Donate to e Foundation | Murena handsets with /e/OS | Own a part of Murena! Learn more

Commit 2060a837 authored by Sami Tolvanen's avatar Sami Tolvanen
Browse files

logd: add a comment about untrusted content in the audit log 

A single space character in search terms separates us from a denial of
service attack that forces the device into safe mode.  This CL adds a
comment that hopefully stops the spaces from being accidentally deleted
in future.

Change-Id: I33b2632ef4211fa1688ac9c8f0cf7d0c667766c1
parent 9218477a

logd/LogAudit.cpp

+4 −0
Original line number Diff line number Diff line
@@ -164,6 +164,10 @@ int LogAudit::logPrint(const char *fmt, ...) { 
        }

    }



    // Note: The audit log can include untrusted strings, but those containing

    // "a control character, unprintable character, double quote mark, or a

    // space" are hex encoded. The space character before the search term is

    // therefore needed to prevent denial of service. Do not remove the space.

    bool permissive = strstr(str, " enforcing=0") ||

                      strstr(str, " permissive=1");