mo

2024-05-29 20:52:32 +08:00 · 2024-05-29 20:52:32 +08:00 · eaaa758c86
commit eaaa758c86
parent 23a708c1a1
7 changed files with 382 additions and 1 deletions
--- a/audit.spec
+++ b/audit.spec
@ -369,7 +369,7 @@ fi
 %attr(644,root,root) %{_mandir}/man8/*.8.gz

 %changelog
-* Tue May 28 2024 xuraoqing<xuraoqing@huawei.com> - 1:3.1.2-3
+* Wed May 29 2024 fangxiuning<fangxiuning@huawei.com> - 1:3.1.2-3
 - backport patches to fix bugs

 * Thu Feb 1 2024 liyunfei<liyunfei33@huawei.com> - 1:3.1.2-2
--- a/backport-Cleanup-code-in-LRU.patch
+++ b/backport-Cleanup-code-in-LRU.patch
@ -0,0 +1,77 @@
+From 4939b8541322cbf3a53affc28e71ce53d92f121f Mon Sep 17 00:00:00 2001
+From: Steve Grubb <ausearch.1@gmail.com>
+Date: Fri, 3 May 2024 17:50:35 -0400
+Subject: [PATCH] Cleanup code in LRU
+
+Dont dereference anything until after checking if the queue is not empty.
+Also, leave a note disputing static analysis thinking there is a use after
+free destroying the queue.
+
+Conflict:NA
+Reference:https://github.com/linux-audit/audit-userspace/commit/4939b8541322cbf3a53affc28e71ce53d92f121f
+
+---
+ auparse/lru.c | 20 ++++++++++++--------
+ 1 file changed, 12 insertions(+), 8 deletions(-)
+
+diff --git a/auparse/lru.c b/auparse/lru.c
+index 05c4088d..f30bcf41 100644
+--- a/auparse/lru.c
+++ b/auparse/lru.c
+@@ -116,6 +116,11 @@ static void destroy_queue(Queue *queue)
+ 	dump_queue_stats(queue);
+ #endif
+ 
+	// Some static analysis scanners try to flag this as a use after
+	// free accessing queue->end. This is a false positive. It is freed.
+	// However, static analysis apps are incapable of seeing that in
+	// remove_node, end is updated to a prior node as part of detaching
+	// the current end node.
+ 	while (queue->count)
+ 		dequeue(queue);
+ 
+@@ -252,34 +257,33 @@ out:
+ 	sanity_check_queue(queue, "2 remove_node");
+ }
+ 
+-// Remove from the end of the queue 
+// Remove from the end of the queue
+ static void dequeue(Queue *queue)
+ {
+-	QNode *temp = queue->end;
+-
+ 	if (queue_is_empty(queue))
+ 		return;
+ 
+	QNode *temp = queue->end;
+ 	remove_node(queue, queue->end);
+ 
+ //	if (queue->cleanup)
+ //		queue->cleanup(temp->str); 
+ 	free(temp->str);
+ 	free(temp);
+- 
+
+ 	// decrement the total of full slots by 1
+ 	queue->count--;
+ }
+- 
+
+ // Remove front of the queue because its a mismatch
+ void lru_evict(Queue *queue, unsigned int key)
+ {
+	if (queue_is_empty(queue))
+		return;
+
+ 	Hash *hash = queue->hash;
+ 	QNode *temp = queue->front;
+ 
+-	if (queue_is_empty(queue))
+-		return;
+- 
+ 	hash->array[key] = NULL;
+ 	remove_node(queue, queue->front);
+ 
+-- 
+2.33.0
+
--- a/backport-Fix-memory-leaks.patch
+++ b/backport-Fix-memory-leaks.patch
@ -0,0 +1,69 @@
+From 289dc3a077f05fba93816fbdfbbfe032322d7f64 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <ausearch.1@gmail.com>
+Date: Tue, 21 May 2024 12:28:29 -0400
+Subject: [PATCH] Fix memory leaks
+
+Conflict:NA
+Reference:https://github.com/linux-audit/audit-userspace/commit/289dc3a077f05fba93816fbdfbbfe032322d7f64
+
+---
+ src/auditd-listen.c  | 2 +-
