From 43f59f0e6a7a370e12f7022e947ff8a2b9e3ffc9 Mon Sep 17 00:00:00 2001
From: CentOS Sources <bugs@centos.org>
Date: Tue, 28 Mar 2023 13:16:41 +0000
Subject: [PATCH] import sysstat-11.7.3-9.el8

---
 ...-Add-a-f-flag-to-force-fdatasync-use.patch | 101 ++++++++++++++++++
 ...llocate-structures-on-32-bit-systems.patch |  85 +++++++++++++++
 SPECS/sysstat.spec                            |  12 ++-
 3 files changed, 197 insertions(+), 1 deletion(-)
 create mode 100644 SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch
 create mode 100644 SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch

diff --git a/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch b/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch
new file mode 100644
index 0000000..55a5bfa
--- /dev/null
+++ b/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch
@@ -0,0 +1,101 @@
+From 560d88cb5a16636acb0e350d6997fe915cc4253e Mon Sep 17 00:00:00 2001
+From: Kyle Walker <kwalker@redhat.com>
+Date: Wed, 30 Jan 2019 07:50:55 -0500
+Subject: [PATCH] sadc: Add a -f flag to force fdatasync() use
+
+For quite some time, the sadc utility has not used fdatasync() when writing
+stat information to disk. This resulted in instances where data files could
+be corrupted or entries lost if a system encountered a sudden reset
+condition. This change adds a "-f" flag which can be used to bring back the
+previous behaviour if end users require it.
+
+Note, the fdatasync() lowers the likelihood of lost data, but does so at
+the expense of performance within the write operation.
+---
+ man/sadc.in |  8 +++++++-
+ sa.h        |  2 ++
+ sadc.c      | 13 ++++++++++++-
+ 3 files changed, 21 insertions(+), 2 deletions(-)
+
+diff --git a/man/sadc.in b/man/sadc.in
+index 2d754b71..ce8ee230 100644
+--- a/man/sadc.in
++++ b/man/sadc.in
+@@ -4,7 +4,7 @@ sadc \- System activity data collector.
+ .SH SYNOPSIS
+ .B @SA_LIB_DIR@/sadc [ -C
+ .I comment
+-.B ] [ -D ] [ -F ] [ -L ] [ -V ] [ -S { DISK | INT | IPV6 | POWER | SNMP | XDISK | ALL | XALL [,...] } ] [
++.B ] [ -D ] [ -F ] [ -L ] [ -V ] [ -f ] [ -S { DISK | INT | IPV6 | POWER | SNMP | XDISK | ALL | XALL [,...] } ] [
+ .I interval
+ .B [
+ .I count
+@@ -106,6 +106,12 @@ then it will be truncated. This may be useful for daily data files
+ created by an older version of
+ .B sadc
+ and whose format is no longer compatible with current one.
++.IP -f
++fdatasync() will be used to ensure data is written to disk. This differs
++from the normal operation in that a sudden system reset is less likely to
++result in the saDD datafiles being corrupted. However, this is at the
++expense of performance within the sadc process as forward progress will be
++blocked while data is written to underlying disk instead of just to cache.
+ .IP -L
+ .B sadc
+ will try to get an exclusive lock on the
+diff --git a/sa.h b/sa.h
+index 1cd0c3d9..d3236f7c 100644
+--- a/sa.h
++++ b/sa.h
+@@ -110,5 +110,6 @@
+ #define S_F_HUMAN_READ		0x01000000
+ #define S_F_ZERO_OMIT		0x02000000
++#define S_F_FDATASYNC		0x08000000
+ 
+ #define WANT_SINCE_BOOT(m)		(((m) & S_F_SINCE_BOOT)   == S_F_SINCE_BOOT)
+ #define WANT_SA_ROTAT(m)		(((m) & S_F_SA_ROTAT)     == S_F_SA_ROTAT)
+@@ -138,5 +139,6 @@
+ #define PACK_VIEWS(m)			(((m) & S_F_SVG_PACKED) == S_F_SVG_PACKED)
+ #define DISPLAY_HUMAN_READ(m)		(((m) & S_F_HUMAN_READ) == S_F_HUMAN_READ)
++#define FDATASYNC(m)			(((m) & S_F_FDATASYNC)    == S_F_FDATASYNC)
+ 
+ #define AO_F_NULL		0x00000000
+ 
+diff --git a/sadc.c b/sadc.c
+index 826f4aed..139d490a 100644
+--- a/sadc.c
++++ b/sadc.c
+@@ -92,7 +92,7 @@ void usage(char *progname)
+ 		progname);
+ 
+ 	fprintf(stderr, _("Options are:\n"
+-			  "[ -C <comment> ] [ -D ] [ -F ] [ -L ] [ -V ]\n"
++			  "[ -C <comment> ] [ -D ] [ -F ] [ -L ] [ -V ] [ -f ]\n"
+ 			  "[ -S { INT | DISK | IPV6 | POWER | SNMP | XDISK | ALL | XALL } ]\n"));
+ 	exit(1);
+ }
+@@ -1109,6 +1109,13 @@ void rw_sa_stat_loop(long count, int stdfd, int ofd, char ofile[],
+ 
+ 		/* Flush data */
+ 		fflush(stdout);
++		if (FDATASYNC(flags)) {
++			/* If indicated, sync the data to media */
++			if (fdatasync(ofd) < 0) {
++				perror("fdatasync");
++				exit(4);
++			}
++		}
+ 
+ 		if (count > 0) {
+ 			count--;
+@@ -1206,6 +1213,10 @@ int main(int argc, char **argv)
+ 			optz = 1;
+ 		}
+ 
++		else if (!strcmp(argv[opt], "-f")) {
++			flags |= S_F_FDATASYNC;
++		}
++
+ 		else if (!strcmp(argv[opt], "-C")) {
+ 			if (!argv[++opt]) {
