NAME | SYNOPSIS | DESCRIPTION | RETURN VALUE | SEE ALSO | AUTHOR | COLOPHON 

AUDIT_ENCODE_NV_STRING(3)      Linux Audit API     AUDIT_ENCODE_NV_STRING(3)

NAME         top

       audit_encode_nv_string - encode a name/value pair in a string

SYNOPSIS         top

       #include <libaudit.h>
       char *audit_encode_nv_string(const char *name, const char *value,
       unsigned int vlen)

DESCRIPTION         top

       This function is used to encode a name/value pair. This should be
       used on any field being logged that potentially contains a space, a
       double-quote, or a control character. Any value containing those have
       to be specially encoded for the auparse library to correctly handle
       the value. The encoding method is designed to prevent log injection
       attacks where malicious values could cause parsing errors.
       To use this function, pass the name string and value strings on their
       respective arguments. If the value is likely to have a NUL value
       embedded within it, you will need to pass a value length that tells
       in bytes how big the value is. Otherwise, you can pass a 0 for vlen
       and the function will simply use strlen against the value pointer.
       Also be aware that the name of the field will cause auparse to do
       certain things when interpretting the value. If the name is uid, a
       user id value in decimal is expected. Make sure that well known names
       are used for their intended purpose or that there is no chance of
       name collision with something new.

RETURN VALUE         top

       Returns a freshly malloc'ed string that the caller must free or NULL
       on error.

SEE ALSO         top

       audit_log_user_message(3), audit_log_user_comm_message(3),
       audit_log_user_avc_message(3), audit_log_semanage_message(3).

AUTHOR         top

       Steve Grubb

COLOPHON         top

       This page is part of the audit (Linux Audit) project.  Information
       about the project can be found at 
       ⟨http://people.redhat.com/sgrubb/audit/⟩.  If you have a bug report
       for this manual page, send it to linux-audit@redhat.com.  This page
       was obtained from the project's upstream Git repository 
       ⟨https://github.com/linux-audit/audit-userspace.git⟩ on 2017-07-05.
       If you discover any rendering problems in this HTML version of the
       page, or you believe there is a better or more up-to-date source for
       the page, or you have corrections or improvements to the information
       in this COLOPHON (which is not part of the original manual page),
       send a mail to man-pages@man7.org
Red Hat                           Oct 2010         AUDIT_ENCODE_NV_STRING(3)