+ src/ausearch-lol.c   | 2 ++
+ src/ausearch-parse.c | 6 ++++--
+ 3 files changed, 7 insertions(+), 3 deletions(-)
+
+diff --git a/src/auditd-listen.c b/src/auditd-listen.c
+index ea3f137c..52076361 100644
+--- a/src/auditd-listen.c
+++ b/src/auditd-listen.c
+@@ -443,8 +443,8 @@ static int negotiate_credentials(ev_tcp *io)
+ 				gss_release_name(&min_stat, &client);
+ 				return -1;
+ 			}
+-			gss_release_buffer(&min_stat, &send_tok);
+ 		}
+		gss_release_buffer(&min_stat, &send_tok);
+ 	} while (maj_stat == GSS_S_CONTINUE_NEEDED);
+ 
+ 	maj_stat = gss_display_name(&min_stat, client, &recv_tok, NULL);
+diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
+index a5418079..784c58f6 100644
+--- a/src/ausearch-lol.c
+++ b/src/ausearch-lol.c
+@@ -311,6 +311,7 @@ int lol_add_record(lol *lo, char *buff)
+ 	n.type = e.type;
+ 	n.message = strdup(buff);
+ 	if(n.message == NULL) {
+		free((char *)e.node);
+ 		fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__);
+ 		return 0;
+ 	}
+@@ -369,6 +370,7 @@ int lol_add_record(lol *lo, char *buff)
+ 	// Create new event and fill it in
+ 	l = malloc(sizeof(llist));
+ 	if (l == NULL) {
+		free((char *)e.node);
+ 		fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__);
+ 		return 0;
+ 	}
+diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c
+index be57606b..4c9bef0d 100644
+--- a/src/ausearch-parse.c
+++ b/src/ausearch-parse.c
+@@ -769,9 +769,11 @@ static int common_path_parser(search_items *s, char *path)
+ 			if ((sn.str[0] == '.') && ((sn.str[1] == '.') ||
+ 				(sn.str[1] == '/')) && s->cwd) {
+ 				char *tmp = malloc(PATH_MAX);
+-				if (tmp == NULL)
+				if (tmp == NULL) {
+					free(sn.str);
+ 					return 6;
+-				snprintf(tmp, PATH_MAX, "%s/%s", 
+				}
+				snprintf(tmp, PATH_MAX, "%s/%s",
+ 					s->cwd, sn.str);
+ 				free(sn.str);
+ 				sn.str = tmp;
+-- 
+2.33.0
+
--- a/backport-Use-atomic_int-if-available-for-signal-related-flags.patch
+++ b/backport-Use-atomic_int-if-available-for-signal-related-flags.patch
@ -0,0 +1,92 @@
+From 184f20c56576300343b8f8b60a8bebb185074485 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Fri, 26 Apr 2024 12:44:56 -0400
+Subject: [PATCH] Use atomic_int if available for signal related flags
+
+Conflict:src/auditd.c
+Reference:https://github.com/linux-audit/audit-userspace/commit/184f20c56576300343b8f8b60a8bebb185074485
+
+---
+ configure.ac       | 7 ++++++-
+ src/auditd-event.c | 5 ++++-
+ src/auditd.c       | 9 ++++++---
+ 3 files changed, 16 insertions(+), 5 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index 8644ccc..61d32a8 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -87,7 +87,12 @@ AC_LINK_IFELSE(
+  [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])],
+  []
+ )
+-
+AC_CHECK_HEADERS([stdatomic.h], [
+    AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the <stdatomic.h> header file.])
+    AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the <stdatomic.h> header file.])
+  ], [
+    AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if <stdatomic.h> is not available.])
