aboutsummaryrefslogtreecommitdiff
path: root/sys/security
diff options
context:
space:
mode:
authorChristian S.J. Peron <csjp@FreeBSD.org>2008-03-06 22:57:03 +0000
committerChristian S.J. Peron <csjp@FreeBSD.org>2008-03-06 22:57:03 +0000
commite5ad5f4d709ec2a7bece2196fc821c782d2e7841 (patch)
treeb27d2629aa789e0967b35f043b7614a67b47144f /sys/security
parentaf9db76b65b39eed9f21d9fa4c05db4e87bc8044 (diff)
downloadsrc-e5ad5f4d709ec2a7bece2196fc821c782d2e7841.tar.gz
src-e5ad5f4d709ec2a7bece2196fc821c782d2e7841.zip
Change auditon(2) so that if somebody supplies an invalid command, it
returns EINVAL. Right now we return 0 or success for invalid commands, which could be quite problematic in certain conditions. MFC after: 1 week Discussed with: rwatson
Notes
Notes: svn path=/head/; revision=176887
Diffstat (limited to 'sys/security')
-rw-r--r--sys/security/audit/audit_syscalls.c3
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c
index cf3d8e3fa718..589ca97324ed 100644
--- a/sys/security/audit/audit_syscalls.c
+++ b/sys/security/audit/audit_syscalls.c
@@ -406,6 +406,9 @@ auditon(struct thread *td, struct auditon_args *uap)
(udata.au_trigger > AUDIT_TRIGGER_MAX))
return (EINVAL);
return (audit_send_trigger(udata.au_trigger));
+
+ default:
+ return (EINVAL);
}
/*
generated by cgit v1.2.3 (git 2.25.1) at 2024-10-19 05:28:51 +0000