From 567cb6613939afeeab341dd88e912a442336319a Mon Sep 17 00:00:00 2001
From: unknown <dwmw2@shinybook.infradead.org>
Date: Fri, 29 Apr 2005 15:54:44 +0100
Subject: [PATCH] --- yaml --- r: 580 b: refs/heads/master c:
 83c7d09173fdb6b06b109e65895392db3e49ac9c h: refs/heads/master v: v3

---
 [refs]                      |  2 +-
 trunk/include/linux/audit.h |  8 +++++++-
 trunk/kernel/audit.c        | 23 +++++++++++++++++++++++
 trunk/kernel/auditsc.c      |  7 ++++---
 4 files changed, 35 insertions(+), 5 deletions(-)

diff --git a/[refs] b/[refs]
index 848c2f2ef89f..ec07e5266dd9 100644
--- a/[refs]
+++ b/[refs]
@@ -1,2 +1,2 @@
 ---
-refs/heads/master: c60c390620e0abb60d4ae8c43583714bda27763f
+refs/heads/master: 83c7d09173fdb6b06b109e65895392db3e49ac9c
diff --git a/trunk/include/linux/audit.h b/trunk/include/linux/audit.h
index 3628f7cfb178..9b77992c4888 100644
--- a/trunk/include/linux/audit.h
+++ b/trunk/include/linux/audit.h
@@ -174,11 +174,15 @@ extern void		    audit_log_format(struct audit_buffer *ab,
 					     const char *fmt, ...)
 			    __attribute__((format(printf,2,3)));
 extern void		    audit_log_end(struct audit_buffer *ab);
+extern void		    audit_log_hex(struct audit_buffer *ab,
+					  const unsigned char *buf,
+					  size_t len);
+extern void		    audit_log_untrustedstring(struct audit_buffer *ab,
+						      const char *string);
 extern void		    audit_log_d_path(struct audit_buffer *ab,
 					     const char *prefix,
 					     struct dentry *dentry,
 					     struct vfsmount *vfsmnt);
-
 				/* Private API (for auditsc.c only) */
 extern void		    audit_send_reply(int pid, int seq, int type,
 					     int done, int multi,
@@ -190,6 +194,8 @@ extern void		    audit_log_lost(const char *message);
 #define audit_log_vformat(b,f,a) do { ; } while (0)
 #define audit_log_format(b,f,...) do { ; } while (0)
 #define audit_log_end(b) do { ; } while (0)
+#define audit_log_hex(a,b,l) do { ; } while (0)
+#define audit_log_untrustedstring(a,s) do { ; } while (0)
 #define audit_log_d_path(b,p,d,v) do { ; } while (0)
 #endif
 #endif
diff --git a/trunk/kernel/audit.c b/trunk/kernel/audit.c
index 0f84dd7af2c8..dca7b99615d2 100644
--- a/trunk/kernel/audit.c
+++ b/trunk/kernel/audit.c
@@ -720,6 +720,29 @@ void audit_log_format(struct audit_buffer *ab, const char *fmt, ...)
 	va_end(args);
 }
 
+void audit_log_hex(struct audit_buffer *ab, const unsigned char *buf, size_t len)
+{
+	int i;
+
+	for (i=0; i<len; i++)
+		audit_log_format(ab, "%02x", buf[i]);
+}
+
+void audit_log_untrustedstring(struct audit_buffer *ab, const char *string)
+{
+	const char *p = string;
+
+	while (*p) {
+		if (*p == '"' || *p == ' ' || *p < 0x20 || *p > 0x7f) {
+			audit_log_hex(ab, string, strlen(string));
+			return;
+		}
+		p++;
+	}
+	audit_log_format(ab, "\"%s\"", string);
+}
+
+
 /* This is a helper-function to print the d_path without using a static
  * buffer or allocating another buffer in addition to the one in
  * audit_buffer. */
diff --git a/trunk/kernel/auditsc.c b/trunk/kernel/auditsc.c
index 6f1931381bc9..00e87ffff13b 100644
--- a/trunk/kernel/auditsc.c
+++ b/trunk/kernel/auditsc.c
@@ -696,9 +696,10 @@ static void audit_log_exit(struct audit_context *context)
 		if (!ab)
 			continue; /* audit_panic has been called */
 		audit_log_format(ab, "item=%d", i);
-		if (context->names[i].name)
-			audit_log_format(ab, " name=%s",
-					 context->names[i].name);
+		if (context->names[i].name) {
+			audit_log_format(ab, " name=");
+			audit_log_untrustedstring(ab, context->names[i].name);
+		}
 		if (context->names[i].ino != (unsigned long)-1)
 			audit_log_format(ab, " inode=%lu dev=%02x:%02x mode=%#o"
 					     " uid=%d gid=%d rdev=%02x:%02x",