Hello Steve,
Some fields don't support value which isnot number.
For example,
auditctl -a exit,always -F pid=a
No error message is output and "pid=0" is added to rule.
I think we should add checking for it.
Signed-off-by: Zhang Xiliang <[EMAIL PROTECTED]>
---
lib/deprecated.c | 3 +++
lib/libaudit.c | 3 +++
src/auditctl.c | 5 +++++
3 files changed, 11 insertions(+), 0 deletions(-)
diff --git a/lib/deprecated.c b/lib/deprecated.c
index 5a1c04f..d6cdbe4 100644
--- a/lib/deprecated.c
+++ b/lib/deprecated.c
@@ -446,6 +446,9 @@ int audit_rule_fieldpair(struct audit_rule *rule, const
char *pair, int flags)
if (flags == AUDIT_FILTER_EXCLUDE)
return -18;
+
+ if (!isdigit((char)*(v)))
+ return -21;
rule->values[rule->field_count] = strtol(v, NULL, 0);
break;
diff --git a/lib/libaudit.c b/lib/libaudit.c
index 6ec15d8..3e2e28f 100644
--- a/lib/libaudit.c
+++ b/lib/libaudit.c
@@ -1101,6 +1101,9 @@ int audit_rule_fieldpair_data(struct audit_rule_data
**rulep, const char *pair,
if (flags == AUDIT_FILTER_EXCLUDE)
return -18;
+ if (!isdigit((char)*(v)))
+ return -21;
+
rule->values[rule->field_count] = strtol(v, NULL, 0);
break;
}
diff --git a/src/auditctl.c b/src/auditctl.c
index a19bd14..1455ee6 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -852,6 +852,11 @@ static int setopt(int count, char *vars[])
"-F missing value after opration for
%s\n", optarg);
retval = -1;
break;
+ case -21:
+ fprintf(stderr,
+ "-F value should be number for %s\n",
optarg);
+ retval = -1;
+ break;
default:
retval = -1;
break;
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
