From 2060a8377591fb898436c754bc9dc8e5faa275ee Mon Sep 17 00:00:00 2001
From: Sami Tolvanen <samitolvanen@google.com>
Date: Mon, 29 Feb 2016 14:10:59 -0800
Subject: [PATCH] logd: add a comment about untrusted content in the audit log

A single space character in search terms separates us from a denial of
service attack that forces the device into safe mode.  This CL adds a
comment that hopefully stops the spaces from being accidentally deleted
in future.

Change-Id: I33b2632ef4211fa1688ac9c8f0cf7d0c667766c1
---
 logd/LogAudit.cpp | 4 ++++
 1 file changed, 4 insertions(+)

diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 9124bfdfc..4eb5e8310 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -164,6 +164,10 @@ int LogAudit::logPrint(const char *fmt, ...) {
         }
     }
 
+    // Note: The audit log can include untrusted strings, but those containing
+    // "a control character, unprintable character, double quote mark, or a
+    // space" are hex encoded. The space character before the search term is
+    // therefore needed to prevent denial of service. Do not remove the space.
     bool permissive = strstr(str, " enforcing=0") ||
                       strstr(str, " permissive=1");