rpms/audit
7
0
Fork 0
Code Issues Pull Requests Releases Activity

- Fix buffer overflow in audit_log_user_command, again (#438840)

Browse Source 
- Fix memory leak in EOE code in auditd (#440075)
- In auditctl, don't use new operators in legacy rule format
- Made a couple corrections in alpha & x86_64 syscall tables (Miloslav
    Trmac)
This commit is contained in:
Steve Grubb 2008-04-08 17:11:19 +00:00
parent 66fff58cc0
commit 0a9ab60e01
6 changed files with 4 additions and 52 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
.cvsignore
View File

@ -87,3 +87,4 @@ audit-1.6.7.tar.gz
audit-1.6.8.tar.gz audit-1.6.8.tar.gz
audit-1.6.9.tar.gz audit-1.6.9.tar.gz
audit-1.7.tar.gz audit-1.7.tar.gz
audit-1.7.1.tar.gz

13
audit-1.7.1-eoe-memleak.patch
View File

@ -1,13 +0,0 @@
diff -urp audit-1.7/src/auditd.c audit-1.7.1/src/auditd.c
--- audit-1.7/src/auditd.c 2008-01-01 09:55:36.000000000 -0500
+++ audit-1.7.1/src/auditd.c 2008-04-04 21:19:35.000000000 -0400
@@ -150,7 +150,8 @@ static void distribute_event(struct audi
enqueue_event(rep);
if (yield)
pthread_yield(); /* Let other thread try to log it. */
- }
+ } else
+ free(rep); // This function takes custody of the memory
// FIXME: This is commented out since it fails to work. The
// problem is that the logger thread free's the buffer. Probably

20
audit-1.7.1-lsb-headers.patch
View File

@ -1,20 +0,0 @@
diff -ur audit-1.6.10.orig/init.d/auditd.init audit-1.6.10/init.d/auditd.init
--- audit-1.6.10.orig/init.d/auditd.init 2008-03-27 10:53:28.000000000 -0400
+++ audit-1.6.10/init.d/auditd.init 2008-03-27 14:17:10.000000000 -0400
@@ -23,16 +23,6 @@
# 6 - program is not configured
# 7 - program is not running
#
-### BEGIN INIT INFO
-# Provides: audit
-# Required-Start: $syslog $local_fs
-# Required-Stop: $syslog $local_fs
-# Should-Start: $network
-# Default-Start: 2 3 4 5
-# Default-Stop: 0 1 6
-# Short-Description: audit daemon
-# Description: The audit daemon collects system security events
-### END INIT INFO
PATH=/sbin:/bin:/usr/bin:/usr/sbin

16
audit-1.7.1-overflow.patch
View File

@ -1,16 +0,0 @@
diff -urp audit-1.7/lib/audit_logging.c audit-1.7.1/lib/audit_logging.c
--- audit-1.7/lib/audit_logging.c 2008-03-27 11:11:34.000000000 -0400
+++ audit-1.7.1/lib/audit_logging.c 2008-04-01 11:55:41.000000000 -0400
@@ -653,8 +653,10 @@ int audit_log_user_command(int audit_fd,
}
p = cmd;
- strncpy(commname, cmd, PATH_MAX);
- commname[PATH_MAX] = 0;
+ if (len >= PATH_MAX) {
+ cmd[PATH_MAX] = 0;
+ len = PATH_MAX-1;
+ }
while (*p) {
if (*p == '"' || *p < 0x21 || (unsigned)*p > 0x7f) {
_audit_c2x(commname, cmd, len);

4
audit.spec
View File

@ -108,7 +108,7 @@ cp -p audisp/plugins/zos-remote/policy/audispd-zos-remote.* zos-remote-policy
(cd system-config-audit; ./autogen.sh) (cd system-config-audit; ./autogen.sh)
aclocal && autoconf && autoheader && automake aclocal && autoconf && autoheader && automake
%configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude %configure --sbindir=/sbin --libdir=/%{_lib} --with-prelude
make make %{?_smp_mflags}
cd zos-remote-policy cd zos-remote-policy
for selinuxvariant in %{selinux_variants} for selinuxvariant in %{selinux_variants}
do do
@ -125,7 +125,7 @@ mkdir -p $RPM_BUILD_ROOT/%{_mandir}/{man5,man8}
mkdir -p $RPM_BUILD_ROOT/%{_lib} mkdir -p $RPM_BUILD_ROOT/%{_lib}
mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit mkdir -p $RPM_BUILD_ROOT/%{_libdir}/audit
mkdir -p $RPM_BUILD_ROOT/%{_var}/log/audit mkdir -p $RPM_BUILD_ROOT/%{_var}/log/audit
make DESTDIR=$RPM_BUILD_ROOT install make DESTDIR=$RPM_BUILD_ROOT %{?_smp_mflags} install
make -C system-config-audit DESTDIR=$RPM_BUILD_ROOT install-fedora make -C system-config-audit DESTDIR=$RPM_BUILD_ROOT install-fedora
for selinuxvariant in %{selinux_variants} for selinuxvariant in %{selinux_variants}
do do

2
sources
View File

@ -1 +1 @@
2cc813a11060e4576ef0bc1f10bac0c1 audit-1.7.tar.gz c9d9fcfc19bdc131cc7bcf53b9b2dba4 audit-1.7.1.tar.gz