diff --git a/audit-3.1.2.tar.gz b/audit-3.1.2.tar.gz deleted file mode 100644 index 3fcd3f92372652ab8711121afa1caf6a889ec525..0000000000000000000000000000000000000000 Binary files a/audit-3.1.2.tar.gz and /dev/null differ diff --git a/audit-Add-sw64-architecture.patch b/audit-Add-sw64-architecture.patch index 8e3f73fb4f56b31f13f629c0c532257a199fedec..7654c8ac6ae0487ff9c5700ca9b0017d70f95138 100644 --- a/audit-Add-sw64-architecture.patch +++ b/audit-Add-sw64-architecture.patch @@ -1,68 +1,22 @@ -From df547703bb90026dcff152e64bc55503ad26d815 Mon Sep 17 00:00:00 2001 +From b0e6ff4bf0ca5fc60e7ab6c4c7095bbd8c2b9e08 Mon Sep 17 00:00:00 2001 From: wuzx Date: Fri, 18 Nov 2022 13:19:49 +0800 -Subject: [PATCH] Add sw64 architecture +Subject: [PATCH 3/3] Add sw64 architecture Add sw64 architecture in file bindings/swig/python/audit.py config.guess config.sub lib/libaudit.h src/libev/ev.c and tools/ausyscall/ausyscall.c to support sw64 architecture. Signed-off-by: wuzx --- - bindings/swig/python/audit.py | 1 + - config.guess | 8 ++++++++ - config.sub | 1 + - lib/libaudit.h | 1 + - src/libev/ev.c | 3 +++ - tools/ausyscall/ausyscall.c | 6 ++++++ - 6 files changed, 20 insertions(+) + lib/libaudit.h | 1 + + src/libev/ev.c | 3 +++ + tools/ausyscall/ausyscall.c | 6 ++++++ + 3 files changed, 10 insertions(+) -diff --git a/bindings/swig/python/audit.py b/bindings/swig/python/audit.py -index 69631a7..14fa89b 100644 ---- a/bindings/swig/python/audit.py -+++ b/bindings/swig/python/audit.py -@@ -607,6 +607,7 @@ MACH_PPC = _audit.MACH_PPC - MACH_S390X = _audit.MACH_S390X - MACH_S390 = _audit.MACH_S390 - MACH_ALPHA = _audit.MACH_ALPHA -+MACH_SW_64 = _audit.MACH_SW_64 - MACH_ARM = _audit.MACH_ARM - MACH_AARCH64 = _audit.MACH_AARCH64 - MACH_PPC64LE = _audit.MACH_PPC64LE -diff --git a/config.guess b/config.guess -index b33c9e8..69e3005 100755 ---- a/config.guess -+++ b/config.guess -@@ -976,6 +976,14 @@ EOF - UNAME_MACHINE=aarch64_be - GUESS=$UNAME_MACHINE-unknown-linux-$LIBC - ;; -+ sw_64:Linux:*:*) -+ case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in -+ sw) UNAME_MACHINE=sw_64 ;; -+ esac -+ objdump --private-headers /bin/sh | grep -q ld.so.1 -+ if test "$?" = 0 ; then LIBC=gnulibc1 ; fi -+ GUESS=$UNAME_MACHINE-sunway-linux-$LIBC -+ ;; - alpha:Linux:*:*) - case `sed -n '/^cpu model/s/^.*: \(.*\)/\1/p' /proc/cpuinfo 2>/dev/null` in - EV5) UNAME_MACHINE=alphaev5 ;; -diff --git a/config.sub b/config.sub -index b51fb8c..76babe9 100755 ---- a/config.sub -+++ b/config.sub -@@ -1157,6 +1157,7 @@ case $cpu-$vendor in - | a29k \ - | aarch64 | aarch64_be \ - | abacus \ -+ | sw_64 \ - | alpha | alphaev[4-8] | alphaev56 | alphaev6[78] \ - | alpha64 | alpha64ev[4-8] | alpha64ev56 | alpha64ev6[78] \ - | alphapca5[67] | alpha64pca5[67] \ diff --git a/lib/libaudit.h b/lib/libaudit.h -index 3a8e8c8..16af222 100644 +index 7a4ac4f..cfd7981 100644 --- a/lib/libaudit.h +++ b/lib/libaudit.h -@@ -594,6 +594,7 @@ typedef enum { +@@ -187,6 +187,7 @@ typedef enum { MACH_S390X, MACH_S390, MACH_ALPHA, // Deprecated but has to stay @@ -71,7 +25,7 @@ index 3a8e8c8..16af222 100644 MACH_AARCH64, MACH_PPC64LE, diff --git a/src/libev/ev.c b/src/libev/ev.c -index 5ff936c..72765b5 100644 +index c4a0070..c9af0d9 100644 --- a/src/libev/ev.c +++ b/src/libev/ev.c @@ -828,6 +828,8 @@ struct signalfd_siginfo @@ -92,10 +46,10 @@ index 5ff936c..72765b5 100644 || defined __ia64__ \ || defined __m68k__ \ diff --git a/tools/ausyscall/ausyscall.c b/tools/ausyscall/ausyscall.c -index 4fb8f09..206e9ff 100644 +index 76c5232..6710339 100644 --- a/tools/ausyscall/ausyscall.c +++ b/tools/ausyscall/ausyscall.c -@@ -73,6 +73,12 @@ int main(int argc, char *argv[]) +@@ -75,6 +75,12 @@ int main(int argc, char *argv[]) } else if (strcmp("ia64", argv[i]) == 0) { fputs("IA64 processor support is deprecated\n", stderr); @@ -109,5 +63,5 @@ index 4fb8f09..206e9ff 100644 } else if (strcmp("arm", argv[i]) == 0) { fputs("Arm eabi processor support is not enabled\n", -- -2.33.0 +2.43.0 diff --git a/audit-userspace-4.1.2.tar.gz b/audit-userspace-4.1.2.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..69e1fcc5fa110ba2ef69269f2e8fdbd5590f105d Binary files /dev/null and b/audit-userspace-4.1.2.tar.gz differ diff --git a/audit.spec b/audit.spec index 93b34b996bb85bf215d5f2d0d0b0acc8fceaef27..3a3e84efe749f3f32544c31b3eb93e47ffb72cd0 100644 --- a/audit.spec +++ b/audit.spec @@ -1,77 +1,25 @@ Summary: User space tools for kernel auditing Name: audit Epoch: 1 -Version: 3.1.2 -Release: 12 +Version: 4.1.2 +Release: 1 License: GPLv2+ and LGPLv2+ -URL: https://people.redhat.com/sgrubb/audit/ -Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz +URL: https://github.com/linux-audit/audit-userspace/releases +Source0: %{name}-userspace-%{version}.tar.gz Source1: https://www.gnu.org/licenses/lgpl-2.1.txt Patch0: bugfix-audit-support-armv7b.patch Patch1: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch Patch2: bugfix-audit-reload-coredump.patch Patch3: audit-Add-sw64-architecture.patch -Patch4: backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch -Patch5: backport-Error-out-if-required-zos-parameters-missing.patch -Patch6: backport-Fix-deprecated-python-function.patch -Patch7: backport-lib-close-audit-socket-in-load_feature_bitmap-334.patch -Patch8: backport-lib-enclose-macro-to-avoid-precedence-issues.patch -Patch9: backport-memory-allocation-updates-341.patch -Patch10: backport-lib-cast-to-unsigned-char-for-character-test-functio.patch -Patch11: backport-Make-session-id-consistently-typed-327.patch -Patch12: backport-Avoid-file-descriptor-leaks-in-multi-threaded-applic.patch -Patch13: backport-fix-the-use-of-isdigit-everywhere.patch -Patch14: backport-Fix-new-warnings-for-unused-results.patch -Patch15: backport-Change-the-first-iteration-test-so-static-analysis-b.patch -Patch16: backport-Consolidate-end-of-event-detection-to-a-common-funct.patch -Patch17: backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.patch -Patch18: backport-lib-avoid-UB-on-sequence-wrap-around-347.patch -Patch19: backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch -Patch20: backport-Cleanup-shell-script-warnings.patch -Patch21: backport-Solve-issue-363-by-moving-check-to-after-load_config.patch -Patch22: backport-first-part-of-NULL-pointer-checks.patch -Patch23: backport-second-part-of-NULL-pointer-checks.patch -Patch24: backport-last-part-of-NULL-pointer-checks.patch -Patch25: backport-Fixed-NULL-checks.patch -Patch26: backport-update-error-messages-in-NULL-Checks.patch -Patch27: backport-adding-the-file-descriptor-closure.patch -Patch28: backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch -Patch29: backport-Use-atomic_int-if-available-for-signal-related-flags.patch -Patch30: backport-Use-atomic_uint-if-available-for-signal-related-flag.patch -Patch31: backport-avoiding-of-NULL-pointers-dereference-366.patch -Patch32: backport-Cleanup-code-in-LRU.patch -Patch33: backport-Fix-memory-leaks.patch -Patch34: backport-fix-one-more-leak.patch -Patch35: backport-Correct-output-when-displaying-rules-with-exe-path-d.patch -Patch36: backport-ausearch-format-Fix-display-of-renamed-file-411.patch -Patch37: backport-Fix-a-maybe-uninitialized-warning.patch -Patch38: backport-ausearch-parse-fix-parsing-for-success-uid-in-parse_.patch -Patch39: backport-Check-return-of-audit_strsplit.patch -Patch40: backport-Fix-audisp-remote-segfault-on-connection-error-446.patch -Patch41: backport-Fix-fuzzer-induced-parsing.patch -Patch42: backport-Fixup-leaks-in-testing-with-ASAN.patch -Patch43: backport-cllist_append-append-improvement.patch -Patch44: backport-Terminate-a-couple-strncpy.patch -Patch45: backport-Release-queue-mutexes-during-teardown.patch -Patch46: backport-Modify-ausearch-checkpoint-code-to-address-audit-use.patch -Patch47: backport-Update-_get_hostname-436.patch -Patch48: backport-If-we-are-checkpointing-decide-if-we-output-this-eve.patch -Patch49: backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch -Patch50: backport-add-some-error-checking-around-timer-services.patch -# https://github.com/linux-audit/audit-userspace/commit/b6d376d9f6a5593e7d8029fca1094f16d724bfe7 -Patch51: backport-make-slist_last-a-static-function.patch -# https://github.com/linux-audit/audit-userspace/commit/0ed54fc841e4deeeb07ece3ec5933320623ad209 -Patch52: backport-code-cleanup-constification-deadcode-removal-lower-s.patch -# https://github.com/linux-audit/audit-userspace/commit/8c7eaa7ead6c70486623674c19d649f3831578ad -Patch53: backport-Implicit-builtin-functions.patch - -BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 + +BuildRequires: gcc swig libtool systemd kernel-headers >= 5.0 BuildRequires: openldap-devel krb5-devel libcap-ng-devel %ifarch %{golang_arches} BuildRequires: golang %endif Requires: %{name}-libs = %{epoch}:%{version}-%{release} +Requires: %{name}-rules = %{epoch}:%{version}-%{release} Requires(post): systemd coreutils Requires(preun): systemd Requires(postun): systemd coreutils @@ -81,7 +29,6 @@ The audit package contains the user space utilities for storing and searching the audit records generated by the audit subsystem in the Linux 2.6 and later kernels. - %package libs Summary: Dynamic library for libaudit License: LGPLv2+ @@ -111,11 +58,21 @@ This package provides a z/OS plugin for audit event dispatcher that will forward audit events to a configured z/OS service management facility database. +%package rules +Summary: audit rules and utilities +License: GPLv2+ +Requires(post): coreutils +Requires: %{name} = %{epoch}:%{version}-%{release} +Requires: %{name}-libs = %{epoch}:%{version}-%{release} + +%description rules +The audit rules package contains the rules and utilities to load audit rules. + %package devel Summary: Header files for libaudit License: LGPLv2+ Requires: %{name}%{?_isa} = %{epoch}:%{version}-%{release} -Requires: kernel-headers >= 2.6.29 +Requires: kernel-headers >= 5.0 Provides: audit-libs-devel audit-libs-static %description devel @@ -138,11 +95,11 @@ libauparse can be used by python3. %package_help %prep -%autosetup -n %{name}-%{version} -p1 +%autosetup -n %{name}-userspace-%{version} -p1 cp %{SOURCE1} . -autoreconf -f -i %build +autoreconf -f -i %configure --sbindir=/sbin --libdir=/%{_lib} --with-python=no \ --with-python3=yes \ --enable-gssapi-krb5=yes --with-arm --with-aarch64 \ @@ -220,15 +177,6 @@ fi %post /sbin/ldconfig -files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` -if [ "$files" -eq 0 ] ; then - if [ -e /usr/share/doc/audit/rules/10-no-audit.rules ] ; then - cp /usr/share/doc/audit/rules/10-no-audit.rules /etc/audit/rules.d/audit.rules - else - touch /etc/audit/rules.d/audit.rules - fi - chmod 0600 /etc/audit/rules.d/audit.rules -fi # merge custom changes to new file if [ -d "/etc/audisp/" ];then if [ -s "/etc/audisp/plugins.d/af_unix.conf" ];then @@ -240,6 +188,18 @@ if [ -d "/etc/audisp/" ];then fi %systemd_post auditd.service +%post rules +%systemd_post audit-rules.service +files=`ls /etc/audit/rules.d/ 2>/dev/null | wc -w` +if [ "$files" -eq 0 ] ; then + if [ -e /usr/share/audit-rules/10-no-audit.rules ] ; then + cp /usr/share/audit-rules/10-no-audit.rules /etc/audit/rules.d/audit.rules + else + touch /etc/audit/rules.d/audit.rules + fi + chmod 0600 /etc/audit/rules.d/audit.rules +fi + %post -n audispd-plugins # after installing audispd-plugins if [ -d "/etc/audisp/" ];then @@ -310,8 +270,7 @@ if [ $1 -eq 0 ] && [ -x /usr/bin/systemctl ]; then /usr/bin/systemctl --no-reload disable auditd.service || : fi if [ $1 -eq 0 ]; then - # Package removal, not upgrade - /sbin/service auditd stop > /dev/null 2>&1 + auditctl --signal stop || true fi %postun @@ -321,20 +280,18 @@ if [ $1 -ge 1 ]; then fi %files -%doc README +%doc README.md %{!?_licensedir:%global license %%doc} %license COPYING lgpl-2.1.txt %attr(755,root,root) /sbin/auditctl %attr(755,root,root) /sbin/auditd %attr(755,root,root) /sbin/ausearch %attr(755,root,root) /sbin/aureport -%attr(750,root,root) /sbin/autrace -%attr(755,root,root) /sbin/augenrules %attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulastlog %attr(755,root,root) %{_bindir}/ausyscall -%attr(755,root,root) %{_bindir}/auvirt %attr(644,root,root) %{_unitdir}/auditd.service +%attr(644,root,root) %{_tmpfilesdir}/audit.conf %attr(750,root,root) %dir %{_libexecdir}/initscripts/legacy-actions/auditd %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/condrestart %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/reload @@ -343,29 +300,40 @@ fi %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/rotate %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/state %attr(750,root,root) %{_libexecdir}/initscripts/legacy-actions/auditd/stop +%attr(644,root,root) %{_sysconfdir}/bash_completion.d/audit.bash_completion %ghost %{_localstatedir}/run/auditd.state %attr(750,root,root) %dir %{_var}/log/audit -%attr(750,root,root) %dir /etc/audit -%attr(750,root,root) %dir /etc/audit/rules.d %attr(750,root,root) %dir /etc/audit/plugins.d %config(noreplace) %attr(640,root,root) /etc/audit/auditd.conf -%ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules -%ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules -%config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf %files libs /%{_lib}/libaudit.so.1* /%{_lib}/libauparse.* +/%{_lib}/libauplugin.* %config(noreplace) %attr(640,root,root) /etc/libaudit.conf +%files rules +%attr(755,root,root) %dir %{_datadir}/%{name}-rules +%attr(644,root,root) %{_datadir}/%{name}-rules/* +%attr(755,root,root) /sbin/augenrules +%attr(644,root,root) %{_unitdir}/audit-rules.service +%attr(750,root,root) %dir /etc/audit +%attr(750,root,root) %dir /etc/audit/rules.d +%ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules +%ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules +%config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules + %files -n audispd-plugins %config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf %config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf +%config(noreplace) %attr(640,root,root) /etc/audit/audisp-filter.conf +%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/filter.conf %attr(750,root,root) /sbin/audisp-remote %attr(750,root,root) /sbin/audisp-syslog %attr(750,root,root) /sbin/audisp-af_unix +%attr(750,root,root) /sbin/audisp-filter %attr(700,root,root) %dir %{_var}/spool/audit %files -n audispd-plugins-zos @@ -387,6 +355,9 @@ fi %{_includedir}/libaudit.h %{_includedir}/auparse.h %{_includedir}/auparse-defs.h +%{_includedir}/audit-records.h +%{_includedir}/audit_logging.h +%{_includedir}/auplugin.h %{_datadir}/aclocal/audit.m4 %{_libdir}/pkgconfig/audit.pc %{_libdir}/pkgconfig/auparse.pc @@ -399,13 +370,15 @@ fi %files help %defattr(-,root,root) %doc ChangeLog rules init.d/auditd.cron -%attr(644,root,root) %{_datadir}/%{name}/sample-rules/* %attr(644,root,root) %{_mandir}/man3/*.3.gz %attr(644,root,root) %{_mandir}/man5/*.5.gz %attr(644,root,root) %{_mandir}/man7/*.7.gz %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Tue Sep 16 2025 xuraoqing - 1:4.1.2-1 +- update to 4.1.2 + * Tue Aug 26 2025 jchzhou - 1:3.1.2-12 - backport patches for fixing Wimplicit-function-declaration, Wbuiltin-declaration-mismatch when building with newer compilers diff --git a/backport-Avoid-file-descriptor-leaks-in-multi-threaded-applic.patch b/backport-Avoid-file-descriptor-leaks-in-multi-threaded-applic.patch deleted file mode 100644 index afaebfee169437897bf6807bc72737f47c5ac7a8..0000000000000000000000000000000000000000 --- a/backport-Avoid-file-descriptor-leaks-in-multi-threaded-applic.patch +++ /dev/null @@ -1,137 +0,0 @@ -From 2663987c5088924bce510fcf8e7891d6aae976ba Mon Sep 17 00:00:00 2001 -From: cgzones -Date: Sat, 4 Nov 2023 03:48:39 +0100 -Subject: [PATCH] Avoid file descriptor leaks in multi-threaded applications - (#339) - -* lib: set close-on-exec flag - -libaudit may be called from a multi-threaded application. -Avoid leaking local file descriptors on a concurrent execve. - -* lib: simplify SOCK_CLOEXEC - -SOCK_CLOEXEC is supported since Linux 2.6.27. - -Reference:https://github.com/linux-audit/audit-userspace/commit/2663987c5088924bce510fcf8e7891d6aae976ba -Conflict:lib/audit_logging.c,lib/netlink.c,lib/libaudit.c - ---- - lib/audit_logging.c | 2 +- - lib/libaudit.c | 14 +++++++------- - lib/netlink.c | 12 +----------- - 3 files changed, 9 insertions(+), 19 deletions(-) - -diff --git a/lib/audit_logging.c b/lib/audit_logging.c -index 302c242..08b53aa 100644 ---- a/lib/audit_logging.c -+++ b/lib/audit_logging.c -@@ -177,7 +177,7 @@ static char *_get_commname(const char *comm, char *commname, unsigned int size) - - if (comm == NULL) { - int len; -- int fd = open("/proc/self/comm", O_RDONLY); -+ int fd = open("/proc/self/comm", O_RDONLY|O_CLOEXEC); - if (fd < 0) { - strcpy(commname, "\"?