Unix/Linux Go Back    

CentOS 7.0 - man page for audit_encode_nv_string (centos section 3)

Linux & Unix Commands - Search Man Pages
Man Page or Keyword Search:   man
Select Man Page Set:       apropos Keyword Search (sections above)


       audit_encode_nv_string - encode a name/value pair in a string

       #include <libaudit.h>

       char *audit_encode_nv_string(const char *name, const char *value, unsigned int vlen)

       This  function is used to encode a name/value pair. This should be used on any field being
       logged that potentially contains a space, a double-quote,  or  a  control  character.  Any
       value  containing  those have to be specially encoded for the auparse library to correctly
       handle the value. The encoding method is designed to prevent log injection  attacks  where
       malicious values could cause parsing errors.

       To  use	this  function,  pass the name string and value strings on their respective argu-
       ments. If the value is likely to have a NUL value embedded within it,  you  will  need  to
       pass  a value length that tells in bytes how big the value is. Otherwise, you can pass a 0
       for vlen and the function will simply use strlen against the value pointer. Also be  aware
       that  the name of the field will cause auparse to do certain things when interpretting the
       value. If the name is uid, a user id value in decimal is expected.  Make  sure  that  well
       known  names are used for their intended purpose or that there is no chance of name colli-
       sion with something new.

       Returns a freshly malloc'ed string that the caller must free or NULL on error.

       audit_log_user_message(3), audit_log_user_comm_message(3),  audit_log_user_avc_message(3),

       Steve Grubb

Red Hat 				     Oct 2010			AUDIT_ENCODE_NV_STRING(3)
Unix & Linux Commands & Man Pages : ©2000 - 2018 Unix and Linux Forums

All times are GMT -4. The time now is 05:33 AM.