[RFC PATCH v3 1/5] lib/audit_logging: heal merge damage

Gary Lockyer gary at catalyst.net.nz
Thu Jul 12 19:07:05 UTC 2018


That's something I'd already done in my private work in progress branch,
but thanks for finding this.

Gary

On 12/07/18 19:04, Philipp Gesang via samba-technical wrote:
> The ``duration'' field introduced by
> 
>     commit b282bcbb759bbb12797922e066aeb12c0df5b2f1
>     Author: Gary Lockyer <gary at catalyst.net.nz>
>     Date:   Wed Jun 6 15:30:44 2018 +0200
> 
>         dsdb: Log the transaction duraton.
> 
> was not part of the error handling branch:
> 
>     commit b6915bb4dac3fa010723eb009c8e39896edae80c
>     Author: Gary Lockyer <gary at catalyst.net.nz>
>     Date:   Mon Jun 25 16:00:28 2018 +1200
> 
>         lib audit_logging: Refactor to return an error codes
> 
> so it still uses the old style. Convert them to use the new
> interface instead.
> 
> Furthermore, return code checks are missing for two string fields
> in operation_json() (``status'', ``operation'') probably due to
> an oversight. Fix those as well.
> ---
>  source4/dsdb/samdb/ldb_modules/audit_log.c | 43 +++++++++++++++++++++++++-----
>  1 file changed, 36 insertions(+), 7 deletions(-)
> 
> diff --git a/source4/dsdb/samdb/ldb_modules/audit_log.c b/source4/dsdb/samdb/ldb_modules/audit_log.c
> index 9920a4899d5..270a19030f8 100644
> --- a/source4/dsdb/samdb/ldb_modules/audit_log.c
> +++ b/source4/dsdb/samdb/ldb_modules/audit_log.c
> @@ -223,8 +223,14 @@ static struct json_object operation_json(
>  	if (rc) {
>  		goto failure;
>  	}
> -	json_add_string(&audit, "status", ldb_strerror(reply->error));
> -	json_add_string(&audit, "operation", operation);
> +	rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
> +	if (rc) {
> +		goto failure;
> +	}
> +	rc = json_add_string(&audit, "operation", operation);
> +	if (rc) {
> +		goto failure;
> +	}
>  	rc = json_add_address(&audit, "remoteAddress", remote);
>  	if (rc) {
>  		goto failure;
> @@ -462,7 +468,10 @@ static struct json_object password_change_json(
>  	if (rc) {
>  		goto failure;
>  	}
> -	json_add_string(&audit, "status", ldb_strerror(reply->error));
> +	rc = json_add_string(&audit, "status", ldb_strerror(reply->error));
> +	if (rc) {
> +		goto failure;
> +	}
>  	rc = json_add_address(&audit, "remoteAddress", remote);
>  	if (rc) {
>  		goto failure;
> @@ -555,6 +564,10 @@ static struct json_object transaction_json(
>  	if (rc) {
>  		goto failure;
>  	}
> +	rc = json_add_int(&audit, "duration", duration);
> +	if (rc) {
> +		goto failure;
> +	}
>  
>  	wrapper = json_new_object();
>  	rc = json_add_timestamp(&wrapper);
> @@ -614,14 +627,30 @@ static struct json_object commit_failure_json(
>  	if (rc) {
>  		goto failure;
>  	}
> -	json_add_string(&audit, "action", action);
> -	json_add_guid(&audit, "transactionId", transaction_id);
> +	rc = json_add_string(&audit, "action", action);
> +	if (rc) {
> +		goto failure;
> +	}
> +	rc = json_add_guid(&audit, "transactionId", transaction_id);
> +	if (rc) {
> +		goto failure;
> +	}
> +	rc = json_add_int(&audit, "duration", duration);
> +	if (rc) {
> +		goto failure;
> +	}
>  	rc = json_add_int(&audit, "statusCode", status);
>  	if (rc) {
>  		goto failure;
>  	}
> -	json_add_string(&audit, "status", ldb_strerror(status));
> -	json_add_string(&audit, "reason", reason);
> +	rc = json_add_string(&audit, "status", ldb_strerror(status));
> +	if (rc) {
> +		goto failure;
> +	}
> +	rc = json_add_string(&audit, "reason", reason);
> +	if (rc) {
> +		goto failure;
> +	}
>  
>  	wrapper = json_new_object();
>  	rc = json_add_timestamp(&wrapper);
> 

-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 473 bytes
Desc: OpenPGP digital signature
URL: <http://lists.samba.org/pipermail/samba-technical/attachments/20180713/c28b4897/signature.sig>


More information about the samba-technical mailing list