+ 				usage(argv[0]);
diff --git a/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch b/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch
new file mode 100644
index 0000000..8338a9b
--- /dev/null
+++ b/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch
@@ -0,0 +1,85 @@
+From 9c4eaf150662ad40607923389d4519bc83b93540 Mon Sep 17 00:00:00 2001
+From: Sebastien <seb@fedora-2.home>
+Date: Sat, 15 Oct 2022 14:24:22 +0200
+Subject: [PATCH] Fix size_t overflow in sa_common.c (GHSL-2022-074)
+
+allocate_structures function located in sa_common.c insufficiently
+checks bounds before arithmetic multiplication allowing for an
+overflow in the size allocated for the buffer representing system
+activities.
+
+This patch checks that the post-multiplied value is not greater than
+UINT_MAX.
+
+Signed-off-by: Sebastien <seb@fedora-2.home>
+---
+ common.c    | 25 +++++++++++++++++++++++++
+ common.h    |  2 ++
+ sa_common.c |  6 ++++++
+ 3 files changed, 33 insertions(+)
+
+diff --git a/common.c b/common.c
+index 81c77624..1a84b052 100644
+--- a/common.c
++++ b/common.c
+@@ -1655,4 +1655,29 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char
+ 
+ 	return 0;
+ }
++
++/*
++ ***************************************************************************
++ * Check if the multiplication of the 3 values may be greater than UINT_MAX.
++ *
++ * IN:
++ * @val1	First value.
++ * @val2	Second value.
++ * @val3	Third value.
++ ***************************************************************************
++ */
++void check_overflow(size_t val1, size_t val2, size_t val3)
++{
++	if ((unsigned long long) val1 *
++	    (unsigned long long) val2 *
++	    (unsigned long long) val3 > UINT_MAX) {
++#ifdef DEBUG
++		fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n",
++			__FUNCTION__,
++			(unsigned long long) val1 * (unsigned long long) val2 *	(unsigned long long) val3);
++#endif
++	exit(4);
++	}
++}
++
+ #endif /* SOURCE_SADC undefined */
+diff --git a/common.h b/common.h
+index 55b6657d..e8ab98ab 100644
+--- a/common.h
++++ b/common.h
+@@ -260,6 +260,8 @@ int check_dir
+ 	(const char *, int);
+ 
+ #ifndef SOURCE_SADC
++void check_overflow
++	(size_t, size_t, size_t);
+ int count_bits
+ 	(void *, int);
+ int count_csvalues
+diff --git a/sa_common.c b/sa_common.c
+index 3699a840..b2cec4ad 100644
+--- a/sa_common.c
++++ b/sa_common.c
+@@ -459,7 +459,13 @@ void allocate_structures(struct activity *act[])
+ 	int i, j;
+ 
+ 	for (i = 0; i < NR_ACT; i++) {
++
+ 		if (act[i]->nr_ini > 0) {
++
++			/* Look for a possible overflow */
++			check_overflow((size_t) act[i]->msize, (size_t) act[i]->nr_ini,
++				       (size_t) act[i]->nr2);
++
+ 			for (j = 0; j < 3; j++) {
+ 				SREALLOC(act[i]->buf[j], void,
+ 						(size_t) act[i]->msize * (size_t) act[i]->nr_ini * (size_t) act[i]->nr2);
diff --git a/SPECS/sysstat.spec b/SPECS/sysstat.spec
index 58d1f57..c77aeeb 100644
--- a/SPECS/sysstat.spec
+++ b/SPECS/sysstat.spec
@@ -1,7 +1,7 @@
 Summary: Collection of performance monitoring tools for Linux
 Name: sysstat
 Version: 11.7.3
-Release: 7%{?dist}
+Release: 9%{?dist}
 License: GPLv2+
 Group: Applications/System
 URL: http://sebastien.godard.pagesperso-orange.fr/
@@ -17,6 +17,8 @@ Patch02: 0001-ignoring-autofs-as-real-filesystem-by-counting-numbe.patch
 Patch03: 0001-sar-Add-missing-gnice-CPU-value-for-tickless-CPU.patch
 Patch04: 0001-sadf-Fix-seg-fault-on-empty-data-files.patch
 Patch05: 0001-sar-Fix-typo-in-manual-page.patch
+Patch06: CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch
+Patch07: 0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch
 
 BuildRequires: gettext, lm_sensors-devel, systemd
 
@@ -50,6 +52,8 @@ The cifsiostat command reports I/O statistics for CIFS file systems.
 %patch03 -p1
 %patch04 -p1
 %patch05 -p1
+%patch06 -p1
+%patch07 -p1
 
 %build
 export CFLAGS="$RPM_OPT_FLAGS -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld"
@@ -98,6 +102,12 @@ fi
 %{_localstatedir}/log/sa
 
 %changelog
+* Wed Dec 14 2022 Lukáš Zaoral <lzaoral@redhat.com> - 11.7.3-9
+- add -f flag to force fdatasync() after sa file update (#2153192)
+
+* Thu Nov 10 2022 Lukáš Zaoral <lzaoral@redhat.com> - 11.7.3-8
+- arithmetic overflow in allocate_structures() on 32 bit systems (CVE-2022-39377)
+
 * Mon Nov 29 2021  <msekleta@redhat.com> - 11.7.3-7
 - Don't trigger autofs mounts when running sadc (#2000910)
 - sar: Add missing %gnice CPU value for tickless CPU (#2000916)