Channge admin-cli doesn't show foreach systemcalls when the rule has all

author Sungbae Yoo <sungbae.yoo@samsung.com>

Mon, 30 Apr 2018 09:37:42 +0000 (18:37 +0900)

committer Sungbae Yoo <sungbae.yoo@samsung.com>

Wed, 2 May 2018 06:06:03 +0000 (06:06 +0000)
author Sungbae Yoo <sungbae.yoo@samsung.com>
Mon, 30 Apr 2018 09:37:42 +0000 (18:37 +0900)
committer Sungbae Yoo <sungbae.yoo@samsung.com>
Wed, 2 May 2018 06:06:03 +0000 (06:06 +0000)
diff --git a/tools/cli/audit-trail-admin-cli.cpp b/tools/cli/audit-trail-admin-cli.cpp

index 32fcd59b7e1453e1fe2093713164b11641239b33..2862c26e497307189c994b3cedf62cf312077691 100644 (file)
--- a/tools/cli/audit-trail-admin-cli.cpp
+++ b/tools/cli/audit-trail-admin-cli.cpp
@@ -541,8 +541,8 @@ int applyDacRules()
  
  void foreachRuleSystemcall(unsigned int syscall, void* userData)
  {
-       auto &str = *(std::stringstream*)userData;
-       str << CONVERT_HEX(syscall) << ", ";
+       auto &syscalls = *(std::vector<unsigned int>*)userData;
+       syscalls.push_back(syscall);
  }
  
  void foreachRuleCondition(unsigned int field, unsigned int op,
@@ -591,7 +591,17 @@ void foreachRule(audit_rule_h rule, void *userData)
         str << "exit";
  
         str << ",systemcall={";
-       audit_rule_foreach_systemcall(rule, foreachRuleSystemcall, &str);
+       {
+               std::vector<unsigned int> syscalls;
+               audit_rule_foreach_systemcall(rule, foreachRuleSystemcall, &syscalls);
+               if (syscalls.size() > 0x7ef) {
+                       str << "all";
+               } else {
+                       for (auto syscall : syscalls) {
+                               str << CONVERT_HEX(syscall) << ", ";
+                       }
+               }
+       }
  
         str << "},condition={";
         audit_rule_foreach_condition(rule, foreachRuleCondition, &str);
author	Sungbae Yoo <sungbae.yoo@samsung.com>
	Mon, 30 Apr 2018 09:37:42 +0000 (18:37 +0900)
committer	Sungbae Yoo <sungbae.yoo@samsung.com>
	Wed, 2 May 2018 06:06:03 +0000 (06:06 +0000)