diff --git a/audit.spec b/audit.spec index 25d3fc9f440c6dc51e9551d2f816be09c457b9c7..d21c19a1d989723d000c316e459ed447a24541ab 100644 --- a/audit.spec +++ b/audit.spec @@ -2,7 +2,7 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 Version: 3.0.1 -Release: 14 +Release: 15 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -65,6 +65,20 @@ Patch53: backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.p Patch54: backport-lib-avoid-UB-on-sequence-wrap-around-347.patch Patch55: backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch Patch56: backport-Cleanup-shell-script-warnings.patch +Patch57: backport-Solve-issue-363-by-moving-check-to-after-load_config.patch +Patch58: backport-first-part-of-NULL-pointer-checks.patch +Patch59: backport-second-part-of-NULL-pointer-checks.patch +Patch60: backport-last-part-of-NULL-pointer-checks.patch +Patch61: backport-Fixed-NULL-checks.patch +Patch62: backport-update-error-messages-in-NULL-Checks.patch +Patch63: backport-adding-the-file-descriptor-closure.patch +Patch64: backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch +Patch65: backport-Use-atomic_int-if-available-for-signal-related-flags.patch +Patch66: backport-Use-atomic_uint-if-available-for-signal-related-flag.patch +Patch67: backport-avoiding-of-NULL-pointers-dereference-366.patch +Patch68: backport-Cleanup-code-in-LRU.patch +Patch69: backport-Fix-memory-leaks.patch +Patch70: backport-fix-one-more-leak.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -400,6 +414,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Wed Jun 19 2024 xuraoqing - 1:3.0.1-15 +- backport patches to fix bug + * Tue Mar 19 2024 xuraoqing - 1:3.0.1-14 - backport patches from upstream diff --git a/backport-Cleanup-code-in-LRU.patch b/backport-Cleanup-code-in-LRU.patch new file mode 100644 index 0000000000000000000000000000000000000000..668b38bfd560e1406ac7dee3f0269de0debb2bf1 --- /dev/null +++ b/backport-Cleanup-code-in-LRU.patch @@ -0,0 +1,77 @@ +From 4939b8541322cbf3a53affc28e71ce53d92f121f Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Fri, 3 May 2024 17:50:35 -0400 +Subject: [PATCH] Cleanup code in LRU + +Dont dereference anything until after checking if the queue is not empty. +Also, leave a note disputing static analysis thinking there is a use after +free destroying the queue. + +Reference:https://github.com/linux-audit/audit-userspace/commit/4939b8541322cbf3a53affc28e71ce53d92f121f +Conflict:NA + +--- + auparse/lru.c | 20 ++++++++++++-------- + 1 file changed, 12 insertions(+), 8 deletions(-) + +diff --git a/auparse/lru.c b/auparse/lru.c +index 05c4088d..f30bcf41 100644 +--- a/auparse/lru.c ++++ b/auparse/lru.c +@@ -116,6 +116,11 @@ static void destroy_queue(Queue *queue) + dump_queue_stats(queue); + #endif + ++ // Some static analysis scanners try to flag this as a use after ++ // free accessing queue->end. This is a false positive. It is freed. ++ // However, static analysis apps are incapable of seeing that in ++ // remove_node, end is updated to a prior node as part of detaching ++ // the current end node. + while (queue->count) + dequeue(queue); + +@@ -252,34 +257,33 @@ out: + sanity_check_queue(queue, "2 remove_node"); + } + +-// Remove from the end of the queue ++// Remove from the end of the queue + static void dequeue(Queue *queue) + { +- QNode *temp = queue->end; +- + if (queue_is_empty(queue)) + return; + ++ QNode *temp = queue->end; + remove_node(queue, queue->end); + + // if (queue->cleanup) + // queue->cleanup(temp->str); + free(temp->str); + free(temp); +- ++ + // decrement the total of full slots by 1 + queue->count--; + } +- ++ + // Remove front of the queue because its a mismatch + void lru_evict(Queue *queue, unsigned int key) + { ++ if (queue_is_empty(queue)) ++ return; ++ + Hash *hash = queue->hash; + QNode *temp = queue->front; + +- if (queue_is_empty(queue)) +- return; +- + hash->array[key] = NULL; + remove_node(queue, queue->front); + +-- +2.33.0 + diff --git a/backport-Fix-memory-leaks.patch b/backport-Fix-memory-leaks.patch new file mode 100644 index 0000000000000000000000000000000000000000..b20dcf9a12ed52944fe5612b1e260527b26da053 --- /dev/null +++ b/backport-Fix-memory-leaks.patch @@ -0,0 +1,69 @@ +From 289dc3a077f05fba93816fbdfbbfe032322d7f64 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 21 May 2024 12:28:29 -0400 +Subject: [PATCH] Fix memory leaks + +Reference:https://github.com/linux-audit/audit-userspace/commit/289dc3a077f05fba93816fbdfbbfe032322d7f64 +Conflict:NA + +--- + src/auditd-listen.c | 2 +- + src/ausearch-lol.c | 2 ++ + src/ausearch-parse.c | 6 ++++-- + 3 files changed, 7 insertions(+), 3 deletions(-) + +diff --git a/src/auditd-listen.c b/src/auditd-listen.c +index ea3f137c..52076361 100644 +--- a/src/auditd-listen.c ++++ b/src/auditd-listen.c +@@ -443,8 +443,8 @@ static int negotiate_credentials(ev_tcp *io) + gss_release_name(&min_stat, &client); + return -1; + } +- gss_release_buffer(&min_stat, &send_tok); + } ++ gss_release_buffer(&min_stat, &send_tok); + } while (maj_stat == GSS_S_CONTINUE_NEEDED); + + maj_stat = gss_display_name(&min_stat, client, &recv_tok, NULL); +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index a5418079..784c58f6 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -311,6 +311,7 @@ int lol_add_record(lol *lo, char *buff) + n.type = e.type; + n.message = strdup(buff); + if(n.message == NULL) { ++ free((char *)e.node); + fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 0; + } +@@ -369,6 +370,7 @@ int lol_add_record(lol *lo, char *buff) + // Create new event and fill it in + l = malloc(sizeof(llist)); + if (l == NULL) { ++ free((char *)e.node); + fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 0; + } +diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c +index be57606b..4c9bef0d 100644 +--- a/src/ausearch-parse.c ++++ b/src/ausearch-parse.c +@@ -769,9 +769,11 @@ static int common_path_parser(search_items *s, char *path) + if ((sn.str[0] == '.') && ((sn.str[1] == '.') || + (sn.str[1] == '/')) && s->cwd) { + char *tmp = malloc(PATH_MAX); +- if (tmp == NULL) ++ if (tmp == NULL) { ++ free(sn.str); + return 6; +- snprintf(tmp, PATH_MAX, "%s/%s", ++ } ++ snprintf(tmp, PATH_MAX, "%s/%s", + s->cwd, sn.str); + free(sn.str); + sn.str = tmp; +-- +2.33.0 + diff --git a/backport-Fixed-NULL-checks.patch b/backport-Fixed-NULL-checks.patch new file mode 100644 index 0000000000000000000000000000000000000000..8c940c5eee04a8ae6feaf9f8004565ab8e1fa39c --- /dev/null +++ b/backport-Fixed-NULL-checks.patch @@ -0,0 +1,54 @@ +From 68131717821ee5c946fb561218551c98e46d7d06 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Tue, 19 Mar 2024 17:01:53 +0300 +Subject: [PATCH] Fixed NULL checks + +Reference:https://github.com/linux-audit/audit-userspace/commit/68131717821ee5c946fb561218551c98e46d7d06 +Conflict:NA + +--- + audisp/plugins/zos-remote/zos-remote-queue.c | 2 +- + auparse/auparse.c | 1 + + src/ausearch-lol.c | 1 + + 3 files changed, 3 insertions(+), 1 deletion(-) + +diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c +index 47dd006e..f8019890 100644 +--- a/audisp/plugins/zos-remote/zos-remote-queue.c ++++ b/audisp/plugins/zos-remote/zos-remote-queue.c +@@ -131,7 +131,7 @@ void increase_queue_depth(unsigned int size) + + tmp_q = realloc(q, size * sizeof(BerElement *)); + if (tmp_q == NULL) { +- log_err("Memory allocation error");; ++ log_err("Memory allocation error");; + pthread_mutex_unlock(&queue_lock); + return; + } +diff --git a/auparse/auparse.c b/auparse/auparse.c +index 516ee8f1..e782058d 100644 +--- a/auparse/auparse.c ++++ b/auparse/auparse.c +@@ -116,6 +116,7 @@ static int setup_log_file_array(auparse_state_t *au) + if (!tmp) { + fprintf(stderr, "No memory\n"); + aup_free_config(&config); ++ free(filename); + return 1; + } + +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index c2140b7e..7562dc21 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -49,6 +49,7 @@ void lol_create(lol *lo) + lo->array = (lolnode *)malloc(size); + if (lo->array == NULL) { + fprintf(stderr, "Memory allocation error"); ++ lo->limit = 0; + return; + } + memset(lo->array, 0, size); +-- +2.33.0 + diff --git a/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch b/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch new file mode 100644 index 0000000000000000000000000000000000000000..e4b8e553cc01114b7d350b5b4d718b88fe87bfb9 --- /dev/null +++ b/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch @@ -0,0 +1,62 @@ +From 0604569e79a5d1c76b32f15576e129e0b813659f Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Sun, 24 Mar 2024 13:06:59 -0400 +Subject: [PATCH] Solve issue #363 by moving check to after load_config + +Reference:https://github.com/linux-audit/audit-userspace/commit/0604569e79a5d1c76b32f15576e129e0b813659f +Conflict:NA + +--- + src/auditd.c | 29 +++++++++++++++-------------- + 1 file changed, 15 insertions(+), 14 deletions(-) + +diff --git a/src/auditd.c b/src/auditd.c +index e0fe9925..67ce06c0 100644 +--- a/src/auditd.c ++++ b/src/auditd.c +@@ -676,20 +676,6 @@ int main(int argc, char *argv[]) + } + session = audit_get_session(); + +-#ifndef DEBUG +- /* Make sure we can do our job. Containers may not give you +- * capabilities, so we revert to a uid check for that case. */ +- if (!audit_can_control()) { +- if (!config.local_events && geteuid() == 0) +- ; +- else { +- fprintf(stderr, +- "You must be root or have capabilities to run this program.\n"); +- return 4; +- } +- } +-#endif +- + /* Register sighandlers */ + sa.sa_flags = 0 ; + sigemptyset( &sa.sa_mask ) ; +@@ -717,6 +703,21 @@ int main(int argc, char *argv[]) + free_config(&config); + return 6; + } ++ ++#ifndef DEBUG ++ /* Make sure we can do our job. Containers may not give you ++ * capabilities, so we revert to a uid check for that case. */ ++ if (!audit_can_control()) { ++ if (!config.local_events && geteuid() == 0) ++ ; ++ else { ++ fprintf(stderr, ++ "You must be root or have capabilities to run this program.