diff options
author | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-03-06 22:57:03 +0000 |
---|---|---|
committer | Christian S.J. Peron <csjp@FreeBSD.org> | 2008-03-06 22:57:03 +0000 |
commit | e5ad5f4d709ec2a7bece2196fc821c782d2e7841 (patch) | |
tree | b27d2629aa789e0967b35f043b7614a67b47144f /sys | |
parent | af9db76b65b39eed9f21d9fa4c05db4e87bc8044 (diff) | |
download | src-e5ad5f4d709ec2a7bece2196fc821c782d2e7841.tar.gz src-e5ad5f4d709ec2a7bece2196fc821c782d2e7841.zip |
Change auditon(2) so that if somebody supplies an invalid command, it
returns EINVAL. Right now we return 0 or success for invalid commands,
which could be quite problematic in certain conditions.
MFC after: 1 week
Discussed with: rwatson
Notes
Notes:
svn path=/head/; revision=176887
Diffstat (limited to 'sys')
-rw-r--r-- | sys/security/audit/audit_syscalls.c | 3 |
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c index cf3d8e3fa718..589ca97324ed 100644 --- a/sys/security/audit/audit_syscalls.c +++ b/sys/security/audit/audit_syscalls.c @@ -406,6 +406,9 @@ auditon(struct thread *td, struct auditon_args *uap) (udata.au_trigger > AUDIT_TRIGGER_MAX)) return (EINVAL); return (audit_send_trigger(udata.au_trigger)); + + default: + return (EINVAL); } /* |