logd: add a comment about untrusted content in the audit log

A single space character in search terms separates us from a denial of service attack that forces the device into safe mode. This CL adds a comment that hopefully stops the spaces from being accidentally deleted in future. Change-Id: I33b2632ef4211fa1688ac9c8f0cf7d0c667766c1
2016-02-29 14:10:59 -08:00 · 2016-02-29 14:10:59 -08:00 · 2060a83775
parent 9218477ae7
commit 2060a83775
1 changed files with 4 additions and 0 deletions
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@ -164,6 +164,10 @@ int LogAudit::logPrint(const char *fmt, ...) {
        }
    }

+    // Note: The audit log can include untrusted strings, but those containing
+    // "a control character, unprintable character, double quote mark, or a
+    // space" are hex encoded. The space character before the search term is
+    // therefore needed to prevent denial of service. Do not remove the space.
    bool permissive = strstr(str, " enforcing=0") ||
                      strstr(str, " permissive=1");