\n"); ++ return 4; ++ } ++ } ++#endif ++ + if (config.daemonize == D_FOREGROUND) + config.write_logs = 0; + +-- +2.33.0 + diff --git a/backport-Use-atomic_int-if-available-for-signal-related-flags.patch b/backport-Use-atomic_int-if-available-for-signal-related-flags.patch new file mode 100644 index 0000000000000000000000000000000000000000..b1120e9e2cac71602b0910fda79f7b13e5266450 --- /dev/null +++ b/backport-Use-atomic_int-if-available-for-signal-related-flags.patch @@ -0,0 +1,94 @@ +From 184f20c56576300343b8f8b60a8bebb185074485 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Fri, 26 Apr 2024 12:44:56 -0400 +Subject: [PATCH] Use atomic_int if available for signal related flags + + +Reference:https://github.com/linux-audit/audit-userspace/commit/184f20c56576300343b8f8b60a8bebb185074485 +Conflict:configure.ac + +--- + configure.ac | 8 ++++++++ + src/auditd-event.c | 5 ++++- + src/auditd.c | 9 ++++++--- + 3 files changed, 18 insertions(+), 4 deletions(-) + +diff --git a/configure.ac b/configure.ac +index f2f2950..96a0fcc 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -85,6 +85,14 @@ AC_LINK_IFELSE( + [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], + [] + ) ++ ++AC_CHECK_HEADERS([stdatomic.h], [ ++ AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the header file.]) ++ AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the header file.]) ++ ], [ ++ AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if is not available.]) ++]) ++ + dnl; pthread_yield is used in zos-remote + AC_SEARCH_LIBS(pthread_yield, pthread, + [AC_DEFINE(HAVE_PTHREAD_YIELD, 1, [Define to 1 if we have pthread_yield])], []) +diff --git a/src/auditd-event.c b/src/auditd-event.c +index 847f5fe..c1e4b5a 100644 +--- a/src/auditd-event.c ++++ b/src/auditd-event.c +@@ -36,6 +36,9 @@ + #include /* POSIX_HOST_NAME_MAX */ + #include /* toupper */ + #include /* dirname */ ++#ifdef HAVE_ATOMIC ++#include ++#endif + #include "auditd-event.h" + #include "auditd-dispatch.h" + #include "auditd-listen.h" +@@ -45,7 +48,7 @@ + #include "auparse-idata.h" + + /* This is defined in auditd.c */ +-extern volatile int stop; ++extern volatile ATOMIC_INT stop; + + /* Local function prototypes */ + static void send_ack(const struct auditd_event *e, int ack_type, +diff --git a/src/auditd.c b/src/auditd.c +index 34a9b57..75a180e 100644 +--- a/src/auditd.c ++++ b/src/auditd.c +@@ -38,6 +38,9 @@ + #include + #include + #include ++#ifdef HAVE_ATOMIC ++#include ++#endif + + #include "libaudit.h" + #include "auditd-event.h" +@@ -62,7 +65,7 @@ + #define SUBJ_LEN 4097 + + /* Global Data */ +-volatile int stop = 0; ++volatile ATOMIC_INT stop = 0; + + /* Local data */ + static int fd = -1, pipefds[2] = {-1, -1}; +@@ -72,8 +75,8 @@ static const char *state_file = "/var/run/auditd.state"; + static int init_pipe[2]; + static int do_fork = 1, opt_aggregate_only = 0, config_dir_set = 0; + static struct auditd_event *cur_event = NULL, *reconfig_ev = NULL; +-static int hup_info_requested = 0; +-static int usr1_info_requested = 0, usr2_info_requested = 0; ++static ATOMIC_INT hup_info_requested = 0; ++static ATOMIC_INT usr1_info_requested = 0, usr2_info_requested = 0; + static char subj[SUBJ_LEN]; + static uint32_t session; + static int hup_flag = 0; +-- +2.33.0 + diff --git a/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch b/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch new file mode 100644 index 0000000000000000000000000000000000000000..f4a7670f438fc28f64c6e5d06b1a71b2d699c165 --- /dev/null +++ b/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch @@ -0,0 +1,85 @@ +From 3955b5e29e119122dc2fc0a53ba82529613e4e1c Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Fri, 26 Apr 2024 14:03:02 -0400 +Subject: [PATCH] Use atomic_uint if available for signal related flags + +Reference:https://github.com/linux-audit/audit-userspace/commit/3955b5e29e119122dc2fc0a53ba82529613e4e1c +Conflict:configure.ac + +--- + audisp/audispd.c | 7 +++++-- + audisp/queue.c | 9 ++++++--- + configure.ac | 2 ++ + 3 files changed, 13 insertions(+), 5 deletions(-) + +diff --git a/audisp/audispd.c b/audisp/audispd.c +index 0172e12..8be0e8f 100644 +--- a/audisp/audispd.c ++++ b/audisp/audispd.c +@@ -41,6 +41,9 @@ + #include + #include + #include ++#ifdef HAVE_ATOMIC ++#include ++#endif + + #include "audispd-pconfig.h" + #include "audispd-config.h" +@@ -51,8 +54,8 @@ + #include "private.h" + + /* Global Data */ +-static volatile int stop = 0; +-volatile int disp_hup = 0; ++static volatile ATOMIC_INT stop = 0; ++volatile ATOMIC_INT disp_hup = 0; + + /* Local data */ + static daemon_conf_t daemon_config; +diff --git a/audisp/queue.c b/audisp/queue.c +index 2b7ea43..6204453 100644 +--- a/audisp/queue.c ++++ b/audisp/queue.c +@@ -25,17 +25,20 @@ + #include + #include + #include ++#ifdef HAVE_ATOMIC ++#include ++#endif + #include "queue.h" + + static volatile event_t **q; + static pthread_mutex_t queue_lock; + static pthread_cond_t queue_nonempty; +-static unsigned int