Only audit pathnames in namei(9) if copying the directory string completes

successfully. Continue to do this before the empty path check so that the ENOENT returned in that case gets an empty string token in the BSM record. MFC after: 3 days
author: rwatson <rwatson@FreeBSD.org> 2010-02-02 23:10:27 +0000
committer: rwatson <rwatson@FreeBSD.org> 2010-02-02 23:10:27 +0000
commit: ddf7a2e0a799886edab6f9d4cc73b008b87e849c (patch)
tree: b478c540be21c2854c1f279ead514ab6d0cdf981 /sys/kern/vfs_lookup.c
parent: 33ff87b33eec72c2b2a2489941b6b5b4c465506f (diff)
download: FreeBSD-src-ddf7a2e0a799886edab6f9d4cc73b008b87e849c.zip
FreeBSD-src-ddf7a2e0a799886edab6f9d4cc73b008b87e849c.tar.gz
1 files changed, 10 insertions, 5 deletions
diff --git a/sys/kern/vfs_lookup.c b/sys/kern/vfs_lookup.c
index 5198562..6f10b49 100644
--- a/sys/kern/vfs_lookup.c
+++ b/sys/kern/vfs_lookup.c
@@ -162,11 +162,16 @@ namei(struct nameidata *ndp)
 		error = copyinstr(ndp->ni_dirp, cnp->cn_pnbuf,
 			    MAXPATHLEN, (size_t *)&ndp->ni_pathlen);
 
-	/* If we are auditing the kernel pathname, save the user pathname. */
-	if (cnp->cn_flags & AUDITVNODE1)
-		AUDIT_ARG_UPATH1(td, cnp->cn_pnbuf);
-	if (cnp->cn_flags & AUDITVNODE2)
-		AUDIT_ARG_UPATH2(td, cnp->cn_pnbuf);
+	if (error == 0) {
+		/*
+		 * If we are auditing the kernel pathname, save the user
+		 * pathname.
+		 */
+		if (cnp->cn_flags & AUDITVNODE1)
+			AUDIT_ARG_UPATH1(td, cnp->cn_pnbuf);
+		if (cnp->cn_flags & AUDITVNODE2)
+			AUDIT_ARG_UPATH2(td, cnp->cn_pnbuf);
+	}
 
 	/*
 	 * Don't allow empty pathnames.
author	rwatson <rwatson@FreeBSD.org>	2010-02-02 23:10:27 +0000
committer	rwatson <rwatson@FreeBSD.org>	2010-02-02 23:10:27 +0000
commit	ddf7a2e0a799886edab6f9d4cc73b008b87e849c (patch)
tree	b478c540be21c2854c1f279ead514ab6d0cdf981 /sys/kern/vfs_lookup.c
parent	33ff87b33eec72c2b2a2489941b6b5b4c465506f (diff)
download	FreeBSD-src-ddf7a2e0a799886edab6f9d4cc73b008b87e849c.zip FreeBSD-src-ddf7a2e0a799886edab6f9d4cc73b008b87e849c.tar.gz