• Paul Moore's avatar
    audit: create private file name copies when auditing inodes · fcf22d82
    Paul Moore authored
    Unfortunately, while commit 4a928436 ("audit: correctly record file
    names with different path name types") fixed a problem where we were
    not recording filenames, it created a new problem by attempting to use
    these file names after they had been freed.  This patch resolves the
    issue by creating a copy of the filename which the audit subsystem
    frees after it is done with the string.
    
    At some point it would be nice to resolve this issue with refcounts,
    or something similar, instead of having to allocate/copy strings, but
    that is almost surely beyond the scope of a -rcX patch so we'll defer
    that for later.  On the plus side, only audit users should be impacted
    by the string copying.
    Reported-by: default avatarToralf Foerster <toralf.foerster@gmx.de>
    Signed-off-by: default avatarPaul Moore <pmoore@redhat.com>
    fcf22d82
auditsc.c 66.9 KB