On Thu, Mar 08, 2018 at 07:47:37PM +0200, Andy Shevchenko wrote: > On Thu, Mar 8, 2018 at 7:14 PM, Tycho Andersen <tycho@xxxxxxxx> wrote: > > In keeping with the directive to get rid of VLAs [1], let's drop the VLA > > from ima_audit_measurement(). We need to adjust the return type of > > ima_audit_measurement, because now this function can fail if an allocation > > fails. > > > > > + algo_hash_len = hash_len + strlen(algo_name) + 2; > > + algo_hash = kzalloc(algo_hash_len, GFP_KERNEL); > > > - snprintf(algo_hash, sizeof(algo_hash), "%s:%s", algo_name, hash); > > + snprintf(algo_hash, algo_hash_len, "%s:%s", algo_name, hash); > > kasprintf() ? Sure, in fact I think we could just do: - snprintf(algo_hash, algo_hash_len, "%s:%s", algo_name, hash); - audit_log_untrustedstring(ab, algo_hash); + audit_log_untrustedstring(ab, algo_name); + audit_log_format(ab, ":"); + audit_log_untrustedstring(ab, hash); and get rid of the allocation entirely. I'll test and make sure it works and then re-send. Cheers, Tycho