\""); - return commname; -diff --git a/lib/libaudit.c b/lib/libaudit.c -index 2cc7afd..74fa2f3 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -221,7 +221,7 @@ static int load_libaudit_config(const char *path) - char buf[128]; - - /* open the file */ -- rc = open(path, O_NOFOLLOW|O_RDONLY); -+ rc = open(path, O_NOFOLLOW|O_RDONLY|O_CLOEXEC); - if (rc < 0) { - if (errno != ENOENT) { - audit_msg(LOG_ERR, "Error opening %s (%s)", -@@ -261,7 +261,7 @@ static int load_libaudit_config(const char *path) - } - - /* it's ok, read line by line */ -- f = fdopen(fd, "rm"); -+ f = fdopen(fd, "rme"); - if (f == NULL) { - audit_msg(LOG_ERR, "Error - fdopen failed (%s)", - strerror(errno)); -@@ -705,7 +705,7 @@ char *audit_format_signal_info(char *buf, int len, char *op, - char path[32], ses[16]; - int rlen; - snprintf(path, sizeof(path), "/proc/%u", rep->signal_info->pid); -- int fd = open(path, O_RDONLY); -+ int fd = open(path, O_RDONLY|O_DIRECTORY|O_CLOEXEC); - if (fd >= 0) { - if (fstat(fd, &sb) < 0) - sb.st_uid = -1; -@@ -714,7 +714,7 @@ char *audit_format_signal_info(char *buf, int len, char *op, - sb.st_uid = -1; - snprintf(path, sizeof(path), "/proc/%u/sessionid", - rep->signal_info->pid); -- fd = open(path, O_RDONLY, rep->signal_info->pid); -+ fd = open(path, O_RDONLY|O_CLOEXEC, rep->signal_info->pid); - if (fd < 0) - strcpy(ses, "4294967295"); - else { -@@ -918,7 +918,7 @@ uid_t audit_getloginuid(void) - char buf[16]; - - errno = 0; -- in = open("/proc/self/loginuid", O_NOFOLLOW|O_RDONLY); -+ in = open("/proc/self/loginuid", O_NOFOLLOW|O_RDONLY|O_CLOEXEC); - if (in < 0) - return -1; - do { -@@ -946,7 +946,7 @@ int audit_setloginuid(uid_t uid) - - errno = 0; - count = snprintf(loginuid, sizeof(loginuid), "%u", uid); -- o = open("/proc/self/loginuid", O_NOFOLLOW|O_WRONLY|O_TRUNC); -+ o = open("/proc/self/loginuid", O_NOFOLLOW|O_WRONLY|O_TRUNC|O_CLOEXEC); - if (o >= 0) { - int block, offset = 0; - -@@ -982,7 +982,7 @@ uint32_t audit_get_session(void) - char buf[16]; - - errno = 0; -- in = open("/proc/self/sessionid", O_NOFOLLOW|O_RDONLY); -+ in = open("/proc/self/sessionid", O_NOFOLLOW|O_RDONLY|O_CLOEXEC); - if (in < 0) - return -2; - do { -diff --git a/lib/netlink.c b/lib/netlink.c -index 66a1e7c..f862da4 100644 ---- a/lib/netlink.c -+++ b/lib/netlink.c -@@ -47,7 +47,7 @@ static int check_ack(int fd); - int audit_open(void) - { - int saved_errno; -- int fd = socket(PF_NETLINK, SOCK_RAW, NETLINK_AUDIT); -+ int fd = socket(PF_NETLINK, SOCK_RAW | SOCK_CLOEXEC, NETLINK_AUDIT); - - if (fd < 0) { - saved_errno = errno; -@@ -60,16 +60,6 @@ int audit_open(void) - "Error opening audit netlink socket (%s)", - strerror(errno)); - errno = saved_errno; -- return fd; -- } -- if (fcntl(fd, F_SETFD, FD_CLOEXEC) == -1) { -- saved_errno = errno; -- audit_msg(LOG_ERR, -- "Error setting audit netlink socket CLOEXEC flag (%s)", -- strerror(errno)); -- close(fd); -- errno = saved_errno; -- return -1; - } - return fd; - } --- -2.33.0 - diff --git a/backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch b/backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch deleted file mode 100644 index 3f21a1159f4203211fc17a8fb0992d2c3fe424ed..0000000000000000000000000000000000000000 --- a/backport-Change-python-bindings-to-switch-from-PyEval_CallObj.patch +++ /dev/null @@ -1,30 +0,0 @@ -From cd7599210fe398360ddb81c0c2453a085d408089 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Mon, 19 Feb 2024 10:50:42 -0500 -Subject: [PATCH] Change python bindings to switch from PyEval_CallObject on - 3.12 and later to silence warning - - -Reference:https://github.com/linux-audit/audit-userspace/commit/cd7599210fe398360ddb81c0c2453a085d408089 -Conflict:NA - ---- - bindings/python/auparse_python.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bindings/python/auparse_python.c b/bindings/python/auparse_python.c -index 99d37cca..9ab919b3 100644 ---- a/bindings/python/auparse_python.c -+++ b/bindings/python/auparse_python.c -@@ -290,7 +290,7 @@ static void auparse_callback(auparse_state_t *au, - if (debug) printf("<< auparse_callback\n"); - arglist = Py_BuildValue("OiO", cb->py_AuParser, cb_event_type, - cb->user_data); --#if PY_MINOR_VERSION >= 13 -+#if PY_MINOR_VERSION >= 12 - result = PyObject_CallObject(cb->func, arglist); - #else - result = PyEval_CallObject(cb->func, arglist); --- -2.33.0 - diff --git a/backport-Change-the-first-iteration-test-so-static-analysis-b.patch b/backport-Change-the-first-iteration-test-so-static-analysis-b.patch deleted file mode 100644 index bf5a1931ca8d8578e0898714eff53172ff6c0499..0000000000000000000000000000000000000000 --- a/backport-Change-the-first-iteration-test-so-static-analysis-b.patch +++ /dev/null @@ -1,39 +0,0 @@ -From b84b007cd0ef504e8c86b8cc73646f3119ed343c Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Wed, 29 Nov 2023 15:49:21 -0500 -Subject: [PATCH] Change the first iteration test so static analysis better - understands the code - -Reference:https://github.com/linux-audit/audit-userspace/commit/b84b007cd0ef504e8c86b8cc73646f3119ed343c -Conflict:NA - ---- - tools/aulast/aulast-llist.c | 10 +++++++--- - 1 file changed, 7 insertions(+), 3 deletions(-) - -diff --git a/tools/aulast/aulast-llist.c b/tools/aulast/aulast-llist.c -index 87638ebc..d7765ba4 100644 ---- a/tools/aulast/aulast-llist.c -+++ b/tools/aulast/aulast-llist.c -@@ -140,11 +140,15 @@ int list_update_logout(llist* l, time_t t, unsigned long serial) - lnode *list_delete_cur(llist *l) - { - register lnode *cur, *prev; -- -- prev = cur = l->head; /* start at the beginning */ -+ -+ if (l == NULL || l->head == NULL) -+ return NULL; -+ -+ prev = cur = l->head; /* start at the beginning */ - while (cur) { - if (cur == l->cur) { -- if (cur == prev && cur == l->head) { -+ // If the first iteration -+ if (prev == l->head && cur == l->head) { - l->head = cur->next; - l->cur = cur->next; - free((void *)cur->name); --- -2.33.0 - diff --git a/backport-Check-return-of-audit_strsplit.patch b/backport-Check-return-of-audit_strsplit.patch deleted file mode 100644 index 1dfe3b9e5c682f79741c2734a1c06c220730819e..0000000000000000000000000000000000000000 --- a/backport-Check-return-of-audit_strsplit.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 0b27bb4d4c309bbef88945ee7b62722f9e54458f Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Mon, 17 Mar 2025 08:27:28 -0400 -Subject: [PATCH] Check return of audit_strsplit - -This fixes Issue #440 ---- - src/ausearch-lol.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 9d5110e8..c8644970 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -191,6 +191,8 @@ static int extract_timestamp(const char *b, event *e) - if (*ptr == 'n') { - tnode = ptr+5; - ptr = audit_strsplit(NULL); -+ if (ptr == NULL) -+ return 0; - } else - tnode = NULL; - --- -2.43.0 - diff --git a/backport-Cleanup-code-in-LRU.patch b/backport-Cleanup-code-in-LRU.patch deleted file mode 100644 index ffd5ce2eda5364842a486ba39cf161ae6f867dde..0000000000000000000000000000000000000000 --- a/backport-Cleanup-code-in-LRU.patch +++ /dev/null @@ -1,77 +0,0 @@ -From 4939b8541322cbf3a53affc28e71ce53d92f121f Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 3 May 2024 17:50:35 -0400 -Subject: [PATCH] Cleanup code in LRU - -Dont dereference anything until after checking if the queue is not empty. -Also, leave a note disputing static analysis thinking there is a use after -free destroying the queue. - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/4939b8541322cbf3a53affc28e71ce53d92f121f - ---- - auparse/lru.c | 20 ++++++++++++-------- - 1 file changed, 12 insertions(+), 8 deletions(-) - -diff --git a/auparse/lru.c b/auparse/lru.c -index 05c4088d..f30bcf41 100644 ---- a/auparse/lru.c -+++ b/auparse/lru.c -@@ -116,6 +116,11 @@ static void destroy_queue(Queue *queue) - dump_queue_stats(queue); - #endif - -+ // Some static analysis scanners try to flag this as a use after -+ // free accessing queue->end. This is a false positive. It is freed. -+ // However, static analysis apps are incapable of seeing that in -+ // remove_node, end is updated to a prior node as part of detaching -+ // the current end node. - while (queue->count) - dequeue(queue); - -@@ -252,34 +257,33 @@ out: - sanity_check_queue(queue, "2 remove_node"); - } - --// Remove from the end