q_next, q_last, q_depth, processing_suspended; +-static unsigned int currently_used, max_used, overflowed; ++static unsigned int q_next, q_last, q_depth, processing_suspended, overflowed; ++static ATOMIC_UNSIGNED currently_used, max_used; + static const char *SINGLE = "1"; + static const char *HALT = "0"; + static int queue_full_warning = 0; +-extern volatile int disp_hup; ++extern volatile ATOMIC_INT disp_hup; + #define QUEUE_FULL_LIMIT 5 + + void reset_suspended(void) +diff --git a/configure.ac b/configure.ac +index 96a0fcc..57c961a 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -89,8 +89,10 @@ AC_LINK_IFELSE( + AC_CHECK_HEADERS([stdatomic.h], [ + AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the header file.]) + AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the header file.]) ++ AC_DEFINE([ATOMIC_UNSIGNED], atomic_uint, [Define atomic_uint if you have the header file.]) + ], [ + AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if is not available.]) ++ AC_DEFINE([ATOMIC_UNSIGNED], unsigned, [Define to the type of an unsigned if is not available.]) + ]) + + dnl; pthread_yield is used in zos-remote +-- +2.33.0 + diff --git a/backport-adding-the-file-descriptor-closure.patch b/backport-adding-the-file-descriptor-closure.patch new file mode 100644 index 0000000000000000000000000000000000000000..08020566317e7089ff6df1375739169aa39b2bf2 --- /dev/null +++ b/backport-adding-the-file-descriptor-closure.patch @@ -0,0 +1,27 @@ +From 5eef876b3eb2fa3348be6cd31bd651a98b164deb Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Wed, 27 Mar 2024 17:34:33 +0300 +Subject: [PATCH] adding the file descriptor closure + +Reference:https://github.com/linux-audit/audit-userspace/commit/5eef876b3eb2fa3348be6cd31bd651a98b164deb +Conflict:NA + +--- + src/auditctl.c | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/auditctl.c b/src/auditctl.c +index 503b4e2b..7949d95c 100644 +--- a/src/auditctl.c ++++ b/src/auditctl.c +@@ -1393,6 +1393,7 @@ static int fileopt(const char *file) + fields = malloc(nf * sizeof(char *)); + if (fields == NULL) { + audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); ++ fclose(f); + return 1; + } + +-- +2.33.0 + diff --git a/backport-avoiding-of-NULL-pointers-dereference-366.patch b/backport-avoiding-of-NULL-pointers-dereference-366.patch new file mode 100644 index 0000000000000000000000000000000000000000..fcc2b0b5fc74c1f47fb00a493a36ca814246c1d4 --- /dev/null +++ b/backport-avoiding-of-NULL-pointers-dereference-366.patch @@ -0,0 +1,41 @@ +From 4780cd1a790286213dda646f782fa7128fb092a9 Mon Sep 17 00:00:00 2001 +From: Yugend <77495782+Yugend@users.noreply.github.com> +Date: Sat, 4 May 2024 00:39:36 +0300 +Subject: [PATCH] avoiding of NULL pointers dereference (#366) + +Reference:https://github.com/linux-audit/audit-userspace/commit/4780cd1a790286213dda646f782fa7128fb092a9 +Conflict:NA + +--- + src/ausearch-parse.c | 8 ++++++++ + 1 file changed, 8 insertions(+) + +diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c +index 1a5b047f..be57606b 100644 +--- a/src/ausearch-parse.c ++++ b/src/ausearch-parse.c +@@ -719,6 +719,10 @@ static int common_path_parser(search_items *s, char *path) + // append + snode sn; + sn.str = strdup(path); ++ if (sn.str == NULL) { ++ fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__); ++ return 8; ++ } + sn.key = NULL; + sn.hits = 1; + // Attempt to rebuild path if relative +@@ -1217,6 +1221,10 @@ skip: + saved = *term; + *term = 0; + s->hostname = strdup(str); ++ if (s->hostname == NULL) { ++ fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__); ++ return 33; ++ } + *term = saved; + + // Lets see if there is something more +-- +2.33.0 + diff --git a/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch b/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch new file mode 100644 index 0000000000000000000000000000000000000000..9b0b2b8015176a63f41422438c24d5db20da8167 --- /dev/null +++ b/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch @@ -0,0 +1,28 @@ +From 3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Wed, 27 Mar 2024 17:41:07 +0300 +Subject: [PATCH] correcting memcmp args in check_rule_mismatch function + +Reference:https://github.com/linux-audit/audit-userspace/commit/3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0 +Conflict:src/auditctl.c + +--- + src/auditctl.