commit cbc57b2908da5797d2a3e2b2e6aa644bed991851
author Sami Tolvanen <samitolvanen@google.com> Mon Feb 29 22:26:02 2016 +0000
committer android-build-merger <android-build-merger@google.com> Mon Feb 29 22:26:02 2016 +0000
tree 0b435b7897a1091d38a44481e6eb11c3914e0e63
parent 2df39ffb4a0ed695abcf17d4ae38dbc45ebbff34
parent 207482b6442eee99aee4c4bdbbf67c2066e68438

Merge "logd: add a comment about untrusted content in the audit log" am: 68de85bda9
am: 126527e74b

* commit '126527e74bd7f7180e5705d68c7d67a6be9ab5a9':
  logd: add a comment about untrusted content in the audit log

logd/LogAudit.cpp

diff --git a/logd/LogAudit.cpp b/logd/LogAudit.cpp
index 9124bfd..4eb5e83 100644
--- a/logd/LogAudit.cpp
+++ b/logd/LogAudit.cpp
@@ -164,6 +164,10 @@
         }
     }
 
+    // Note: The audit log can include untrusted strings, but those containing
+    // "a control character, unprintable character, double quote mark, or a
+    // space" are hex encoded. The space character before the search term is
+    // therefore needed to prevent denial of service. Do not remove the space.
     bool permissive = strstr(str, " enforcing=0") ||
                       strstr(str, " permissive=1");