of the queue -+// Remove from the end of the queue - static void dequeue(Queue *queue) - { -- QNode *temp = queue->end; -- - if (queue_is_empty(queue)) - return; - -+ QNode *temp = queue->end; - remove_node(queue, queue->end); - - // if (queue->cleanup) - // queue->cleanup(temp->str); - free(temp->str); - free(temp); -- -+ - // decrement the total of full slots by 1 - queue->count--; - } -- -+ - // Remove front of the queue because its a mismatch - void lru_evict(Queue *queue, unsigned int key) - { -+ if (queue_is_empty(queue)) -+ return; -+ - Hash *hash = queue->hash; - QNode *temp = queue->front; - -- if (queue_is_empty(queue)) -- return; -- - hash->array[key] = NULL; - remove_node(queue, queue->front); - --- -2.33.0 - diff --git a/backport-Cleanup-shell-script-warnings.patch b/backport-Cleanup-shell-script-warnings.patch deleted file mode 100644 index e56ecfdf9cd311052a3898741add57386df96967..0000000000000000000000000000000000000000 --- a/backport-Cleanup-shell-script-warnings.patch +++ /dev/null @@ -1,111 +0,0 @@ -From 79c1212ff38254a961c27d8eb10bc766e412ffe9 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 23 Feb 2024 12:26:05 -0500 -Subject: [PATCH] Cleanup shell script warnings - -Reference:https://github.com/linux-audit/audit-userspace/commit/79c1212ff38254a961c27d8eb10bc766e412ffe9 -Conflict:NA - ---- - init.d/auditd.reload | 2 +- - init.d/auditd.resume | 2 +- - init.d/auditd.rotate | 2 +- - init.d/auditd.state | 6 +++--- - init.d/auditd.stop | 2 +- - init.d/augenrules | 2 +- - 6 files changed, 8 insertions(+), 8 deletions(-) - -diff --git a/init.d/auditd.reload b/init.d/auditd.reload -index 53ff2f4..4f09d00 100644 ---- a/init.d/auditd.reload -+++ b/init.d/auditd.reload -@@ -3,7 +3,7 @@ - # directly supported by systemd - - # Check that we are root ... so non-root users stop here --test $(id -u) = 0 || exit 4 -+test "$(id -u)" = "0" || exit 4 - - printf "Reconfiguring: " - /sbin/augenrules --load -diff --git a/init.d/auditd.resume b/init.d/auditd.resume -index 96189eb..8193bea 100644 ---- a/init.d/auditd.resume -+++ b/init.d/auditd.resume -@@ -3,7 +3,7 @@ - # directly supported by systemd - - # Check that we are root ... so non-root users stop here --test $(id -u) = 0 || exit 4 -+test "$(id -u)" = "0" || exit 4 - - printf "Resuming logging: " - /sbin/auditctl --signal resume -diff --git a/init.d/auditd.rotate b/init.d/auditd.rotate -index dcb12c2..8bb6553 100644 ---- a/init.d/auditd.rotate -+++ b/init.d/auditd.rotate -@@ -3,7 +3,7 @@ - # directly supported by systemd - - # Check that we are root ... so non-root users stop here --test $(id -u) = 0 || exit 4 -+test "$(id -u)" = "0" || exit 4 - - printf "Rotating logs: " - /sbin/auditctl --signal rotate -diff --git a/init.d/auditd.state b/init.d/auditd.state -index 6ae0845..c59fe5a 100644 ---- a/init.d/auditd.state -+++ b/init.d/auditd.state -@@ -3,7 +3,7 @@ - # directly supported by systemd - - # Check that we are root ... so non-root users stop here --test $(id -u) = 0 || exit 4 -+test "$(id -u)" = "0" || exit 4 - - PATH=/sbin:/bin:/usr/bin:/usr/sbin - state_file="/var/run/auditd.state" -@@ -11,10 +11,10 @@ state_file="/var/run/auditd.state" - printf "Getting auditd internal state: " - /sbin/auditctl --signal state - RETVAL=$? --echo -e "\n" - sleep 1 --if [ $? -eq 0 ] ; then -+if [ $RETVAL -eq 0 ] ; then - if [ -e $state_file ] ; then -+ printf "\n\n" - cat $state_file - fi - fi -diff --git a/init.d/auditd.stop b/init.d/auditd.stop -index 5049285..41c67d6 100644 ---- a/init.d/auditd.stop -+++ b/init.d/auditd.stop -@@ -3,7 +3,7 @@ - # directly supported by systemd - - # Check that we are root ... so non-root users stop here --test $(id -u) = 0 || exit 4 -+test "$(id -u)" = "0" || exit 4 - - PATH=/sbin:/bin:/usr/bin:/usr/sbin - prog="auditd" -diff --git a/init.d/augenrules b/init.d/augenrules -index ea96aa7..605cfef 100644 ---- a/init.d/augenrules -+++ b/init.d/augenrules -@@ -35,7 +35,7 @@ RETVAL=0 - usage="Usage: $0 [--check|--load]" - - # Delete the interim file on faults --trap 'rm -f ${TmpRules}; exit 1' 1 2 3 13 15 -+trap 'rm -f ${TmpRules}; exit 1' HUP INT QUIT PIPE TERM - - try_load() { - if [ $LoadRules -eq 1 ] ; then --- -2.33.0 - diff --git a/backport-Consolidate-end-of-event-detection-to-a-common-funct.patch b/backport-Consolidate-end-of-event-detection-to-a-common-funct.patch deleted file mode 100644 index 4045db46ad1ffb10b8d916fc588acd5720d3f62c..0000000000000000000000000000000000000000 --- a/backport-Consolidate-end-of-event-detection-to-a-common-funct.patch +++ /dev/null @@ -1,143 +0,0 @@ -From 6dabe8de1c502b4bcd0ad945f6d7636d5aeb9fed Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 26 Aug 2023 08:52:25 -0400 -Subject: [PATCH] Consolidate end of event detection to a common function - -Reference:https://github.com/linux-audit/audit-userspace/commit/6dabe8de1c502b4bcd0ad945f6d7636d5aeb9fed -Conflict:ChangeLog - ---- - auparse/auparse.c | 9 +-------- - common/Makefile.am | 2 +- - common/common.c | 43 +++++++++++++++++++++++++++++++++++++++++++ - common/common.h | 3 ++- - src/ausearch-lol.c | 9 ++------- - 5 files changed, 49 insertions(+), 17 deletions(-) - create mode 100644 common/common.c - -diff --git a/auparse/auparse.c b/auparse/auparse.c -index 6f3fb945..359b1875 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -309,14 +309,7 @@ static void au_check_events(auparse_state_t *au, time_t sec) - if (cur->l->e.sec + eoe_timeout <= sec) { - cur->status = EBS_COMPLETE; - au->au_ready++; -- } else if ( // FIXME: Check this v remains true -- r->type == AUDIT_PROCTITLE || -- r->type == AUDIT_EOE || -- r->type < AUDIT_FIRST_EVENT || -- r->type >= AUDIT_FIRST_ANOM_MSG || -- r->type == AUDIT_KERNEL || -- (r->type >= AUDIT_MAC_UNLBL_ALLOW && -- r->type <= AUDIT_MAC_CALIPSO_DEL)) { -+ } else if (audit_is_last_record(r->type)) { - // If known to be 1 record event, we are done - cur->status = EBS_COMPLETE; - au->au_ready++; -diff --git a/common/Makefile.am b/common/Makefile.am -index dbf0f76c..9738ee87 100644 ---- a/common/Makefile.am -+++ b/common/Makefile.am -@@ -27,6 +27,6 @@ AM_CPPFLAGS = -I${top_srcdir} -I${top_srcdir}/lib - - noinst_HEADERS = common.h - libaucommon_la_DEPENDENCIES = ../config.h --libaucommon_la_SOURCES = audit-fgets.c strsplit.c -+libaucommon_la_SOURCES = audit-fgets.c strsplit.c common.c - noinst_LTLIBRARIES = libaucommon.la - -diff --git a/common/common.c b/common/common.c -new file mode 100644 -index 00000000..cbfa46cb ---- /dev/null -+++ b/common/common.c -@@ -0,0 +1,43 @@ -+/* common.c -- -+ * Copyright 2023 Red Hat Inc. -+ * All Rights Reserved. -+ * -+ * This library is free software; you can redistribute it and/or -+ * modify it under the terms of the GNU Lesser General Public -+ * License as published by the Free Software Foundation; either -+ * version 2.1 of the License, or (at your option) any later version. -+ * -+ * This library is distributed in the hope that it will be useful, -+ * but WITHOUT ANY WARRANTY; without even the implied warranty of -+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU -+ * Lesser General Public License for more details. -+ * -+ * You should have received a copy of the GNU Lesser General Public -+ * License along with this library; if not, write to the Free Software -+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA -+ * -+ * Authors: -+ * Steve Grubb -+ */ -+ -+#include "libaudit.h" -+#include "common.h" -+ -+/* -+ * This function returns 1 if it is the last record in an event. -+ * It returns 0 otherwise. -+ */ -+int audit_is_last_record(int type) -+{ -+ if (type == AUDIT_PROCTITLE || -+ type == AUDIT_EOE || -+ type < AUDIT_FIRST_EVENT || -+ type >= AUDIT_FIRST_ANOM_MSG || -+ type == AUDIT_KERNEL || -+ (type >= AUDIT_MAC_UNLBL_ALLOW && -+ type <= AUDIT_MAC_CALIPSO_DEL)) { -+ return 1; -+ } -+ return 0; -+} -+ -diff --git a/common/common.h b/common/common.h -index 6a5437e9..1db80d4b 100644 ---- a/common/common.h -+++ b/common/common.h -@@ -1,5 +1,5 @@ - /* audit-fgets.h -- a replacement for glibc's fgets -- * Copyright 2018,2022 Red Hat Inc. -+ * Copyright 2018-23 Red Hat Inc. - * All Rights Reserved. - * - * This library is free software; you can redistribute it and/or -@@ -38,6 +38,7 @@ int audit_fgets(char *buf, size_t blen, int fd) - - char *audit_strsplit_r(char *s, char **savedpp); - char *audit_strsplit(char *s); -+int audit_is_last_record(int