[PATCH 5/5] Delete some invalid code from auditctl.c

public inbox for linux-audit@redhat.com
 help / color / mirror / Atom feed

* [PATCH 5/5] Delete some invalid code from auditctl.c
@ 2008-08-06  8:15 Zhang Xiliang
  2008-08-06 19:35 ` Steve Grubb
  0 siblings, 1 reply; 2+ messages in thread
From: Zhang Xiliang @ 2008-08-06  8:15 UTC (permalink / raw)
  To: Steve Grubb, Linux Audit

Hello Steve, 

I found some code is invalid in auditctl. 
So I suggested to delete it.


Signed-off-by: Zhang Xiliang <zhangxiliang@cn.fujitsu.com>
---
 src/auditctl.c |   10 ++--------
 1 files changed, 2 insertions(+), 8 deletions(-)

diff --git a/src/auditctl.c b/src/auditctl.c
index b356faa..93e84a0 100644
--- a/src/auditctl.c
+++ b/src/auditctl.c
@@ -737,12 +737,7 @@ static int setopt(int count, char *vars[])
 		switch (rc)
 		{
 			case 0:
-				if (which == OLD && 
-				    	rule.fields[rule.field_count-1] ==
-						AUDIT_PERM)
-					audit_permadded = 1;
-				else if (which == NEW &&
-				    rule_new->fields[rule_new->field_count-1] ==
+				if (rule_new->fields[rule_new->field_count-1] ==
 						AUDIT_PERM)
 					audit_permadded = 1;
 				break;
@@ -1385,8 +1380,7 @@ int key_match(struct audit_reply *rep)
 		}
 		if (((field >= AUDIT_SUBJ_USER && field <= AUDIT_OBJ_LEV_HIGH)
                      && field != AUDIT_PPID) || field == AUDIT_WATCH ||
-			field == AUDIT_WATCH || field == AUDIT_DIR ||
-			field == AUDIT_FILTERKEY) {
+			field == AUDIT_DIR || field == AUDIT_FILTERKEY) {
 				boffset += rep->ruledata->values[i];
 		}
 	}

^ permalink raw reply related	[flat|nested] 2+ messages in thread

* Re: [PATCH 5/5] Delete some invalid code from auditctl.c
  2008-08-06  8:15 [PATCH 5/5] Delete some invalid code from auditctl.c Zhang Xiliang
@ 2008-08-06 19:35 ` Steve Grubb
  0 siblings, 0 replies; 2+ messages in thread
From: Steve Grubb @ 2008-08-06 19:35 UTC (permalink / raw)
  To: Zhang Xiliang; +Cc: Linux Audit

On Wednesday 06 August 2008 04:15:17 Zhang Xiliang wrote:
> I found some code is invalid in auditctl.
> So I suggested to delete it.

OK, I guess this needs cleanup after changing PERM to require new rule format.

> diff --git a/src/auditctl.c b/src/auditctl.c
> index b356faa..93e84a0 100644
> --- a/src/auditctl.c
> +++ b/src/auditctl.c
> @@ -737,12 +737,7 @@ static int setopt(int count, char *vars[])
>                 switch (rc)
>                 {
>                         case 0:
> -                               if (which == OLD &&
> -                                       rule.fields[rule.field_count-1] ==
> -                                               AUDIT_PERM)
> -                                       audit_permadded = 1;
> -                               else if (which == NEW &&
> -                                 
>  rule_new->fields[rule_new->field_count-1] ==
> +                               if
> (rule_new->fields[rule_new->field_count-1] == AUDIT_PERM)
>                                         audit_permadded = 1;
>                                 break;

I think I want to "and" this with which == NEW to make sure we don't index 
past something if the rules were still the old form.

Updated and applied. Thanks for the patch !

-Steve

^ permalink raw reply	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2008-08-06 19:35 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2008-08-06  8:15 [PATCH 5/5] Delete some invalid code from auditctl.c Zhang Xiliang
2008-08-06 19:35 ` Steve Grubb

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox