From 76f4445c43bce981b8fc1ed851fbe47b1c2727c3 Mon Sep 17 00:00:00 2001
From: csjp <csjp@FreeBSD.org>
Date: Wed, 24 Oct 2007 00:14:19 +0000
Subject: Move where we audit the PID argument such that we unconditionally
 audit it at the beginning of the syscall.  This fixes a problem where the
 user supplies an invalid process ID which is > 0 which results in the PID
 argument not being audited.

Obtained from:	TrustedBSD Project
MFC after:	1 week
---
 sys/kern/kern_sig.c | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)

(limited to 'sys/kern/kern_sig.c')

diff --git a/sys/kern/kern_sig.c b/sys/kern/kern_sig.c
index e4a60e7..694d145 100644
--- a/sys/kern/kern_sig.c
+++ b/sys/kern/kern_sig.c
@@ -1693,6 +1693,7 @@ kill(td, uap)
 	int error;
 
 	AUDIT_ARG(signum, uap->signum);
+	AUDIT_ARG(pid, uap->pid);
 	if ((u_int)uap->signum > _SIG_MAXSIG)
 		return (EINVAL);
 
@@ -1709,7 +1710,6 @@ kill(td, uap)
 		PROC_UNLOCK(p);
 		return (error);
 	}
-	AUDIT_ARG(pid, uap->pid);
 	switch (uap->pid) {
 	case -1:		/* broadcast signal */
 		return (killpg1(td, uap->signum, 0, 1));
-- 
cgit v1.1