type); - - AUDIT_HIDDEN_END - #endif -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 4a7e5fdf..9ed39d4f 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -252,16 +252,11 @@ static void check_events(lol *lo, time_t sec) - if (cur->l->e.sec + eoe_timeout <= sec) { - cur->status = L_COMPLETE; - ready++; -- } else if (cur->l->e.type == AUDIT_PROCTITLE || -- cur->l->e.type < AUDIT_FIRST_EVENT || -- cur->l->e.type >= AUDIT_FIRST_ANOM_MSG || -- cur->l->e.type == AUDIT_KERNEL || -- (cur->l->e.type >= AUDIT_MAC_UNLBL_ALLOW && -- cur->l->e.type <= AUDIT_MAC_CALIPSO_DEL)) { -+ } else if (audit_is_last_record(cur->l->e.type)) { - // If known to be 1 record event, we are done - cur->status = L_COMPLETE; - ready++; -- } -+ } - } - } - } --- -2.33.0 - diff --git a/backport-Correct-output-when-displaying-rules-with-exe-path-d.patch b/backport-Correct-output-when-displaying-rules-with-exe-path-d.patch deleted file mode 100644 index aa9ade30abb5361ba8e5443aa0c3618182c234f8..0000000000000000000000000000000000000000 --- a/backport-Correct-output-when-displaying-rules-with-exe-path-d.patch +++ /dev/null @@ -1,52 +0,0 @@ -From e5b0c9d74a54e0c6c83ba402807a53e4544b7898 Mon Sep 17 00:00:00 2001 -From: Attila Lakatos -Date: Wed, 12 Jun 2024 18:22:00 +0200 -Subject: [PATCH] Correct output when displaying rules with exe/path/dir (#379) - -Some audit operators were not displayed properly -because auditctl used the "=" operator in all -the scenarios mentioned above. - -Reference:https://github.com/linux-audit/audit-userspace/commit/e5b0c9d74a54e0c6c83ba402807a53e4544b7898 -Conflict:NA - ---- - src/auditctl-listing.c | 11 ++++++++--- - 1 file changed, 8 insertions(+), 3 deletions(-) - -diff --git a/src/auditctl-listing.c b/src/auditctl-listing.c -index 57ae1837..9c322670 100644 ---- a/src/auditctl-listing.c -+++ b/src/auditctl-listing.c -@@ -380,7 +380,9 @@ static void print_rule(const struct audit_rule_data *r) - printf("-w %.*s", r->values[i], - &r->buf[boffset]); - else -- printf(" -F path=%.*s", r->values[i], -+ printf(" -F path%s%.*s", -+ audit_operator_to_symbol(op), -+ r->values[i], - &r->buf[boffset]); - boffset += r->values[i]; - } else if (field == AUDIT_DIR) { -@@ -388,12 +390,15 @@ static void print_rule(const struct audit_rule_data *r) - printf("-w %.*s", r->values[i], - &r->buf[boffset]); - else -- printf(" -F dir=%.*s", r->values[i], -+ printf(" -F dir%s%.*s", -+ audit_operator_to_symbol(op), -+ r->values[i], - &r->buf[boffset]); - - boffset += r->values[i]; - } else if (field == AUDIT_EXE) { -- printf(" -F exe=%.*s", -+ printf(" -F exe%s%.*s", -+ audit_operator_to_symbol(op), - r->values[i], &r->buf[boffset]); - boffset += r->values[i]; - } else if (field == AUDIT_FILTERKEY) { --- -2.33.0 - diff --git a/backport-Error-out-if-required-zos-parameters-missing.patch b/backport-Error-out-if-required-zos-parameters-missing.patch deleted file mode 100644 index 33f31416d401ab0ab1ac2cdd7671c8d54ef9d7b4..0000000000000000000000000000000000000000 --- a/backport-Error-out-if-required-zos-parameters-missing.patch +++ /dev/null @@ -1,41 +0,0 @@ -From bbe96f9798451129ae2555f92e2f698f842f7833 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 10 Oct 2023 08:22:49 -0400 -Subject: [PATCH] Error out if required zos parameters missing - - -Reference:https://github.com/linux-audit/audit-userspace/commit/bbe96f9798451129ae2555f92e2f698f842f7833 -Conflict:NA - ---- - audisp/plugins/zos-remote/zos-remote-ldap.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/audisp/plugins/zos-remote/zos-remote-ldap.c b/audisp/plugins/zos-remote/zos-remote-ldap.c -index 7dd1424f..7e27eda4 100644 ---- a/audisp/plugins/zos-remote/zos-remote-ldap.c -+++ b/audisp/plugins/zos-remote/zos-remote-ldap.c -@@ -134,14 +134,18 @@ retry: - - int zos_remote_init(ZOS_REMOTE *zos_remote, const char *server, int port, - const char *user, const char *password, int timeout) --{ -+{ -+ if (server == NULL || user == NULL || password == NULL) { -+ log_err("Error: required parameters are not present in config file"); -+ return ICTX_E_FATAL; -+ } - zos_remote->server = strdup(server); - zos_remote->port = port; - zos_remote->user = strdup(user); - zos_remote->password = strdup(password); - zos_remote->timeout = timeout; - zos_remote->connected = 0; -- -+ - if (!zos_remote->server || !zos_remote->user || !zos_remote->password) { - log_err("Error allocating memory for session members"); - return ICTX_E_FATAL; --- -2.33.0 - diff --git a/backport-Fix-a-maybe-uninitialized-warning.patch b/backport-Fix-a-maybe-uninitialized-warning.patch deleted file mode 100644 index 70cfe574c8ad1159793584634dee2b7c40c48ce7..0000000000000000000000000000000000000000 --- a/backport-Fix-a-maybe-uninitialized-warning.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 25d5458a396a07e56f36f651da2c51b528fb293a Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Thu, 2 Jan 2025 16:32:34 -0500 -Subject: [PATCH] Fix a maybe uninitialized warning - -Reference:https://github.com/linux-audit/audit-userspace/commit/25d5458a396a07e56f36f651da2c51b528fb293a -Conflict:NA - ---- - src/ausearch-parse.c | 9 +++------ - 1 file changed, 3 insertions(+), 6 deletions(-) - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index e15396d7..68e2b29e 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -1556,7 +1556,7 @@ static int parse_daemon1(const lnode *n, search_items *s) - if (str) { - ptr = str + 5; - term = strchr(ptr, ' '); -- if (term == NULL) -+ if (term == NULL) - return 7; - saved = *term; - *term = 0; -@@ -1565,13 +1565,11 @@ static int parse_daemon1(const lnode *n, search_items *s) - if (errno) - return 8; - *term = saved; -- } else -- term = ptr; -+ } - } - - // ses - optional - if (event_session_id != -2) { -- ptr = term; - str = strstr(term, "ses="); - if (str) { - ptr = str + 4; -@@ -1585,8 +1583,7 @@ static int parse_daemon1(const lnode *n, search_items *s) - if (errno) - return 10; - *term = saved; -- } else -- term = ptr; -+ } - } - - if (event_subject) { --- -2.33.0 - diff --git a/backport-Fix-audisp-remote-segfault-on-connection-error-446.patch b/backport-Fix-audisp-remote-segfault-on-connection-error-446.patch deleted file mode 100644 index 121ed72e909cef237b83afe6dac6034beccd9fcf..0000000000000000000000000000000000000000 --- a/backport-Fix-audisp-remote-segfault-on-connection-error-446.patch +++ /dev/null @@ -1,83 +0,0 @@ -From 5163b6d1edc086be6845e3ed6a60d297541330ef Mon Sep 17 00:00:00 2001 -From: Tobias Deiminger -Date: Fri, 11 Apr 2025 17:46:50 +0200 -Subject: [PATCH] Fix audisp-remote segfault on connection error (#446) - -audisp-remote.c:stop_sock lacked NULL pointer checks if build -configuration is with --enable-gssapi-krb5=yes. - -If auditd is started with audisp-remote plugin active and -transport=KRB5, the audisp-remote child crashes on connection errors -with segfault in krb5_cc_close due to NULL pointer dereference. This -will happen immediately at startup if the remote server is not -available, or later if an already established connection breaks. - -It may have been exploited as follows: auditd supervises the -audisp-remote child. If it sees repeated crashes, it'll report -"audisp-remote has exceeded max_restarts" (depends on config). When this -state is reached, auditd stops retrying and remote forwarding remains -broken even if the remote server becomes available again. In other -words, temporarily disturbing the network connection sufficed to -permanently break auditd forwarding. - -To fix it, check pointers in stop_sock before passing them on. - -Co-authored-by: Tobias Deiminger ---- - audisp/plugins/remote/audisp-remote.c | 40 ++++++++++++++++++--------- - 1 file changed, 27 insertions(+), 13 deletions(-) - -diff --git a/audisp/plugins/remote/audisp-remote.c b/audisp/plugins/remote/audisp-remote.c -index c7a947ef..9b2e15b0 100644 ---- a/audisp/plugins/remote/audisp-remote.c -+++ b/audisp/plugins/remote/audisp-remote.c -@@ -1060,19 +1060,33 @@ static int stop_sock(void) - if (sock >= 0) { - #ifdef USE_GSSAPI - if (USE_GSS) { -- OM_uint32 minor_status; -- gss_delete_sec_context(&minor_status, &my_context, -- GSS_C_NO_BUFFER); -- my_context = GSS_C_NO_CONTEXT; -- krb5_cc_close(kcontext, ccache); -- ccache = NULL; -- krb5_kt_close(kcontext, keytab); -- keytab = NULL; -- krb5_free_principal(kcontext, audit_princ); -- krb5_free_default_realm(kcontext, realm_name); -- realm_name = NULL; -- krb5_free_context(kcontext); -- kcontext = NULL; -+ if (my_context != GSS_C_NO_CONTEXT) { -+ OM_uint32 minor_status; -+ gss_delete_sec_context(&minor_status, &my_context, -+ GSS_C_NO_BUFFER); -+ my_context = GSS_C_NO_CONTEXT; -+ } -+ -+ if (kcontext != NULL) { -+ if (ccache != NULL) { -+ krb5_cc_close(kcontext, ccache); -+ ccache = NULL; -+ } -+ if (keytab != NULL) { -+ krb5_kt_close(kcontext, keytab); -+ keytab = NULL; -+ } -+ if (audit_princ != NULL) { -+ krb5_free_principal(kcontext, audit_princ); -+ audit_princ = NULL; -+ } -+ if (realm_name != NULL) { -+ krb5_free_default_realm(kcontext, realm_name); -+ realm_name = NULL; -+ } -+ krb5_free_context(kcontext); -+ kcontext = NULL; -+ } - } - #endif - shutdown(sock, SHUT_RDWR); --- -2.43.0 - diff --git a/backport-Fix-deprecated-python-function.patch b/backport-Fix-deprecated-python-function.patch deleted file mode 100644 index fa26127a06516ba31def30255588c395673f60d2..0000000000000000000000000000000000000000 --- a/backport-Fix-deprecated-python-function.patch +++ /dev/null @@ -1,31 +0,0 @@ -From c344a8a370afed66e78db88c2d129f6672dae1e6 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 24 Oct 2023 11:51:04 -0400 -Subject: [PATCH] Fix deprecated python function - -Reference:https://github.com/linux-audit/audit-userspace/commit/c344a8a370afed66e78db88c2d129f6672dae1e6 -Conflict:NA - ---- - bindings/python/auparse_python.c | 4 ++++ - 1 file changed, 4 insertions(+) - -diff --git a/bindings/python/auparse_python.c b/bindings/python/auparse_python.c -index 78ef832c..1371ed54 100644 ---- a/bindings/python/auparse_python.c -+++ b/bindings/python/auparse_python.c -@@ -290,7 +290,11 @@ static void auparse_callback(auparse_state_t *au, - if (debug) printf("<< auparse_callback\n"); - arglist = Py_BuildValue("OiO", cb->py_AuParser, cb_event_type, - cb->user_data); -+#if PY_MINOR_VERSION >= 13 -+ result = PyObject_CallObject(cb->func, arglist); -+#else - result = PyEval_CallObject(cb->func, arglist); -+#endif - Py_DECREF(arglist); - Py_XDECREF(result); - } --- -2.33.0 - diff --git a/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch b/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch deleted file mode 100644 index ad22e9c3f4eb65080df09df4375d3fa041b7a7fd..0000000000000000000000000000000000000000 --- a/backport-Fix-filename-lookup-for-AUSOURCE_FILE_POINTER-in-aup.patch +++ /dev/null @@ -1,44 +0,0 @@ -From af41480e5cbe62781928aca2bb4f793f5c724800 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 20 May 2025 17:30:32 -0400 -Subject: [PATCH] Fix filename lookup for AUSOURCE_FILE_POINTER in auparse_init - Python bindings - ---- - bindings/python/auparse_python.c | 20 +++++++++++++++----- - 1 file changed, 15 insertions(+), 5 deletions(-) - -diff --git a/bindings/python/auparse_python.c b/bindings/python/auparse_python.c -index 9ab919b32..f0678a4e9 100644 ---- a/bindings/python/auparse_python.c -+++ b/bindings/python/auparse_python.c -@@ -463,14 +463,24 @@ AuParser_init(AuParser *self, PyObject *args, PyObject *kwds) - PyErr_SetString(PyExc_TypeError, "source must be open file when source_type is AUSOURCE_FILE_POINTER"); - return -1; - } -+ const char *filename = NULL; - #if PY_MAJOR_VERSION < 3 -- int fd = fileno(fp); -- fp = fdopen(fd, "r"); -+ int fd = fileno(fp); -+ fp = fdopen(fd, "r"); -+ /* PyFile_Name is available in Python 2 */ -+ filename = PYSTR_ASSTRING(PyFile_Name(source)); -+#else -+ /* In Python 3 obtain the name attribute if possible */ -+ PyObject *name_obj = PyObject_GetAttrString(source, "name"); -+ if (name_obj && PYSTR_CHECK(name_obj)) -+ filename = PYSTR_ASSTRING(name_obj); -+ Py_XDECREF(name_obj); - #endif - if ((self->au = auparse_init(source_type, fp)) == NULL) { -- //char *filename = PYSTR_ASSTRING(PyFile_Name(source)); -- char *filename = "TODO"; -- PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename); -+ if (filename) -+ PyErr_SetFromErrnoWithFilename(PyExc_IOError, filename); -+ else -+ PyErr_SetFromErrno(PyExc_IOError); - return -1; - } - } break; diff --git a/backport-Fix-fuzzer-induced-parsing.patch b/backport-Fix-fuzzer-induced-parsing.patch deleted file mode 100644 index 2da50c1401345f0826274015429c32c51ee2b9b1..0000000000000000000000000000000000000000 --- a/backport-Fix-fuzzer-induced-parsing.patch +++ /dev/null @@ -1,42 +0,0 @@ -From f5d0a16f1d18a4df6d44aaa7cbd962f3c8f8b13d Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sun, 13 Apr 2025 17:44:00 -0400 -Subject: [PATCH] Fix fuzzer induced parsing - -There are 2 places where severely corrupted logs could make -ausearch/report access out of bounds string memeory. Check the -length before using them. See issue #448. ---- - src/ausearch-parse.c | 8 ++++++-- - 1 file changed, 6 insertions(+), 2 deletions(-) - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 68e2b29e..e4724bf9 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -676,7 +676,9 @@ static int parse_dir(const lnode *n, search_items *s) - char *str, *term; - - if (event_filename) { -- // dont do this search unless needed -+ // dont do this search unless needed -+ if (strlen(n->message) < 34) -+ return 0; - str = strstr(n->message+NAME_OFFSET, " cwd="); - if (str) { - str += 5; -@@ -808,8 +810,10 @@ static int parse_path(const lnode *n, search_items *s) - // anything before that. Its only time and type. - char *str, *term = n->message+NAME_OFFSET; - -+ // dont do this search unless needed -+ if (strlen(n->message) < 35) -+ return 0; - if (event_filename) { -- // dont do this search unless needed - str = strstr(term, " name="); - if (str) { - int rc; --- -2.43.0 - diff --git a/backport-Fix-memory-leaks.patch b/backport-Fix-memory-leaks.patch deleted file mode 100644 index 8afde8832006a9960fbc9aa4ea31a2fbd86a5d06..0000000000000000000000000000000000000000 --- a/backport-Fix-memory-leaks.patch +++ /dev/null @@ -1,69 +0,0 @@ -From 289dc3a077f05fba93816fbdfbbfe032322d7f64 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 21 May 2024 12:28:29 -0400 -Subject: [PATCH] Fix memory leaks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/289dc3a077f05fba93816fbdfbbfe032322d7f64 - ---- - src/auditd-listen.c | 2 +- - src/ausearch-lol.c | 2 ++ - src/ausearch-parse.c | 6 ++++-- - 3 files changed, 7 insertions(+), 3 deletions(-) - -diff --git a/src/auditd-listen.c b/src/auditd-listen.c -index ea3f137c..52076361 100644 ---- a/src/auditd-listen.c -+++ b/src/auditd-listen.c -@@ -443,8 +443,8 @@ static int negotiate_credentials(ev_tcp *io) - gss_release_name(&min_stat, &client); - return -1; - } -- gss_release_buffer(&min_stat, &send_tok); - } -+ gss_release_buffer(&min_stat, &send_tok); - } while (maj_stat == GSS_S_CONTINUE_NEEDED); - - maj_stat = gss_display_name(&min_stat, client, &recv_tok, NULL); -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index a5418079..784c58f6 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -311,6 +311,7 @@ int lol_add_record(lol *lo, char *buff) - n.type = e.type; - n.message = strdup(buff); - if(n.message == NULL) { -+ free((char *)e.node); - fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 0; - } -@@ -369,6 +370,7 @@ int lol_add_record(lol *lo, char *buff) - // Create new event and fill it in - l = malloc(sizeof(llist)); - if (l == NULL) { -+ free((char *)e.node); - fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 0; - } -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index be57606b..4c9bef0d 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -769,9 +769,11 @@ static int common_path_parser(search_items *s, char *path) - if ((sn.str[0] == '.') && ((sn.str[1] == '.') || - (sn.str[1] == '/')) && s->cwd) { - char *tmp = malloc(PATH_MAX); -- if (tmp == NULL) -+ if (tmp == NULL) { -+ free(sn.str); - return 6; -- snprintf(tmp, PATH_MAX, "%s/%s", -+ } -+ snprintf(tmp, PATH_MAX, "%s/%s", - s->cwd, sn.str); - free(sn.str); - sn.str = tmp; --- -2.33.0 - diff --git a/backport-Fix-new-warnings-for-unused-results.patch b/backport-Fix-new-warnings-for-unused-results.patch deleted file mode 100644 index 2c30d9dab059ab6f84562744d255ff65348dfa60..0000000000000000000000000000000000000000 --- a/backport-Fix-new-warnings-for-unused-results.patch +++ /dev/null @@ -1,107 +0,0 @@ -From a4e8b7e18f249fe5decdd2fe748a5068ffeaee57 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Mon, 20 Nov 2023 16:37:46 -0500 -Subject: [PATCH] Fix new