From: Miloslav Trmac <mitr@redhat.com>
To: Juraj Hlista <juro.hlista@gmail.com>
Cc: linux-audit@redhat.com
Subject: Re: [PATCH] mapping of reactions
Date: Wed, 31 Mar 2010 14:36:29 -0400 (EDT) [thread overview]
Message-ID: <2098439088.299041270060589834.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com> (raw)
In-Reply-To: <1888242976.297641270059855277.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com>
Hello,
the code looks reasonable, some minor comments are below. I'll let Steve and others comment on the high-level design (just to point out a question, is it OK that auditctl will depend on sqlite?).
Mirek
----- "Juraj Hlista" <juro.hlista@gmail.com> wrote:
> diff --git a/lib/libaudit.c b/lib/libaudit.c
> @@ -965,6 +983,14 @@ int audit_rule_fieldpair_data(struct
> audit_rule_data **rulep, const char *pair,
> strncpy(&rule->buf[offset], v, vlen);
>
> break;
> + case AUDIT_REACTION:
> + /* string identifiers were converted to numbers */
> + if (isdigit((char)*(v)))
Nitpick: the isdigit argument should be cast to (unsigned char).
> diff --git a/lib/reactarray.c b/lib/reactarray.c
<snip>
> +int react_array_init(struct react_array *a, unsigned int size)
<snip>
> + a->str = (char **)malloc(size * sizeof(char *));
The return value of malloc() is not usually manually cast in C.
> + if (!a->str)
> + return 1;
> +
> + for (i = 0; i < size; i++)
> + a->str[i] = NULL;
You can just use calloc() to initialize a->str.
<snip>
> +void react_array_free(struct react_array *a)
<snip>
> + for (i = 0; i < a->count; i++) {
> + if (a->str[i])
> + free(a->str[i]);
free(NULL) is OK, so the if ( ) is not necessary.
> +int react_array_insert(struct react_array *a, const char *s)
> +{
<snip>
> + a->str[a->count] = (char *)malloc((strlen(s) + 1) * sizeof(char));
> + if (!a->str[a->count])
> + return 1;
> +
> + strcpy(a->str[a->count], s);
Using strdup() would be simpler.
> diff --git a/src/auditctl-reactsql.c b/src/auditctl-reactsql.c
<snip>
> +enum {
> + SQL_CHECK_DB = 0,
Just use string constants in the code directly, this indirection is difficult to follow.
<snip>
> +void sql_print_error(sqlite3 *c, int err)
<snip>
> + fprintf(stderr, "SQLite error: %s\n", sql_errmsg[-err - 2]);
The "-2" is a bit difficult to follow... I'd just sacrifice the two additional empty entries in sql_errmsg.
<snip>
> +int sql_number_to_reaction(sqlite3 *c, const int num, char **str)
<snip>
> + *str = malloc((strlen(reaction) + 1) * sizeof(char));
> + if (*str == NULL) {
> + sqlite3_finalize(find_str);
> + return -SQL_NO_MEMORY;
> + }
> + strcpy(*str, reaction);
Use strdup ().
<snip>
> +/*
> + * Add a reaction to the database - if 'num' is greater than SQL_OFFSET,
> + * a reaction identifier (string) is already in the database and only
> + * 'used' is incremented. If there is not such a reaction string, a new
> + * one is inserted into the database and 'used' is set to 1.
> + */
Using a separate variable for "new/existing" would be much cleaner than the magic SQL_OFFSET. Especially see how this implementation detail leaks into auditctl.c.
<snip>
> +int sql_get_next_number(sqlite3 *c, const char *str)
Here as well.
> diff --git a/src/auditctl.c b/src/auditctl.c
> @@ -917,6 +972,97 @@ static int setopt(int count, int lineno, char
<snip>
> + if (num > SQL_OFFSET)
> + asprintf(&cmd, "react=%u", num - SQL_OFFSET);
> + else
> + asprintf(&cmd, "react=%u", num);
> + if (cmd) {
(...)
> + } else {
> + fprintf(stderr,
> + "Out of memory adding reaction\n");
> + sql_close_database(conn);
> + return -4;
> + }
If you reverse the if (cmd) here, the else {} branch becomes the default control flow, resulting in a bit simpler code.
> @@ -1022,6 +1168,7 @@ static int fileopt(const char *file)
>
> /* Parse it */
> if (reset_vars()) {
> + free_vars();
I didn't look in detail, this does not match my understanding of "reset_vars()"; reset_vars() is supposed to reinitialize everything for a next command, not free everything. (The free(rule_new) call you moved from reset_vars() to free_vars() was at the beginning of reset_vars(), not at the end.)
> @@ -1382,6 +1569,25 @@ static int audit_print_reply(struct audit_reply
<snip>
> + rc = sql_number_to_reaction(conn,
> + rep->ruledata->values[i],
> + &str_react);
> + if (rc < 0) {
I think it's prefereble to print the number if the lookup fails, so that the admin can see at least something from the rule.
next parent reply other threads:[~2010-03-31 18:36 UTC|newest]
Thread overview: 7+ messages / expand[flat|nested] mbox.gz Atom feed top
[not found] <1888242976.297641270059855277.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com>
2010-03-31 18:36 ` Miloslav Trmac [this message]
2010-03-31 19:12 ` [PATCH] mapping of reactions Steve Grubb
2010-04-02 12:15 ` Juraj Hlista
2010-04-05 13:38 ` LC Bruzenak
2010-04-06 9:13 ` Juraj Hlista
2010-04-06 13:53 ` Steve Grubb
2010-03-30 22:24 Juraj Hlista
Reply instructions:
You may reply publicly to this message via plain-text email
using any one of the following methods:
* Save the following mbox file, import it into your mail client,
and reply-to-all from there: mbox
Avoid top-posting and favor interleaved quoting:
https://en.wikipedia.org/wiki/Posting_style#Interleaved_style
* Reply using the --to, --cc, and --in-reply-to
switches of git-send-email(1):
git send-email \
--in-reply-to=2098439088.299041270060589834.JavaMail.root@zmail07.collab.prod.int.phx2.redhat.com \
--to=mitr@redhat.com \
--cc=juro.hlista@gmail.com \
--cc=linux-audit@redhat.com \
/path/to/YOUR_REPLY
https://kernel.org/pub/software/scm/git/docs/git-send-email.html
* If your mail client supports setting the In-Reply-To header
via mailto: links, try the mailto: link
Be sure your reply has a Subject: header at the top and a blank line
before the message body.
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox