[RFC PATCH v3 1/5] lib/audit_logging: heal merge damage
Gary Lockyer
gary at catalyst.net.nz
Thu Jul 12 19:07:05 UTC 2018
That's something I'd already done in my private work in progress branch,
but thanks for finding this.
Gary
On 12/07/18 19:04, Philipp Gesang via samba-technical wrote:
> The ``duration'' field introduced by
>
> commit b282bcbb759bbb12797922e066aeb12c0df5b2f1
> Author: Gary Lockyer <gary at catalyst.net.nz>
> Date: Wed Jun 6 15:30:44 2018 +0200
>
> dsdb: Log the transaction duraton.
>
> was not part of the error handling branch:
>
> commit b6915bb4dac3fa010723eb009c8e39896edae80c
> Author: Gary Lockyer <gary at catalyst.net.nz>
> Date: Mon Jun 25 16:00:28 2018 +1200
>
> lib audit_logging: Refactor to return an error codes
>
> so it still uses the old style. Convert them to use the new
> interface instead.
>
> Furthermore, return code checks are missing for two string fields
> in operation_json() (``status'', ``operation'') probably due to
> an oversight. Fix those as well.
> ---
> source4/dsdb/samdb/ldb_modules/audit_log.c | 43 +++++++++++++++++++++++++-----
> 1 file changed, 36 insertions(+), 7 deletions(-)
>
> diff --git a/source4/dsdb/samdb/ldb_modules/audit_log.c b/source4/dsdb/samdb/ldb_modules/audit_log.c
> index 9920a4899d5..270a19030f8 100644
> --- a/source4/dsdb/samdb/ldb_modules/audit_log.c
> +++ b/source4/dsdb/samdb/ldb_modules/audit_log.c
> @@ -223,8 +223,14 @@ static struct json_object operation_json(
> if (rc) {
> goto failure;
> }
> - json_add_string(&audit, "status", ldb_strerror(reply->error));
> - json_add_string(&audit, "operation", operation);
> + rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
> + if (rc) {
> + goto failure;
> + }
> + rc = json_add_string(&audit, "operation", operation);
> + if (rc) {
> + goto failure;
> + }
> rc = json_add_address(&audit, "remoteAddress", remote);
> if (rc) {
> goto failure;
> @@ -462,7 +468,10 @@ static struct json_object password_change_json(
> if (rc) {
> goto failure;
> }
> - json_add_string(&audit, "status", ldb_strerror(reply->error));
> + rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
> + if (rc) {
> + goto failure;
> + }
> rc = json_add_address(&audit, "remoteAddress", remote);
> if (rc) {
> goto failure;
> @@ -555,6 +564,10 @@ static struct json_object transaction_json(
> if (rc) {
> goto failure;
> }
> + rc = json_add_int(&audit, "duration", duration);
> + if (rc) {
> + goto failure;
> + }
>
> wrapper = json_new_object();
> rc = json_add_timestamp(&wrapper);
> @@ -614,14 +627,30 @@ static struct json_object commit_failure_json(
> if (rc) {
> goto failure;
> }
> - json_add_string(&audit, "action", action);
> - json_add_guid(&audit, "transactionId", transaction_id);
> + rc = json_add_string(&audit, "action", action);
> + if (rc) {
> + goto failure;
> + }
> + rc = json_add_guid(&audit, "transactionId", transaction_id);
> + if (rc) {
> + goto failure;
> + }
> + rc = json_add_int(&audit, "duration", duration);
> + if (rc) {
> + goto failure;
> + }
> rc = json_add_int(&audit, "statusCode", status);
> if (rc) {
> goto failure;
> }
> - json_add_string(&audit, "status", ldb_strerror(status));
> - json_add_string(&audit, "reason", reason);
> + rc = json_add_string(&audit, "status", ldb_strerror(status));
> + if (rc) {
> + goto failure;
> + }
> + rc = json_add_string(&audit, "reason", reason);
> + if (rc) {
> + goto failure;
> + }
>
> wrapper = json_new_object();
> rc = json_add_timestamp(&wrapper);
>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180713/c28b4897/signature.sig>
More information about the samba-technical
mailing list