rpms/audit
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Correct size information of dispatched event

Browse Source
This commit is contained in:
sgrubb 2016-07-08 17:44:51 -04:00
parent a68689b9d2
commit c7215bd3fb
2 changed files with 66 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

60
audit-2.6.5-disp-hdr.patch Normal file
View File

@ -0,0 +1,60 @@
diff -urp audit-2.6.5.orig/audisp/audispd.c audit-2.6.5/audisp/audispd.c
--- audit-2.6.5.orig/audisp/audispd.c 2016-07-08 12:17:53.000000000 -0400
+++ audit-2.6.5/audisp/audispd.c 2016-07-08 17:11:18.659015835 -0400
@@ -825,13 +825,25 @@ static void process_inbound_event(int fd
if (rc > 0) {
/* Sanity check */
- if (!(e->hdr.ver == AUDISP_PROTOCOL_VER ||
- e->hdr.ver == AUDISP_PROTOCOL_VER2) ||
- e->hdr.hlen != sizeof(e->hdr) ||
- e->hdr.size > MAX_AUDIT_MESSAGE_LENGTH) {
+ if ((e->hdr.ver != AUDISP_PROTOCOL_VER &&
+ e->hdr.ver != AUDISP_PROTOCOL_VER2)) {
+ syslog(LOG_ERR,
+ "Unknown dispatcher protocol %u, exiting",
+ e->hdr.ver);
free(e);
+ exit(1);
+ }
+ if (e->hdr.hlen != sizeof(e->hdr)) {
syslog(LOG_ERR,
- "Dispatcher protocol mismatch, exiting");
+ "Header length mismatch %u %lu, exiting",
+ e->hdr.hlen, sizeof(e->hdr));
+ free(e);
+ exit(1);
+ }
+ if (e->hdr.size > MAX_AUDIT_MESSAGE_LENGTH) {
+ syslog(LOG_ERR, "Header size mismatch %d, exiting",
+ e->hdr.size);
+ free(e);
exit(1);
}
diff -urp audit-2.6.5.orig/src/auditd-dispatch.c audit-2.6.5/src/auditd-dispatch.c
--- audit-2.6.5.orig/src/auditd-dispatch.c 2016-07-08 12:17:53.000000000 -0400
+++ audit-2.6.5/src/auditd-dispatch.c 2016-07-08 17:00:58.081896384 -0400
@@ -183,17 +183,19 @@ int dispatch_event(const struct audit_re
hdr.ver = protocol_ver;
hdr.hlen = sizeof(struct audit_dispatcher_header);
hdr.type = rep->type;
- hdr.size = rep->len;
vec[0].iov_base = (void*)&hdr;
vec[0].iov_len = sizeof(hdr);
if (protocol_ver == AUDISP_PROTOCOL_VER) {
+ hdr.size = rep->msg.nlh.nlmsg_len;
vec[1].iov_base = (void*)rep->message;
vec[1].iov_len = rep->msg.nlh.nlmsg_len;
- } else {
+ } else if (protocol_ver == AUDISP_PROTOCOL_VER2) {
+ hdr.size = rep->len;
vec[1].iov_base = (void*)rep->msg.data;
vec[1].iov_len = rep->len;
- }
+ } else
+ return 0;
do {
rc = writev(disp_pipe[1], vec, 2);

7
audit.spec
View File

@ -3,12 +3,13 @@
Summary: User space tools for 2.6 kernel auditing Summary: User space tools for 2.6 kernel auditing
Name: audit Name: audit
Version: 2.6.4 Version: 2.6.4
Release: 1%{?dist} Release: 2%{?dist}
License: GPLv2+ License: GPLv2+
Group: System Environment/Daemons Group: System Environment/Daemons
URL: http://people.redhat.com/sgrubb/audit/ URL: http://people.redhat.com/sgrubb/audit/
Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Source1: https://www.gnu.org/licenses/lgpl-2.1.txt
Patch1: audit-2.6.5-disp-hdr.patch
BuildRequires: openldap-devel BuildRequires: openldap-devel
BuildRequires: swig BuildRequires: swig
BuildRequires: python-devel BuildRequires: python-devel
@ -113,6 +114,7 @@ Management Facility) database, through an IBM Tivoli Directory Server
%prep %prep
%setup -q %setup -q
cp %{SOURCE1} . cp %{SOURCE1} .
%patch1 -p1
%build %build
%configure --sbindir=/sbin --libdir=/%{_lib} --with-python=yes \ %configure --sbindir=/sbin --libdir=/%{_lib} --with-python=yes \
@ -308,6 +310,9 @@ fi
%attr(750,root,root) /sbin/audispd-zos-remote %attr(750,root,root) /sbin/audispd-zos-remote
%changelog %changelog
* Fri Jul 08 2016 Steve Grubb <sgrubb@redhat.com> 2.6.4-2
- Correct size information of dispatched event
* Fri Jul 08 2016 Steve Grubb <sgrubb@redhat.com> 2.6.4-1 * Fri Jul 08 2016 Steve Grubb <sgrubb@redhat.com> 2.6.4-1
- New upstream bugfix release - New upstream bugfix release