diff --git a/audit.spec b/audit.spec index c41873f190e6613de4c50141d24c3ab5c253b6b4..cf7ae27e91129f59abd460aced9e069bf4f72206 100644 --- a/audit.spec +++ b/audit.spec @@ -2,7 +2,7 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 Version: 3.1.2 -Release: 10 +Release: 11 License: GPLv2+ and LGPLv2+ URL: https://people.redhat.com/sgrubb/audit/ Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz @@ -57,6 +57,8 @@ Patch45: backport-Release-queue-mutexes-during-teardown.patch Patch46: backport-Modify-ausearch-checkpoint-code-to-address-audit-use.patch Patch47: backport-Update-_get_hostname-436.patch Patch48: backport-If-we-are-checkpointing-decide-if-we-output-this-eve.patch +Patch49: backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch +Patch50: backport-add-some-error-checking-around-timer-services.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -398,6 +400,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Tue Aug 19 2025 yanglongkang - 1:3.1.2-11 +- backport patches to fix bugs + * Tue Aug 12 2025 Linux_zhang - 1:3.1.2-10 - backport patches from upstream diff --git a/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch b/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch new file mode 100644 index 0000000000000000000000000000000000000000..ad22e9c3f4eb65080df09df4375d3fa041b7a7fd --- /dev/null +++ b/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch @@ -0,0 +1,44 @@ +From af41480e5cbe62781928aca2bb4f793f5c724800 Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Tue, 20 May 2025 17:30:32 -0400 +Subject: [PATCH] Fix filename lookup for AUSOURCE_FILE_POINTER in auparse_init + Python bindings + +--- + bindings/python/auparse_python.c | 20 +++++++++++++++----- + 1 file changed, 15 insertions(+), 5 deletions(-) + +diff --git a/bindings/python/auparse_python.c b/bindings/python/auparse_python.c +index 9ab919b32..f0678a4e9 100644 +--- a/bindings/python/auparse_python.c ++++ b/bindings/python/auparse_python.c +@@ -463,14 +463,24 @@ AuParser_init(AuParser *self, PyObject *args, PyObject *kwds) + PyErr_SetString(PyExc_TypeError, "source must be open file when source_type is AUSOURCE_FILE_POINTER"); + return -1; + } ++ const char *filename = NULL; + #if PY_MAJOR_VERSION < 3 +- int fd = fileno(fp); +- fp = fdopen(fd, "r"); ++ int fd = fileno(fp); ++ fp = fdopen(fd, "r"); ++ /* PyFile_Name is available in Python 2 */ ++ filename = PYSTR_ASSTRING(PyFile_Name(source)); ++#else ++ /* In Python 3 obtain the name attribute if possible */ ++ PyObject *name_obj = PyObject_GetAttrString(source, "name"); ++ if (name_obj && PYSTR_CHECK(name_obj)) ++ filename = PYSTR_ASSTRING(name_obj); ++ Py_XDECREF(name_obj); + #endif + if ((self->au = auparse_init(source_type, fp)) == NULL) { +- //char *filename = PYSTR_ASSTRING(PyFile_Name(source)); +- char *filename = "TODO"; +- PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename); ++ if (filename) ++ PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename); ++ else ++ PyErr_SetFromErrno(PyExc_IOError); + return -1; + } + } break; diff --git a/backport-add-some-error-checking-around-timer-services.patch b/backport-add-some-error-checking-around-timer-services.patch new file mode 100644 index 0000000000000000000000000000000000000000..a68419a1d779abc9aeebec2b24cc78a59017e2ab --- /dev/null +++ b/backport-add-some-error-checking-around-timer-services.patch @@ -0,0 +1,131 @@ +From 5490ce232729fecc114fd5b492344afd8d78c89d Mon Sep 17 00:00:00 2001 +From: Steve Grubb +Date: Sat, 24 May 2025 15:21:45 -0400 +Subject: [PATCH] add some error checking around timer services + +--- + audisp/plugins/ids/nvpair.c | 6 +++++- + audisp/plugins/ids/nvpair.h | 2 +- + audisp/plugins/ids/reactions.c | 8 ++------ + audisp/plugins/ids/timer-services.c | 16 +++++++++++++--- + audisp/plugins/ids/timer-services.h | 2 +- + 5 files changed, 22 insertions(+), 12 deletions(-) + +diff --git a/audisp/plugins/ids/nvpair.c b/audisp/plugins/ids/nvpair.c +index a62ab86e4..9ad24cb88 100644 +--- a/audisp/plugins/ids/nvpair.c ++++ b/audisp/plugins/ids/nvpair.c +@@ -46,9 +46,11 @@ void nvpair_list_create(nvlist *l) + return l->cur; + }*/ + +-void nvpair_list_append(nvlist *l, nvnode *node) ++int nvpair_list_append(nvlist *l, nvnode *node) + { + nvnode* newnode = malloc(sizeof(nvnode)); ++ if (newnode == NULL) ++ return 1; + + newnode->arg = node->arg; + newnode->job = node->job; +@@ -70,6 +72,8 @@ void nvpair_list_append(nvlist *l, nvnode *node) + // make newnode current + l->cur = newnode; + l->cnt++; ++ ++ return 0; + } + + int nvpair_list_find_job(nvlist *l, time_t t) +diff --git a/audisp/plugins/ids/nvpair.h b/audisp/plugins/ids/nvpair.h +index e93e9be51..45d9a85c7 100644 +--- a/audisp/plugins/ids/nvpair.h ++++ b/audisp/plugins/ids/nvpair.h +@@ -51,7 +51,7 @@ void nvpair_list_create(nvlist *l); + static inline void nvlist_first(nvlist *l) { l->cur = l->head; } + //nvnode *nvlist_next(nvlist *l); + static inline nvnode *nvpair_list_get_cur(nvlist *l) { return l->cur; } +-void nvpair_list_append(nvlist *l, nvnode *node); ++int nvpair_list_append(nvlist *l, nvnode *node); + void nvpair_list_delete_cur(nvlist *l); + void nvpair_list_clear(nvlist* l); + +diff --git a/audisp/plugins/ids/reactions.c b/audisp/plugins/ids/reactions.c +index 43f6f08dd..2d7ae9881 100644 +--- a/audisp/plugins/ids/reactions.c ++++ b/audisp/plugins/ids/reactions.c +@@ -206,9 +206,7 @@ int lock_account_timed(const char *acct, unsigned long length) + if (rc) + return rc; + +- add_timer_job(UNLOCK_ACCOUNT, acct, length); +- +- return 0; ++ return add_timer_job(UNLOCK_ACCOUNT, acct, length); + } + + int block_ip_address(const char *addr) +@@ -227,9 +225,7 @@ int block_ip_address_timed(const char *addr, unsigned long length) + if (rc) + return rc; + +- add_timer_job(UNBLOCK_ADDRESS, addr, length); +- +- return 0; ++ return add_timer_job(UNBLOCK_ADDRESS, addr, length); + } + + #define MINUTES 60 +diff --git a/audisp/plugins/ids/timer-services.c b/audisp/plugins/ids/timer-services.c +index 773e077d4..ca3d68c59 100644 +--- a/audisp/plugins/ids/timer-services.c ++++ b/audisp/plugins/ids/timer-services.c +@@ -25,6 +25,7 @@ + #include + #include + #include // for snprintf ++#include // for free + #include "timer-services.h" + #include "nvpair.h" + #include "reactions.h" +@@ -88,15 +89,24 @@ void do_timer_services(unsigned int interval) + } + } + +-void add_timer_job(jobs_t job, const char *arg, unsigned long length) ++int add_timer_job(jobs_t job, const char *arg, unsigned long length) + { + nvnode node; + + node.job = job; +- node.arg = strdup(arg); + node.expiration = time(NULL) + length; ++ node.arg = strdup(arg); ++ if (node.arg == NULL) { ++ if (debug) ++ my_printf("timer-services: strdup failed adding job"); ++ return 1; ++ } + +- nvpair_list_append(&jobs, &node); ++ if (nvpair_list_append(&jobs, &node)) { ++ free(node.arg); ++ return 1; ++ } ++ return 0; + } + + void shutdown_timer_services(void) +diff --git a/audisp/plugins/ids/timer-services.h b/audisp/plugins/ids/timer-services.h +index 8a13c15a3..03fca14a3 100644 +--- a/audisp/plugins/ids/timer-services.h ++++ b/audisp/plugins/ids/timer-services.h +@@ -28,7 +28,7 @@ typedef enum {UNLOCK_ACCOUNT, UNBLOCK_ADDRESS} jobs_t; + + void init_timer_services(void); + void do_timer_services(unsigned int interval); +-void add_timer_job(jobs_t job, const char *arg, unsigned long length); ++int add_timer_job(jobs_t job, const char *arg, unsigned long length); + void shutdown_timer_services(void); + + #endif