+])
+ AC_MSG_CHECKING(__attr_access support)
+ AC_COMPILE_IFELSE(
+   [AC_LANG_SOURCE(
+diff --git a/src/auditd-event.c b/src/auditd-event.c
+index c74b420..74c4fbd 100644
+--- a/src/auditd-event.c
+++ b/src/auditd-event.c
+@@ -36,6 +36,9 @@
+ #include <limits.h>     /* POSIX_HOST_NAME_MAX */
+ #include <ctype.h>	/* toupper */
+ #include <libgen.h>	/* dirname */
+#ifdef HAVE_ATOMIC
+#include <stdatomic.h>
+#endif
+ #include "auditd-event.h"
+ #include "auditd-dispatch.h"
+ #include "auditd-listen.h"
+@@ -45,7 +48,7 @@
+ #include "auparse-idata.h"
+ 
+ /* This is defined in auditd.c */
+-extern volatile int stop;
+extern volatile ATOMIC_INT stop;
+ 
+ /* Local function prototypes */
+ static void send_ack(const struct auditd_event *e, int ack_type,
+diff --git a/src/auditd.c b/src/auditd.c
+index 901f741..aebb919 100644
+--- a/src/auditd.c
+++ b/src/auditd.c
+@@ -38,6 +38,9 @@
+ #include <pthread.h>
+ #include <sys/utsname.h>
+ #include <getopt.h>
+#ifdef HAVE_ATOMIC
+#include <stdatomic.h>
+#endif
+ 
+ #include "libaudit.h"
+ #include "auditd-event.h"
+@@ -62,7 +65,7 @@
+ #define SUBJ_LEN 4097
+ 
+ /* Global Data */
+-volatile int stop = 0;
+volatile ATOMIC_INT stop = 0;
+ 
+ /* Local data */
+ static int fd = -1, pipefds[2] = {-1, -1};
+@@ -72,8 +75,8 @@ static const char *state_file = "/var/run/auditd.state";
+ static int init_pipe[2];
+ static int do_fork = 1, opt_aggregate_only = 0, config_dir_set = 0;
+ static struct auditd_event *cur_event = NULL, *reconfig_ev = NULL;
+-static int hup_info_requested = 0;
+-static int usr1_info_requested = 0, usr2_info_requested = 0;
+static ATOMIC_INT hup_info_requested = 0;
+static ATOMIC_INT usr1_info_requested = 0, usr2_info_requested = 0;
+ static char subj[SUBJ_LEN];
+ static uint32_t session;
+ static int hup_flag = 0;
+-- 
+2.33.0
+
--- a/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch
+++ b/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch
@ -0,0 +1,85 @@
+From 3955b5e29e119122dc2fc0a53ba82529613e4e1c Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Fri, 26 Apr 2024 14:03:02 -0400
+Subject: [PATCH] Use atomic_uint if available for signal related flags
+
+Conflict:NA
+Reference:https://github.com/linux-audit/audit-userspace/commit/3955b5e29e119122dc2fc0a53ba82529613e4e1c
+
+---
+ audisp/audispd.c | 7 +++++--
+ audisp/queue.c   | 9 ++++++---
+ configure.ac     | 2 ++
+ 3 files changed, 13 insertions(+), 5 deletions(-)
+
+diff --git a/audisp/audispd.c b/audisp/audispd.c
+index 0902a073..e4e49087 100644
+--- a/audisp/audispd.c
+++ b/audisp/audispd.c
+@@ -37,6 +37,9 @@
+ #include <limits.h>
+ #include <sys/uio.h>
+ #include <getopt.h>
+#ifdef HAVE_ATOMIC
+#include <stdatomic.h>
+#endif
+ 
+ #include "audispd-pconfig.h"
+ #include "audispd-config.h"
+@@ -46,8 +49,8 @@
+ #include "private.h"
+ 
+ /* Global Data */
+-static volatile int stop = 0;
+-volatile int disp_hup = 0;
+static volatile ATOMIC_INT stop = 0;
+volatile ATOMIC_INT disp_hup = 0;
+ 
+ /* Local data */
+ static daemon_conf_t daemon_config;
+diff --git a/audisp/queue.c b/audisp/queue.c
+index 8bd20ea1..183a5af8 100644
+--- a/audisp/queue.c
+++ b/audisp/queue.c
+@@ -25,17 +25,20 @@
+ #include <stdlib.h>
+ #include <unistd.h>
+ #include <syslog.h>
+#ifdef HAVE_ATOMIC
+#include <stdatomic.h>
+#endif
+ #include "queue.h"
+ 
+ static volatile event_t **q;
+ static pthread_mutex_t queue_lock;
+ static pthread_cond_t queue_nonempty;
+-static unsigned int q_next, q_last, q_depth, processing_suspended;
+-static unsigned int currently_used, max_used, overflowed;
+static unsigned int q_next, q_last, q_depth, processing_suspended, overflowed;
+static ATOMIC_UNSIGNED currently_used, max_used;
+ static const char *SINGLE = "1";
+ static const char *HALT = "0";
+ static int queue_full_warning = 0;
+-extern volatile int disp_hup;
+extern volatile ATOMIC_INT disp_hup;
+ #define QUEUE_FULL_LIMIT 5
+ 
+ void reset_suspended(void)
+diff --git a/configure.ac b/configure.ac
+index f0650f3f..969d36e8 100644
+--- a/configure.ac
+++ b/configure.ac
+@@ -89,8 +89,10 @@ AC_LINK_IFELSE(
+ AC_CHECK_HEADERS([stdatomic.h], [
+     AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the <stdatomic.h> header file.])