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/auditctl.c b/src/auditctl.c +index d55f7d8..6274f6d 100644 +--- a/src/auditctl.c ++++ b/src/auditctl.c +@@ -388,7 +388,7 @@ static void check_rule_mismatch(int lineno, const char *option) + } + memset(&tmprule, 0, sizeof(struct audit_rule_data)); + audit_rule_syscallbyname_data(&tmprule, option); +- if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE)) ++ if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE * sizeof(tmprule.mask[0]))) + rc = 1; + _audit_elf = old_audit_elf; + if (rc) { +-- +2.33.0 + diff --git a/backport-first-part-of-NULL-pointer-checks.patch b/backport-first-part-of-NULL-pointer-checks.patch new file mode 100644 index 0000000000000000000000000000000000000000..337b8d8e7428e840ad06acaf3a7d7cc40884432e --- /dev/null +++ b/backport-first-part-of-NULL-pointer-checks.patch @@ -0,0 +1,147 @@ +From b046de44454fa2616dbb8899f1b41d65ce876e33 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Fri, 15 Mar 2024 17:08:16 +0300 +Subject: [PATCH] first part of NULL pointer checks + +Reference:https://github.com/linux-audit/audit-userspace/commit/b046de44454fa2616dbb8899f1b41d65ce876e33 +Conflict:auparse/auparse.c + +--- + audisp/audispd-llist.c | 3 +++ + auparse/auparse.c | 7 +++++++ + src/auditctl-llist.c | 3 +++ + src/auditctl.c | 5 +++++ + src/ausearch-avc.c | 3 +++ + src/ausearch-int.c | 3 +++ + src/ausearch-llist.c | 3 +++ + tools/aulastlog/aulastlog-llist.c | 3 +++ + 8 files changed, 30 insertions(+) + +diff --git a/audisp/audispd-llist.c b/audisp/audispd-llist.c +index c562a72..c338327 100644 +--- a/audisp/audispd-llist.c ++++ b/audisp/audispd-llist.c +@@ -74,6 +74,9 @@ void plist_append(conf_llist *l, plugin_conf_t *p) + lnode* newnode; + + newnode = malloc(sizeof(lnode)); ++ if (newnode == NULL) { ++ return; ++ } + + if (p) { + void *pp = malloc(sizeof(struct plugin_conf)); +diff --git a/auparse/auparse.c b/auparse/auparse.c +index 036f022..abbc17b 100644 +--- a/auparse/auparse.c ++++ b/auparse/auparse.c +@@ -95,6 +95,11 @@ static int setup_log_file_array(auparse_state_t *au) + } + num--; + tmp = malloc((num+2)*sizeof(char *)); ++ if (!tmp) { ++ fprintf(stderr, "No memory\n"); ++ aup_free_config(&config); ++ return 1; ++ } + + /* Got it, now process logs from last to first */ + if (num > 0) +@@ -468,6 +473,8 @@ auparse_state_t *auparse_init(ausource_t source, const void *b) + if (access(b, R_OK)) + goto bad_exit; + tmp = malloc(2*sizeof(char *)); ++ if (tmp == NULL) ++ goto bad_exit; + tmp[0] = strdup(b); + tmp[1] = NULL; + au->source_list = tmp; +diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c +index 6e70ef1..ae9776b 100644 +--- a/src/auditctl-llist.c ++++ b/src/auditctl-llist.c +@@ -64,6 +64,9 @@ void list_append(llist *l, struct audit_rule_data *r, size_t sz) + lnode* newnode; + + newnode = malloc(sizeof(lnode)); ++ if (newnode == NULL) { ++ return; ++ } + + if (r) { + void *rr = malloc(sz); +diff --git a/src/auditctl.c b/src/auditctl.c +index 778b374..8942195 100644 +--- a/src/auditctl.c ++++ b/src/auditctl.c +@@ -1323,6 +1323,11 @@ static int fileopt(const char *file) + } + i = 0; + fields = malloc(nf * sizeof(char *)); ++ if (fields == NULL) { ++ audit_msg(LOG_ERR, "Memory allocation error"); ++ return 1; ++ } ++ + fields[i++] = "auditctl"; + fields[i++] = ptr; + while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) { +diff --git a/src/ausearch-avc.c b/src/ausearch-avc.c +index 10d153f..6aa98c7 100644 +--- a/src/ausearch-avc.c ++++ b/src/ausearch-avc.c +@@ -67,6 +67,9 @@ void alist_append(alist *l, anode *node) + anode* newnode; + + newnode = malloc(sizeof(anode)); ++ if (newnode == NULL) { ++ return; ++ } + + if (node->scontext) + newnode->scontext = node->scontext; +diff --git a/src/ausearch-int.c b/src/ausearch-int.c +index 718dacd..0e8b0ff 100644 +--- a/src/ausearch-int.c ++++ b/src/ausearch-int.c +@@ -46,6 +46,9 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) + int_node* newnode; + + newnode = malloc(sizeof(int_node)); ++ if (newnode == NULL) { ++ return; ++ } + + newnode->num = num; + newnode->hits = hits; +diff --git a/src/ausearch-llist.c b/src/ausearch-llist.c +index ef5503c..3b4ff26 100644 +--- a/src/ausearch-llist.c ++++ b/src/ausearch-llist.c +@@ -107,6 +107,9 @@ void list_append(llist *l, lnode *node) + lnode* newnode; + + newnode = malloc(sizeof(lnode)); ++ if (newnode == NULL) { ++ return; ++ } + + if (node->message) + newnode->message = node->message; +diff --git a/tools/aulastlog/aulastlog-llist.c b/tools/aulastlog/aulastlog-llist.c +index 84882ca..779afb5 100644 +--- a/tools/aulastlog/aulastlog-llist.c ++++ b/tools/aulastlog/aulastlog-llist.c +@@ -46,6 +46,9 @@ void list_append(llist *l, lnode *node) + lnode* newnode; + + newnode = malloc(sizeof(lnode)); ++ if (newnode == NULL) { ++ return; ++ } + + newnode->sec = node->sec; + newnode->uid = node->uid; +-- +2.33.0 + diff --git a/backport-fix-one-more-leak.patch b/backport-fix-one-more-leak.patch new file mode 100644 index 0000000000000000000000000000000000000000..03dadf2dcc15572bb5a1739ff5ae5a6710e65125 --- /dev/null +++ b/backport-fix-one-more-leak.patch @@ -0,0 +1,30 @@ +From 613ccbdd1011692c6724a11cc8798112dd26d202 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 21 May 2024 13:17:38 -0400 +Subject: [PATCH] fix one more leak + +Reference:https://github.com/linux-audit/audit-userspace/commit/613ccbdd1011692c6724a11cc8798112dd26d202 +Conflict:NA + +--- + src/ausearch-lol.