Fix osquery_info build_platform column value on Linux by Smjert · Pull Request #...
source link: https://github.com/osquery/osquery/pull/7254
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
The value of build_platform in the osquery_info table
is currently controlled by the value of the preprocessor macro
OSQUERY_BUILD_PLATFORM, which is hardcoded to linux as a macro
passed via CLI.
That macro is then stringified, but the issue is that the linux
keyword is also a macro, which gets expanded to 1.
To avoid this collisions, we can set the preprocessor macro value
as a string already from CLI and remove the stringification,
which will prevent further problematic expansions.
We do the same also for the other string macro OSQUERY_BUILD_DISTRO.
NOTE: This is a quick fix for the described issue specifically; the values presented in those columns have additional issues described here: #7253
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK