From 2e9d740103c93cbe0cd084d7f3c70ff02e53a637 Mon Sep 17 00:00:00 2001 From: Miloslav Trmač Date: Mon, 3 Sep 2012 18:59:59 +0200 Subject: Don't store uninitialized data in trusted JSON properties MIME-Version: 1.0 Content-Type: text/plain; charset=UTF-8 Content-Transfer-Encoding: 8bit Add missing error handling. Signed-off-by: Miloslav Trmač --- plugins/imuxsock/imuxsock.c | 21 ++++++++++++--------- 1 file changed, 12 insertions(+), 9 deletions(-) (limited to 'plugins') diff --git a/plugins/imuxsock/imuxsock.c b/plugins/imuxsock/imuxsock.c index 9d273a3d..61ce857c 100644 --- a/plugins/imuxsock/imuxsock.c +++ b/plugins/imuxsock/imuxsock.c @@ -817,15 +817,18 @@ SubmitMsg(uchar *pRcv, int lenRcv, lstn_t *pLstn, struct ucred *cred, struct tim json_object_object_add(json, "uid", jval); jval = json_object_new_int(cred->gid); json_object_object_add(json, "gid", jval); - getTrustedProp(cred, "comm", propBuf, sizeof(propBuf), &lenProp); - jval = json_object_new_string((char*)propBuf); - json_object_object_add(json, "appname", jval); - getTrustedExe(cred, propBuf, sizeof(propBuf), &lenProp); - jval = json_object_new_string((char*)propBuf); - json_object_object_add(json, "exe", jval); - getTrustedProp(cred, "cmdline", propBuf, sizeof(propBuf), &lenProp); - jval = json_object_new_string((char*)propBuf); - json_object_object_add(json, "cmd", jval); + if(getTrustedProp(cred, "comm", propBuf, sizeof(propBuf), &lenProp) == RS_RET_OK) { + jval = json_object_new_string((char*)propBuf); + json_object_object_add(json, "appname", jval); + } + if(getTrustedExe(cred, propBuf, sizeof(propBuf), &lenProp) == RS_RET_OK) { + jval = json_object_new_string((char*)propBuf); + json_object_object_add(json, "exe", jval); + } + if(getTrustedProp(cred, "cmdline", propBuf, sizeof(propBuf), &lenProp) == RS_RET_OK) { + jval = json_object_new_string((char*)propBuf); + json_object_object_add(json, "cmd", jval); + } } else { memcpy(pmsgbuf, pRcv, lenRcv); memcpy(pmsgbuf+lenRcv, " @[", 3); -- cgit