Change auditon(2) so that if somebody supplies an invalid command, it

returns EINVAL. Right now we return 0 or success for invalid commands, which could be quite problematic in certain conditions. MFC after: 1 week Discussed with: rwatson
author: csjp <csjp@FreeBSD.org> 2008-03-06 22:57:03 +0000
committer: csjp <csjp@FreeBSD.org> 2008-03-06 22:57:03 +0000
commit: af9b2bc27f12b3a899199627272d13e24eb6672d (patch)
tree: b27d2629aa789e0967b35f043b7614a67b47144f /sys/security/audit/audit_syscalls.c
parent: ee065875140a3c0e8f655e5b205c497518a08238 (diff)
download: FreeBSD-src-af9b2bc27f12b3a899199627272d13e24eb6672d.zip
FreeBSD-src-af9b2bc27f12b3a899199627272d13e24eb6672d.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/sys/security/audit/audit_syscalls.c b/sys/security/audit/audit_syscalls.c
index cf3d8e3..589ca97 100644
--- a/sys/security/audit/audit_syscalls.c
+++ b/sys/security/audit/audit_syscalls.c
@@ -406,6 +406,9 @@ auditon(struct thread *td, struct auditon_args *uap)
 		    (udata.au_trigger > AUDIT_TRIGGER_MAX))
 			return (EINVAL);
 		return (audit_send_trigger(udata.au_trigger));
+
+	default:
+		return (EINVAL);
 	}
 
 	/*
author	csjp <csjp@FreeBSD.org>	2008-03-06 22:57:03 +0000
committer	csjp <csjp@FreeBSD.org>	2008-03-06 22:57:03 +0000
commit	af9b2bc27f12b3a899199627272d13e24eb6672d (patch)
tree	b27d2629aa789e0967b35f043b7614a67b47144f /sys/security/audit/audit_syscalls.c
parent	ee065875140a3c0e8f655e5b205c497518a08238 (diff)
download	FreeBSD-src-af9b2bc27f12b3a899199627272d13e24eb6672d.zip FreeBSD-src-af9b2bc27f12b3a899199627272d13e24eb6672d.tar.gz