On Wednesday 06 August 2008 04:15:17 Zhang Xiliang wrote:
> I found some code is invalid in auditctl.
> So I suggested to delete it.
OK, I guess this needs cleanup after changing PERM to require new rule format.
> diff --git a/src/auditctl.c b/src/auditctl.c
> index b356faa..93e84a0 100644
> --- a/src/auditctl.c
> +++ b/src/auditctl.c
> @@ -737,12 +737,7 @@ static int setopt(int count, char *vars[])
> switch (rc)
> {
> case 0:
> - if (which == OLD &&
> - rule.fields[rule.field_count-1] ==
> - AUDIT_PERM)
> - audit_permadded = 1;
> - else if (which == NEW &&
> -
> rule_new->fields[rule_new->field_count-1] ==
> + if
> (rule_new->fields[rule_new->field_count-1] == AUDIT_PERM)
> audit_permadded = 1;
> break;
I think I want to "and" this with which == NEW to make sure we don't index
past something if the rules were still the old form.
Updated and applied. Thanks for the patch !
-Steve
--
Linux-audit mailing list
Linux-audit@redhat.com
https://www.redhat.com/mailman/listinfo/linux-audit