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index 784c58f6..d156ce42 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -371,7 +371,9 @@ int lol_add_record(lol *lo, char *buff) + l = malloc(sizeof(llist)); + if (l == NULL) { + free((char *)e.node); +- fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); ++ free(n.message); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", ++ __FILE__, __LINE__); + return 0; + } + list_create(l); +-- +2.33.0 + diff --git a/backport-last-part-of-NULL-pointer-checks.patch b/backport-last-part-of-NULL-pointer-checks.patch new file mode 100644 index 0000000000000000000000000000000000000000..22dc700680935b31f0d6149c7c2f13037d5f1a1e --- /dev/null +++ b/backport-last-part-of-NULL-pointer-checks.patch @@ -0,0 +1,53 @@ +From 97f3c78b6b31126c1128927d9c85bb794a1efa17 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Fri, 15 Mar 2024 18:13:36 +0300 +Subject: [PATCH] last part of NULL pointer checks + +Reference:https://github.com/linux-audit/audit-userspace/commit/97f3c78b6b31126c1128927d9c85bb794a1efa17 +Conflict:auparse/interpret.c + +--- + auparse/interpret.c | 4 ++++ + src/ausearch-lookup.c | 4 ++++ + 2 files changed, 8 insertions(+) + +diff --git a/auparse/interpret.c b/auparse/interpret.c +index cc03a15..19934a2 100644 +--- a/auparse/interpret.c ++++ b/auparse/interpret.c +@@ -415,6 +415,9 @@ int load_interpretation_list(const char *buffer) + return 0; + + buf = strdup(buffer); ++ if (buf == NULL) { ++ goto err_out; ++ } + if (strncmp(buf, "SADDR=", 6) == 0) { + // We have SOCKADDR record. It has no other values. + // Handle it by itself. +@@ -431,6 +434,7 @@ int load_interpretation_list(const char *buffer) + return 1; + } + } ++err_out: + free(buf); + return 0; + } else { +diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c +index dd58c36..8ff881e 100644 +--- a/src/ausearch-lookup.c ++++ b/src/ausearch-lookup.c +@@ -304,6 +304,10 @@ char *unescape(const char *buf) + return NULL; + + str = strndup(buf, ptr - buf); ++ if (str == NULL) { ++ fprintf(stderr, "Memory alocation error"); ++ return NULL; ++ } + + if (*buf == '(') + return str; +-- +2.33.0 + diff --git a/backport-second-part-of-NULL-pointer-checks.patch b/backport-second-part-of-NULL-pointer-checks.patch new file mode 100644 index 0000000000000000000000000000000000000000..915d9886d771a5638f9f2fc1f731b3d0221e53f9 --- /dev/null +++ b/backport-second-part-of-NULL-pointer-checks.patch @@ -0,0 +1,188 @@ +From 15d29a145ebe67cae52316871fcdedb5a19ce628 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Fri, 15 Mar 2024 18:00:54 +0300 +Subject: [PATCH] second part of NULL pointer checks + +Reference:https://github.com/linux-audit/audit-userspace/commit/15d29a145ebe67cae52316871fcdedb5a19ce628 +Conflict:NA + +--- + audisp/plugins/zos-remote/zos-remote-queue.c | 5 +++++ + audisp/queue.c | 5 +++++ + auparse/normalize-llist.c | 3 +++ + auparse/normalize.c | 9 +++++++++ + lib/gen_tables.c | 10 ++++++++-- + src/ausearch-lol.c | 12 ++++++++++++ + src/ausearch-nvpair.c | 3 +++ + src/ausearch-string.c | 3 +++ + 8 files changed, 48 insertions(+), 2 deletions(-) + +diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c +index 37d91bd8..47dd006e 100644 +--- a/audisp/plugins/zos-remote/zos-remote-queue.c ++++ b/audisp/plugins/zos-remote/zos-remote-queue.c +@@ -130,6 +130,11 @@ void increase_queue_depth(unsigned int size) + void *tmp_q; + + tmp_q = realloc(q, size * sizeof(BerElement *)); ++ if (tmp_q == NULL) { ++ log_err("Memory allocation error");; ++ pthread_mutex_unlock(&queue_lock); ++ return; ++ } + q = tmp_q; + for (i=q_depth; inum = num; + newnode->data = data; +diff --git a/auparse/normalize.c b/auparse/normalize.c +index ae6e3d2d..58d28213 100644 +--- a/auparse/normalize.c ++++ b/auparse/normalize.c +@@ -1191,6 +1191,11 @@ static int normalize_compound(auparse_state_t *au) + if (f) { + const char *exe = auparse_interpret_field(au); + D.how = strdup(exe); ++ if (D.how == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ free((void *)syscall); ++ return 1; ++ } + if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || + (strncmp(D.how, "/usr/bin/sh", 11) == 0) || + (strncmp(D.how, "/usr/bin/bash", 13) == 0) || +@@ -1999,6 +2004,10 @@ map: + if (f) { + const char *exe = auparse_interpret_field(au); + D.how = strdup(exe); ++ if (D.how == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ return 1; ++ } + if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || + (strncmp(D.how, "/usr/bin/sh", 11) == 0) || + (strncmp(D.how, "/usr/bin/bash", 13) == 0) || +diff --git a/lib/gen_tables.c b/lib/gen_tables.c +index 3326759d..4ff233d0 100644 +--- a/lib/gen_tables.c ++++ b/lib/gen_tables.c +@@ -271,7 +271,10 @@ output_i2s(const char *prefix) + } + + unique_values = malloc(NUM_VALUES * sizeof(*unique_values)); +- assert(unique_values != NULL); ++ if (unique_values == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ abort(); ++ } + n = 0; + for (i = 0; i < NUM_VALUES; i++) { + if (n == 0 || unique_values[n - 1].val != values[i].val) { +@@ -351,7 +354,10 @@ output_i2s_transtab(const char *prefix) + printf("{%d,%zu},", values[i].val, values[i].s_offset); + } + uc_prefix = strdup(prefix); +- assert(uc_prefix != NULL); ++ if (uc_prefix == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ abort(); ++ } + for (i = 0; uc_prefix[i] != '\0'; i++) + uc_prefix[i] = toupper((unsigned char)uc_prefix[i]); + printf("\n" +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index bcfb9ad8..c2140b7e 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -47,6 +47,10 @@ void lol_create(lol *lo) + lo->maxi = -1; + lo->limit = ARRAY_LIMIT; + lo->array = (lolnode *)malloc(size); ++ if (lo->array == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ return; ++ } + memset(lo->array, 0, size); + } + +@@ -305,6 +309,10 @@ int lol_add_record(lol *lo, char *buff) + n.a1 = 0L; + n.type = e.type; + n.message = strdup(buff); ++ if(n.message == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ return 0; ++ } + ptr = strchr(n.message, AUDIT_INTERP_SEPARATOR); + if (ptr) { + n.mlen = ptr - n.message; +@@ -359,6 +367,10 @@ int lol_add_record(lol *lo, char *buff) + + // Create new event and fill it in + l = malloc(sizeof(llist)); ++ if (l == NULL) { ++ fprintf(stderr, "Memory allocation error"); ++ return 0; ++ } + list_create(l); + l->e.milli = e.milli; + l->e.sec = e.sec; +diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c +index 8d0088e5..c344c27c 100644 +--- a/src/ausearch-nvpair.c ++++ b/src/ausearch-nvpair.c +@@ -37,6 +37,9 @@ void search_list_create(nvlist *l) + void search_list_append(nvlist *l, nvnode *node) + { + nvnode* newnode = malloc(sizeof(nvnode)); ++ if (newnode == NULL) { ++ return; ++ } + + newnode->name = node->name; + newnode->val = node->val; +diff --git a/src/ausearch-string.c b/src/ausearch-string.c +index fbbacd77..f875bb2c 100644 +--- a/src/ausearch-string.c ++++ b/src/ausearch-string.c +@@ -49,6 +49,9 @@ void slist_append(slist *l, const snode *node) + snode* newnode; + + newnode = malloc(sizeof(snode)); ++ if (newnode == NULL) { ++ return; ++ } + + if (node->str) + newnode->str = node->str; +-- +2.33.0 + diff --git a/backport-update-error-messages-in-NULL-Checks.patch b/backport-update-error-messages-in-NULL-Checks.patch new file mode 100644 index 0000000000000000000000000000000000000000..992e23c0be6f29e0e280ed09c5cb71045645aa75 --- /dev/null +++ b/backport-update-error-messages-in-NULL-Checks.patch @@ -0,0 +1,279 @@ +From dc7450f2fd056c7ca5eb29182ccb30ec0a4228c5 Mon Sep 17 00:00:00 2001 +From: Yugend +Date: Fri, 22 Mar 2024 14:01:59 +0300 +Subject: [PATCH] update error messages in NULL Checks + +Reference:https://github.com/linux-audit/audit-userspace/commit/dc7450f2fd056c7ca5eb29182ccb30ec0a4228c5 +Conflict:NA + +--- + audisp/audispd-llist.c | 1 + + audisp/plugins/zos-remote/zos-remote-queue.c | 2 +- + audisp/queue.c | 2 +- + auparse/auparse.c | 2 +- + auparse/normalize-llist.c | 1 + + auparse/normalize.c | 4 ++-- + lib/gen_tables.c | 4 ++-- + src/auditctl-llist.c | 1 + + src/auditctl.c | 2 +- + src/ausearch-avc.c | 1 + + src/ausearch-int.c | 1 + + src/ausearch-llist.c | 1 + + src/ausearch-lol.c | 6 +++--- + src/ausearch-lookup.c | 2 +- + src/ausearch-nvpair.c | 1 + + src/ausearch-string.c | 1 + + tools/aulastlog/aulastlog-llist.c | 1 + + 17 files changed, 21 insertions(+), 12 deletions(-) + +diff --git a/audisp/audispd-llist.c b/audisp/audispd-llist.c +index c338327d..30d7f03b 100644 +--- a/audisp/audispd-llist.c ++++ b/audisp/audispd-llist.c +@@ -75,6 +75,7 @@ void plist_append(conf_llist *l, plugin_conf_t *p) + + newnode = malloc(sizeof(lnode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c +index f8019890..67397f38 100644 +--- a/audisp/plugins/zos-remote/zos-remote-queue.c ++++ b/audisp/plugins/zos-remote/zos-remote-queue.c +@@ -131,7 +131,7 @@ void increase_queue_depth(unsigned int size) + + tmp_q = realloc(q, size * sizeof(BerElement *)); + if (tmp_q == NULL) { +- log_err("Memory allocation error");; ++ log_err("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + pthread_mutex_unlock(&queue_lock); + return; + } +diff --git a/audisp/queue.c b/audisp/queue.c +index 76b62593..8bd20ea1 100644 +--- a/audisp/queue.c ++++ b/audisp/queue.c +@@ -230,7 +230,7 @@ void increase_queue_depth(unsigned int size) + + tmp_q = realloc(q, size * sizeof(event_t *)); + if (tmp_q == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of Memory. Check %s file, %d line", __FILE__, __LINE__); + pthread_mutex_unlock(&queue_lock); + return; + } +diff --git a/auparse/auparse.c b/auparse/auparse.c +index e782058d..c423ffa8 100644 +--- a/auparse/auparse.c ++++ b/auparse/auparse.c +@@ -114,7 +114,7 @@ static int setup_log_file_array(auparse_state_t *au) + num--; + tmp = malloc((num+2)*sizeof(char *)); + if (!tmp) { +- fprintf(stderr, "No memory\n"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + aup_free_config(&config); + free(filename); + return 1; +diff --git a/auparse/normalize-llist.c b/auparse/normalize-llist.c +index 32d5f124..433c457f 100644 +--- a/auparse/normalize-llist.c ++++ b/auparse/normalize-llist.c +@@ -67,6 +67,7 @@ void cllist_append(cllist *l, uint32_t num, void *data) + + newnode = malloc(sizeof(data_node)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/auparse/normalize.c b/auparse/normalize.c +index 58d28213..d4f6c441 100644 +--- a/auparse/normalize.c ++++ b/auparse/normalize.c +@@ -1192,7 +1192,7 @@ static int normalize_compound(auparse_state_t *au) + const char *exe = auparse_interpret_field(au); + D.how = strdup(exe); + if (D.how == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + free((void *)syscall); + return 1; + } +@@ -2005,7 +2005,7 @@ map: + const char *exe = auparse_interpret_field(au); + D.how = strdup(exe); + if (D.how == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 1; + } + if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || +diff --git a/lib/gen_tables.c b/lib/gen_tables.c +index 4ff233d0..a2930ff9 100644 +--- a/lib/gen_tables.c ++++ b/lib/gen_tables.c +@@ -272,7 +272,7 @@ output_i2s(const char *prefix) + + unique_values = malloc(NUM_VALUES * sizeof(*unique_values)); + if (unique_values == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + abort(); + } + n = 0; +@@ -355,7 +355,7 @@ output_i2s_transtab(const char *prefix) + } + uc_prefix = strdup(prefix); + if (uc_prefix == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + abort(); + } + for (i = 0; uc_prefix[i] != '\0'; i++) +diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c +index 0f81d4c8..5282ee32 100644 +--- a/src/auditctl-llist.c ++++ b/src/auditctl-llist.c +@@ -65,6 +65,7 @@ void list_append(llist *l, const struct audit_rule_data *r, size_t sz) + + newnode = malloc(sizeof(lnode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/src/auditctl.c b/src/auditctl.c +index ee7e33c8..093dca00 100644 +--- a/src/auditctl.c ++++ b/src/auditctl.c +@@ -1392,7 +1392,7 @@ static int fileopt(const char *file) + i = 0; + fields = malloc(nf * sizeof(char *)); + if (fields == NULL) { +- audit_msg(LOG_ERR, "Memory allocation error"); ++ audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 1; + } + +diff --git a/src/ausearch-avc.c b/src/ausearch-avc.c +index 6aa98c70..38576563 100644 +--- a/src/ausearch-avc.c ++++ b/src/ausearch-avc.c +@@ -68,6 +68,7 @@ void alist_append(alist *l, anode *node) + + newnode = malloc(sizeof(anode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/src/ausearch-int.c b/src/ausearch-int.c +index 0e8b0ffe..5f57b059 100644 +--- a/src/ausearch-int.c ++++ b/src/ausearch-int.c +@@ -47,6 +47,7 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) + + newnode = malloc(sizeof(int_node)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/src/ausearch-llist.c b/src/ausearch-llist.c +index 36fcae6d..7926980c 100644 +--- a/src/ausearch-llist.c ++++ b/src/ausearch-llist.c +@@ -108,6 +108,7 @@ void list_append(llist *l, lnode *node) + + newnode = malloc(sizeof(lnode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c +index 7562dc21..a5418079 100644 +--- a/src/ausearch-lol.c ++++ b/src/ausearch-lol.c +@@ -48,7 +48,7 @@ void lol_create(lol *lo) + lo->limit = ARRAY_LIMIT; + lo->array = (lolnode *)malloc(size); + if (lo->array == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + lo->limit = 0; + return; + } +@@ -311,7 +311,7 @@ int lol_add_record(lol *lo, char *buff) + n.type = e.type; + n.message = strdup(buff); + if(n.message == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 0; + } + ptr = strchr(n.message, AUDIT_INTERP_SEPARATOR); +@@ -369,7 +369,7 @@ int lol_add_record(lol *lo, char *buff) + // Create new event and fill it in + l = malloc(sizeof(llist)); + if (l == NULL) { +- fprintf(stderr, "Memory allocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return 0; + } + list_create(l); +diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c +index 86239f39..2d6f48ca 100644 +--- a/src/ausearch-lookup.c ++++ b/src/ausearch-lookup.c +@@ -303,7 +303,7 @@ char *unescape(const char *buf) + + str = strndup(buf, ptr - buf); + if (str == NULL) { +- fprintf(stderr, "Memory alocation error"); ++ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return NULL; + } + +diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c +index c344c27c..3a1b27db 100644 +--- a/src/ausearch-nvpair.c ++++ b/src/ausearch-nvpair.c +@@ -38,6 +38,7 @@ void search_list_append(nvlist *l, nvnode *node) + { + nvnode* newnode = malloc(sizeof(nvnode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/src/ausearch-string.c b/src/ausearch-string.c +index f875bb2c..bd317b96 100644 +--- a/src/ausearch-string.c ++++ b/src/ausearch-string.c +@@ -50,6 +50,7 @@ void slist_append(slist *l, const snode *node) + + newnode = malloc(sizeof(snode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +diff --git a/tools/aulastlog/aulastlog-llist.c b/tools/aulastlog/aulastlog-llist.c +index 779afb50..0b89be65 100644 +--- a/tools/aulastlog/aulastlog-llist.c ++++ b/tools/aulastlog/aulastlog-llist.c +@@ -47,6 +47,7 @@ void list_append(llist *l, lnode *node) + + newnode = malloc(sizeof(lnode)); + if (newnode == NULL) { ++ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); + return; + } + +-- +2.33.0 +