ACPR/android_system_core
1
0
Fork 0
Code Issues Pull requests Projects Releases Packages Wiki Activity Actions

Merge "logd: add a comment about untrusted content in the audit log"

Browse source
This commit is contained in:
Sami Tolvanen 2016-02-29 22:22:15 +00:00 committed by Gerrit Code Review
commit 68de85bda9
1 changed files with 4 additions and 0 deletions
Show stats Download patch file Download diff file Expand all files Collapse all files

4
logd/LogAudit.cpp
View file

@ -164,6 +164,10 @@ int LogAudit::logPrint(const char *fmt, ...) {
}
}
// Note: The audit log can include untrusted strings, but those containing
// "a control character, unprintable character, double quote mark, or a
// space" are hex encoded. The space character before the search term is
// therefore needed to prevent denial of service. Do not remove the space.
bool permissive = strstr(str, " enforcing=0") ||
strstr(str, " permissive=1");