+     AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the <stdatomic.h> header file.])
+    AC_DEFINE([ATOMIC_UNSIGNED], atomic_uint, [Define atomic_uint if you have the <stdatomic.h> header file.])
+   ], [
+     AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if <stdatomic.h> is not available.])
+    AC_DEFINE([ATOMIC_UNSIGNED], unsigned, [Define to the type of an unsigned if <stdatomic.h> is not available.])
+ ])
+ AC_MSG_CHECKING(__attr_access support)
+ AC_COMPILE_IFELSE(
+-- 
+2.33.0
+
--- a/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch
+++ b/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch
@ -0,0 +1,28 @@
+From 3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0 Mon Sep 17 00:00:00 2001
+From: Yugend <jugendd@mail.ru>
+Date: Wed, 27 Mar 2024 17:41:07 +0300
+Subject: [PATCH] correcting memcmp args in check_rule_mismatch function
+
+Conflict:src/auditctl.c
+Reference:https://github.com/linux-audit/audit-userspace/commit/3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0
+
+---
+ src/auditctl.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/src/auditctl.c b/src/auditctl.c
+index 7949d95c..acb1e518 100644
+--- a/src/auditctl.c
+++ b/src/auditctl.c
+@@ -392,7 +392,7 @@ static int check_rule_mismatch(int lineno, const char *option)
+ 		audit_rule_syscallbyname_data(&tmprule, ptr);
+ 		ptr = strtok_r(NULL, ",", &saved);
+ 	}
+-	if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE))
+	if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE * sizeof(tmprule.mask[0])))
+ 		rc = 1;
+ 	free(tmp);
+ 
+-- 
+2.33.0
+
--- a/backport-fix-one-more-leak.patch
+++ b/backport-fix-one-more-leak.patch
@ -0,0 +1,30 @@
+From 613ccbdd1011692c6724a11cc8798112dd26d202 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <ausearch.1@gmail.com>
+Date: Tue, 21 May 2024 13:17:38 -0400
+Subject: [PATCH] fix one more leak
+
+Conflict:NA
+Reference:https://github.com/linux-audit/audit-userspace/commit/613ccbdd1011692c6724a11cc8798112dd26d202
+
+---
+ src/ausearch-lol.c | 4 +++-
+ 1 file changed, 3 insertions(+), 1 deletion(-)
+
+diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c
+index 784c58f6..d156ce42 100644
+--- a/src/ausearch-lol.c
+++ b/src/ausearch-lol.c
+@@ -371,7 +371,9 @@ int lol_add_record(lol *lo, char *buff)
+ 	l = malloc(sizeof(llist));
+ 	if (l == NULL) {
+ 		free((char *)e.node);
+-		fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__);
+		free(n.message);
+		fprintf(stderr, "Out of memory. Check %s file, %d line",
+			__FILE__, __LINE__);
+ 		return 0;
+ 	}
+ 	list_create(l);
+-- 
+2.33.0
+