svn commit: r190700 - head/usr.bin/su

[Christian S.J. Peron]

Author: csjp
Date: Sat Apr  4 20:58:18 2009
New Revision: 190700
URL: http://svn.freebsd.org/changeset/base/190700

Log:
  Fixup the parameters to audit_submit(3) the order is errno then return
  value.  This bug went un-noticed for so long because EPERM == 1
  
  MFC after:    1 week
  Spotted by:   sson, rwatson

Modified:
  head/usr.bin/su/su.c

Modified: head/usr.bin/su/su.c
==============================================================================
--- head/usr.bin/su/su.c        Sat Apr  4 20:08:08 2009        (r190699)
+++ head/usr.bin/su/su.c        Sat Apr  4 20:58:18 2009        (r190700)
@@ -231,7 +231,7 @@ main(int argc, char *argv[])
        if (strlen(user) > MAXLOGNAME - 1) {
 #ifdef USE_BSM_AUDIT
                if (audit_submit(AUE_su, auid,
-                   1, EPERM, "username too long: '%s'", user))
+                   EPERM, 1, "username too long: '%s'", user))
                        errx(1, "Permission denied");
 #endif
                errx(1, "username too long");
@@ -264,7 +264,7 @@ main(int argc, char *argv[])
                pwd = getpwuid(ruid);
        if (pwd == NULL) {
 #ifdef USE_BSM_AUDIT
-               if (audit_submit(AUE_su, auid, 1, EPERM,
+               if (audit_submit(AUE_su, auid, EPERM, 1,
                    "unable to determine invoking subject: '%s'", username))
                        errx(1, "Permission denied");
 #endif
@@ -305,7 +305,7 @@ main(int argc, char *argv[])
        retcode = pam_authenticate(pamh, 0);
        if (retcode != PAM_SUCCESS) {
 #ifdef USE_BSM_AUDIT
-               if (audit_submit(AUE_su, auid, 1, EPERM, "bad su %s to %s on 
%s",
+               if (audit_submit(AUE_su, auid, EPERM, 1, "bad su %s to %s on 
%s",
                    username, user, mytty))
                        errx(1, "Permission denied");
 #endif
@@ -326,7 +326,7 @@ main(int argc, char *argv[])
        pwd = getpwnam(user);
        if (pwd == NULL) {
 #ifdef USE_BSM_AUDIT
-               if (audit_submit(AUE_su, auid, 1, EPERM,
+               if (audit_submit(AUE_su, auid, EPERM, 1,
                    "unknown subject: %s", user))
                        errx(1, "Permission denied");
 #endif
@@ -342,7 +342,7 @@ main(int argc, char *argv[])
                        aerr = pam_strerror(pamh, retcode);
                        if (aerr == NULL)
                                aerr = "Unknown PAM error";
-                       if (audit_submit(AUE_su, auid, 1, EPERM,
+                       if (audit_submit(AUE_su, auid, EPERM, 1,
                            "pam_chauthtok: %s", aerr))
                                errx(1, "Permission denied");
 #endif
@@ -353,7 +353,7 @@ main(int argc, char *argv[])
        }
        if (retcode != PAM_SUCCESS) {
 #ifdef USE_BSM_AUDIT
-               if (audit_submit(AUE_su, auid, 1, EPERM, "pam_acct_mgmt: %s",
+               if (audit_submit(AUE_su, auid, EPERM, 1, "pam_acct_mgmt: %s",
                    pam_strerror(pamh, retcode)))
                        errx(1, "Permission denied");
 #endif
@@ -368,7 +368,7 @@ main(int argc, char *argv[])
        else {
                if (ruid != 0) {
 #ifdef USE_BSM_AUDIT
-                       if (audit_submit(AUE_su, auid, 1, EPERM,
+                       if (audit_submit(AUE_su, auid, EPERM, 1,
                            "only root may use -c"))
                                errx(1, "Permission denied");
 #endif
_______________________________________________
svn-src-all@freebsd.org mailing list
http://lists.freebsd.org/mailman/listinfo/svn-src-all
To unsubscribe, send any mail to "svn-src-all-unsubscr...@freebsd.org"