From 0a73dccc4fd472e65887eae6fbf4afc030541709 Mon Sep 17 00:00:00 2001 From: Al Viro Date: Mon, 5 Jun 2006 08:15:59 -0400 Subject: [PATCH] validate rule fields' types Signed-off-by: Al Viro --- kernel/auditfilter.c | 57 +++++++++++++++++++++++++++++++++++++++++++--------- 1 file changed, 48 insertions(+), 9 deletions(-) (limited to 'kernel/auditfilter.c') diff --git a/kernel/auditfilter.c b/kernel/auditfilter.c index 03a6919103d4..9f985dd5e937 100644 --- a/kernel/auditfilter.c +++ b/kernel/auditfilter.c @@ -348,17 +348,31 @@ static struct audit_entry *audit_rule_to_entry(struct audit_rule *rule) f->val = rule->values[i]; err = -EINVAL; - if (f->type & AUDIT_UNUSED_BITS) - goto exit_free; - switch(f->type) { - case AUDIT_SE_USER: - case AUDIT_SE_ROLE: - case AUDIT_SE_TYPE: - case AUDIT_SE_SEN: - case AUDIT_SE_CLR: - case AUDIT_WATCH: + default: goto exit_free; + case AUDIT_PID: + case AUDIT_UID: + case AUDIT_EUID: + case AUDIT_SUID: + case AUDIT_FSUID: + case AUDIT_GID: + case AUDIT_EGID: + case AUDIT_SGID: + case AUDIT_FSGID: + case AUDIT_LOGINUID: + case AUDIT_PERS: + case AUDIT_ARCH: + case AUDIT_MSGTYPE: + case AUDIT_DEVMAJOR: + case AUDIT_DEVMINOR: + case AUDIT_EXIT: + case AUDIT_SUCCESS: + case AUDIT_ARG0: + case AUDIT_ARG1: + case AUDIT_ARG2: + case AUDIT_ARG3: + break; case AUDIT_INODE: err = audit_to_inode(&entry->rule, f); if (err) @@ -432,6 +446,29 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, f->se_str = NULL; f->se_rule = NULL; switch(f->type) { + case AUDIT_PID: + case AUDIT_UID: + case AUDIT_EUID: + case AUDIT_SUID: + case AUDIT_FSUID: + case AUDIT_GID: + case AUDIT_EGID: + case AUDIT_SGID: + case AUDIT_FSGID: + case AUDIT_LOGINUID: + case AUDIT_PERS: + case AUDIT_ARCH: + case AUDIT_MSGTYPE: + case AUDIT_PPID: + case AUDIT_DEVMAJOR: + case AUDIT_DEVMINOR: + case AUDIT_EXIT: + case AUDIT_SUCCESS: + case AUDIT_ARG0: + case AUDIT_ARG1: + case AUDIT_ARG2: + case AUDIT_ARG3: + break; case AUDIT_SE_USER: case AUDIT_SE_ROLE: case AUDIT_SE_TYPE: @@ -474,6 +511,8 @@ static struct audit_entry *audit_data_to_entry(struct audit_rule_data *data, if (err) goto exit_free; break; + default: + goto exit_free; } } -- cgit v1.2.3