require that the supplied array be at least MAXPATHLEN bytes

This, roughly?

mjg added a comment.EditedApr 17 2020, 12:27 AM
diff --git a/sys/security/audit/audit_bsm_klib.c b/sys/security/audit/audit_bsm_klib.c
index 64b7a344a60..c8d602fb692 100644
--- a/sys/security/audit/audit_bsm_klib.c
+++ b/sys/security/audit/audit_bsm_klib.c
@@ -433,10 +433,15 @@ audit_canon_path_vp(struct thread *td, struct vnode *rdir, struct vnode *cdir,
            __func__,  __FILE__, __LINE__);
 
        copy = path;
-       if (*path == '/')
+       if (*path == '/') {
                vp = rdir;
-       else
+       } else {
+               if (cdir == NULL) {
+                       cpath[0] = '\0';
+                       return;
+               }
                vp = cdir;
+       }
        MPASS(vp != NULL);
        /*
         * NB: We require that the supplied array be at least MAXPATHLEN bytes
Closed by commit rS360031: audit_canon_path_vp: don't panic if cdir == NULL (authored by kevans). · Explain WhyApr 17 2020, 2:09 AM
This revision was automatically updated to reflect the committed changes.
kevans added a commit: rS360031: audit_canon_path_vp: don't panic if cdir == NULL.

Revision Contents
Changeset List

PathSize
head/
sys/
security/
audit/
9 lines

Diff 70671

View Options

head/sys/security/audit/audit_bsm_klib.c

Loading...