warnings for unused results - -Reference:https://github.com/linux-audit/audit-userspace/commit/a4e8b7e18f249fe5decdd2fe748a5068ffeaee57 -Conflict:NA - ---- - audisp/plugins/ids/ids.c | 5 +++-- - audisp/plugins/ids/ids.h | 2 +- - audisp/plugins/statsd/audisp-statsd.c | 4 ++-- - lib/libaudit.c | 3 ++- - lib/netlink.c | 3 ++- - src/auditd.c | 3 ++- - 6 files changed, 12 insertions(+), 8 deletions(-) - -diff --git a/audisp/plugins/ids/ids.c b/audisp/plugins/ids/ids.c -index d28237e5..1446ca71 100644 ---- a/audisp/plugins/ids/ids.c -+++ b/audisp/plugins/ids/ids.c -@@ -107,9 +107,10 @@ static void destroy_audit(void) - } - - --void log_audit_event(int type, const char *text, int res) -+int log_audit_event(int type, const char *text, int res) - { -- audit_log_user_message(audit_fd, type, text, NULL, NULL, NULL, res); -+ return audit_log_user_message(audit_fd, type, text, -+ NULL, NULL, NULL, res); - } - - -diff --git a/audisp/plugins/ids/ids.h b/audisp/plugins/ids/ids.h -index f3710066..cb98cdba 100644 ---- a/audisp/plugins/ids/ids.h -+++ b/audisp/plugins/ids/ids.h -@@ -15,6 +15,6 @@ - extern int debug; - extern void my_printf(const char *fmt, ...) - __attribute__ (( format(printf, 1, 2) )); --extern void log_audit_event(int type, const char *text, int res); -+extern int log_audit_event(int type, const char *text, int res); - - #endif -diff --git a/audisp/plugins/statsd/audisp-statsd.c b/audisp/plugins/statsd/audisp-statsd.c -index db2c6111..912f9171 100644 ---- a/audisp/plugins/statsd/audisp-statsd.c -+++ b/audisp/plugins/statsd/audisp-statsd.c -@@ -218,9 +218,9 @@ static void get_kernel_status(void) - struct audit_reply rep; - - audit_request_status(audit_fd); -- audit_get_reply(audit_fd, &rep, GET_REPLY_BLOCKING, 0); -+ int rc = audit_get_reply(audit_fd, &rep, GET_REPLY_BLOCKING, 0); - -- if (rep.type == AUDIT_GET) { -+ if (rc > 0 && rep.type == AUDIT_GET) { - // add info to global audit event struct - r.lost = rep.status->lost; - r.backlog = rep.status->backlog; -diff --git a/lib/libaudit.c b/lib/libaudit.c -index e5f2a7c5..3decff12 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -473,7 +473,8 @@ int audit_set_pid(int fd, uint32_t pid, rep_wait_t wmode) - rc = poll(pfd, 1, 100); /* .1 second */ - } while (rc < 0 && errno == EINTR); - -- (void)audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0); -+ if (audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0)) -+ ; // intentionally empty - return 1; - } - -diff --git a/lib/netlink.c b/lib/netlink.c -index eeeefc26..3381651a 100644 ---- a/lib/netlink.c -+++ b/lib/netlink.c -@@ -280,7 +280,8 @@ retry: - else if (rc > 0 && rep.type == NLMSG_ERROR) { - int error = rep.error->error; - /* Eat the message */ -- (void)audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0); -+ if (audit_get_reply(fd, &rep, GET_REPLY_NONBLOCKING, 0)) -+ ; // intentionally empty - - /* NLMSG_ERROR can indicate success, only report nonzero */ - if (error) { -diff --git a/src/auditd.c b/src/auditd.c -index 2dedf35b..54b407f3 100644 ---- a/src/auditd.c -+++ b/src/auditd.c -@@ -1044,7 +1044,8 @@ static void clean_exit(void) - audit_msg(LOG_INFO, "The audit daemon is exiting."); - if (fd >= 0) { - if (!opt_aggregate_only) -- audit_set_pid(fd, 0, WAIT_NO); -+ if (audit_set_pid(fd, 0, WAIT_NO)) -+ ; // intentionally empty - audit_close(fd); - } - if (pidfile) --- -2.33.0 - diff --git a/backport-Fixed-NULL-checks.patch b/backport-Fixed-NULL-checks.patch deleted file mode 100644 index d188bf72069a6c17b3f8418af82c2efb376debab..0000000000000000000000000000000000000000 --- a/backport-Fixed-NULL-checks.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 68131717821ee5c946fb561218551c98e46d7d06 Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Tue, 19 Mar 2024 17:01:53 +0300 -Subject: [PATCH] Fixed NULL checks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/68131717821ee5c946fb561218551c98e46d7d06 - ---- - audisp/plugins/zos-remote/zos-remote-queue.c | 2 +- - auparse/auparse.c | 1 + - src/ausearch-lol.c | 1 + - 3 files changed, 3 insertions(+), 1 deletion(-) - -diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c -index 47dd006e..f8019890 100644 ---- a/audisp/plugins/zos-remote/zos-remote-queue.c -+++ b/audisp/plugins/zos-remote/zos-remote-queue.c -@@ -131,7 +131,7 @@ void increase_queue_depth(unsigned int size) - - tmp_q = realloc(q, size * sizeof(BerElement *)); - if (tmp_q == NULL) { -- log_err("Memory allocation error");; -+ log_err("Memory allocation error");; - pthread_mutex_unlock(&queue_lock); - return; - } -diff --git a/auparse/auparse.c b/auparse/auparse.c -index 516ee8f1..e782058d 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -116,6 +116,7 @@ static int setup_log_file_array(auparse_state_t *au) - if (!tmp) { - fprintf(stderr, "No memory\n"); - aup_free_config(&config); -+ free(filename); - return 1; - } - -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index c2140b7e..7562dc21 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -49,6 +49,7 @@ void lol_create(lol *lo) - lo->array = (lolnode *)malloc(size); - if (lo->array == NULL) { - fprintf(stderr, "Memory allocation error"); -+ lo->limit = 0; - return; - } - memset(lo->array, 0, size); --- -2.33.0 - diff --git a/backport-Fixup-leaks-in-testing-with-ASAN.patch b/backport-Fixup-leaks-in-testing-with-ASAN.patch deleted file mode 100644 index 37d9eb8590c61e03df53ee2514f7ab266cf66c4e..0000000000000000000000000000000000000000 --- a/backport-Fixup-leaks-in-testing-with-ASAN.patch +++ /dev/null @@ -1,26 +0,0 @@ -From 44679d4507829825fa9f0fcf146f44c01107fa1e Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sun, 15 Jun 2025 13:41:12 -0400 -Subject: [PATCH] Fixup leaks in testing with ASAN - ---- - src/auditd-event.c | 3 +++ - 1 file changed, 3 insertions(+) - -diff --git a/src/auditd-event.c b/src/auditd-event.c -index 74c4fbd..b2a4726 100644 ---- a/src/auditd-event.c -+++ b/src/auditd-event.c -@@ -243,6 +243,9 @@ static void replace_event_msg(struct auditd_event *e, const char *buf) - if (buf) { - size_t len = strlen(buf); - -+ if (e->reply.message != e->reply.msg.data) -+ free((void *)e->reply.message); -+ - if (len < MAX_AUDIT_MESSAGE_LENGTH - 1) - e->reply.message = strdup(buf); - else { --- -2.43.0 - diff --git a/backport-If-we-are-checkpointing-decide-if-we-output-this-eve.patch b/backport-If-we-are-checkpointing-decide-if-we-output-this-eve.patch deleted file mode 100644 index d25291530e18fd8cbaa88a804b954d1a26e4b4af..0000000000000000000000000000000000000000 --- a/backport-If-we-are-checkpointing-decide-if-we-output-this-eve.patch +++ /dev/null @@ -1,52 +0,0 @@ -From cf637c93b6586a43e6b8f3ca5bad9b3e99f9ca4b Mon Sep 17 00:00:00 2001 -From: Attila Lakatos -Date: Fri, 11 Apr 2025 17:50:47 +0200 -Subject: [PATCH] If we are checkpointing, decide if we output this event. We - need to do it as (#447) - -early as here. The chkpt_input_levent event might not match the entries, so we -need to ensure that we don't skip the event that is the checkpoint event. That -is the marking point from which we start outputting events. Leaving that event -out will produce empty results. ---- - src/ausearch.c | 17 +++++++++++------ - 1 file changed, 11 insertions(+), 6 deletions(-) - -diff --git a/src/ausearch.c b/src/ausearch.c -index 3bf95b5a..cf77ba14 100644 ---- a/src/ausearch.c -+++ b/src/ausearch.c -@@ -464,6 +464,17 @@ static int process_log_fd(void) - if ((ret != 0)||(entries->cnt == 0)) - break; - -+ /* -+ * If we are checkpointing, decide if we output this event. -+ * We need to do it as early as here. The chkpt_input_levent event -+ * might not match the entries, so we need to ensure that we don't -+ * skip the event that is the checkpoint event. That is the marking point -+ * from which we start outputting events. Leaving that event out will produce -+ * empty results. -+ */ -+ if (checkpt_filename) -+ do_output = chkpt_output_decision(&entries->e); -+ - /* - * We flush all events on the last log file being processed. - * Thus incomplete events are 'carried forward' to be -@@ -471,12 +482,6 @@ static int process_log_fd(void) - * in the next file we are about to process. - */ - if (match(entries)) { -- /* -- * If we are checkpointing, decide if we output -- * this event -- */ -- if (checkpt_filename) -- do_output = chkpt_output_decision(&entries->e); - - if (do_output == 1) { - found = 1; --- -2.43.0 - diff --git a/backport-Implicit-builtin-functions.patch b/backport-Implicit-builtin-functions.patch deleted file mode 100644 index 8f091ef26507143f80cf43e6a31592eb6aa01470..0000000000000000000000000000000000000000 --- a/backport-Implicit-builtin-functions.patch +++ /dev/null @@ -1,654 +0,0 @@ -From 8c7eaa7ead6c70486623674c19d649f3831578ad Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 3 May 2024 17:33:39 -0400 -Subject: [PATCH] Implicit builtin functions - -Correct a number of places where printf is being used without a prototype. -All cases are in libraries which should not be using printf. Change them -to return an error rather than communicate the problem. ---- - audisp/audispd-llist.c | 10 +++++----- - audisp/audispd-llist.h | 4 ++-- - auparse/normalize-llist.c | 12 ++++++------ - auparse/normalize-llist.h | 4 ++-- - auparse/normalize.c | 14 +++++++++----- - src/auditctl-llist.c | 18 +++++++++--------- - src/auditctl-llist.h | 4 ++-- - src/ausearch-avc.c | 16 ++++++++-------- - src/ausearch-avc.h | 4 ++-- - src/ausearch-int.c | 12 ++++++------ - src/ausearch-int.h | 4 ++-- - src/ausearch-llist.c | 14 +++++++------- - src/ausearch-llist.h | 2 +- - src/ausearch-nvpair.c | 12 ++++++------ - src/ausearch-nvpair.h | 4 ++-- - src/ausearch-string.c | 10 +++++----- - src/ausearch-string.h | 2 +- - tools/aulastlog/aulastlog-llist.c | 18 +++++++++--------- - tools/aulastlog/aulastlog-llist.h | 4 ++-- - 19 files changed, 86 insertions(+), 82 deletions(-) - -diff --git a/audisp/audispd-llist.c b/audisp/audispd-llist.c -index 30d7f03..15ec038 100644 ---- a/audisp/audispd-llist.c -+++ b/audisp/audispd-llist.c -@@ -69,15 +69,13 @@ unsigned int plist_count_active(const conf_llist *l) - return cnt; - } - --void plist_append(conf_llist *l, plugin_conf_t *p) -+int plist_append(conf_llist *l, plugin_conf_t *p) - { - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - if (p) { - void *pp = malloc(sizeof(struct plugin_conf)); -@@ -98,6 +96,8 @@ void plist_append(conf_llist *l, plugin_conf_t *p) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - void plist_clear(conf_llist* l) -diff --git a/audisp/audispd-llist.h b/audisp/audispd-llist.h -index 7c5279b..fb30f12 100644 ---- a/audisp/audispd-llist.h -+++ b/audisp/audispd-llist.h -@@ -1,6 +1,6 @@ - /* - * audispd-llist.h - Header file for ausearch-conf_llist.c --* Copyright (c) 2007,2013 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2007,2013 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -51,7 +51,7 @@ unsigned int plist_count_active(const conf_llist *l); - void plist_last(conf_llist *l); - lnode *plist_next(conf_llist *l); - static inline lnode *plist_get_cur(conf_llist *l) { return l->cur; } --void plist_append(conf_llist *l, plugin_conf_t *p); -+int plist_append(conf_llist *l, plugin_conf_t *p); - void plist_clear(conf_llist* l); - void plist_mark_all_unchecked(conf_llist* l); - lnode *plist_find_unchecked(conf_llist* l); -diff --git a/auparse/normalize-llist.c b/auparse/normalize-llist.c -index 253c5e5..18e901e 100644 ---- a/auparse/normalize-llist.c -+++ b/auparse/normalize-llist.c -@@ -1,6 +1,6 @@ - /* - * normalize-llist.c - Minimal linked list library -- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina. -+ * Copyright (c) 2016-17 Red Hat Inc. - * All Rights Reserved. - * - * This library is free software; you can redistribute it and/or -@@ -63,15 +63,14 @@ data_node *cllist_next(cllist *l) - return l->cur; - } - --void cllist_append(cllist *l, uint32_t num, void *data) -+// Returns 0 on success and 1 on error -+int cllist_append(cllist *l, uint32_t num, void *data) - { - data_node *newnode; - - newnode = malloc(sizeof(data_node)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - newnode->num = num; - newnode->data = data; -@@ -87,5 +86,6 @@ void cllist_append(cllist *l, uint32_t num, void *data) - l->tail = newnode; - l->cur = newnode; - l->cnt++; -+ return 0; - } - -diff --git a/auparse/normalize-llist.h b/auparse/normalize-llist.h -index 6e3a8d5..24caafc 100644 ---- a/auparse/normalize-llist.h -+++ b/auparse/normalize-llist.h -@@ -1,6 +1,6 @@ - /* - * normalize-llist.h - Header file for normalize-llist.c -- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina. -+ * Copyright (c) 2016-17 Red Hat Inc. - * All Rights Reserved. - * - * This library is free software; you can redistribute it and/or -@@ -54,7 +54,7 @@ AUDIT_HIDDEN_START - void cllist_create(cllist *l, void (*cleanup)(void *)); - void cllist_clear(cllist* l); - data_node *cllist_next(cllist *l); --void cllist_append(cllist *l, uint32_t num, void *data); -+int cllist_append(cllist *l, uint32_t num, void *data); - - AUDIT_HIDDEN_END - -diff --git a/auparse/normalize.c b/auparse/normalize.c -index c68dba4..038328d 100644 ---- a/auparse/normalize.c -+++ b/auparse/normalize.c -@@ -179,7 +179,8 @@ static unsigned int add_subj_attr(auparse_state_t *au, const char *str, - if ((auparse_find_field(au, str))) { - attr = set_record(0, rnum); - attr = set_field(attr, auparse_get_field_num(au)); -- cllist_append(&D.actor.attr, attr, NULL); -+ if (cllist_append(&D.actor.attr, attr, NULL)) -+ return 1; - return 0; - } else - auparse_goto_record_num(au, rnum); -@@ -224,7 +225,8 @@ static unsigned int add_obj_attr(auparse_state_t *au, const char *str, - if ((auparse_find_field(au, str))) { - attr = set_record(0, rnum); - attr = set_field(attr, auparse_get_field_num(au)); -- cllist_append(&D.thing.attr, attr, NULL); -+ if (cllist_append(&D.thing.attr, attr, NULL)) -+ return 1; - return 0; - } else - auparse_goto_record_num(au, rnum); -@@ -360,21 +362,23 @@ static void collect_id_obj2(auparse_state_t *au, const char *syscall) - } - } - --static void collect_path_attrs(auparse_state_t *au) -+static int collect_path_attrs(auparse_state_t *au) - { - value_t attr; - unsigned int rnum = auparse_get_record_num(au); - - auparse_first_field(au); - if (add_obj_attr(au, "mode", rnum)) -- return; // Failed opens don't have anything else -+ return 1; // Failed opens don't have anything else - - // All the rest of the fields matter - while ((auparse_next_field(au))) { - attr = set_record(0, rnum); - attr = set_field(attr, auparse_get_field_num(au)); -- cllist_append(&D.thing.attr, attr, NULL); -+ if (cllist_append(&D.thing.attr, attr, NULL)) -+ return 1; - } -+ return 0; - } - - static void collect_cwd_attrs(auparse_state_t *au) -diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c -index 5282ee3..de5c38d 100644 ---- a/src/auditctl-llist.c -+++ b/src/auditctl-llist.c -@@ -1,7 +1,7 @@ - /* - * ausearch-llist.c - Minimal linked list library --* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina. --* All Rights Reserved. -+* Copyright (c) 2005 Red Hat Inc. -+* All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the - * terms of the GNU General Public License as published by the Free -@@ -15,7 +15,7 @@ - * - * You should have received a copy of the GNU General Public License - * along with this program; see the file COPYING. If not, write to the --* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor -+* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor - * Boston, MA 02110-1335, USA. - * - * Authors: -@@ -59,19 +59,17 @@ lnode *list_next(llist *l) - return l->cur; - } - --void list_append(llist *l, const struct audit_rule_data *r, size_t sz) -+int list_append(llist *l, const struct audit_rule_data *r, size_t sz) - { - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - if (r) { - void *rr = malloc(sz); -- if (rr) -+ if (rr) - memcpy(rr, r, sz); - newnode->r = rr; - } else -@@ -89,6 +87,8 @@ void list_append(llist *l, const struct audit_rule_data *r, size_t sz) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - void list_clear(llist* l) -diff --git a/src/auditctl-llist.h b/src/auditctl-llist.h -index c8f60df..55456a1 100644 ---- a/src/auditctl-llist.h -+++ b/src/auditctl-llist.h -@@ -1,6 +1,6 @@ - /* - * auditctl-llist.h - Header file for ausearch-llist.c --* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -50,7 +50,7 @@ void list_first(llist *l); - void list_last(llist *l); - lnode *list_next(llist *l); - static inline lnode *list_get_cur(const llist *l) { return l->cur; } --void list_append(llist *l, const struct audit_rule_data *r, size_t sz); -+int list_append(llist *l, const struct audit_rule_data *r, size_t sz); - void list_clear(llist* l); - - #endif -diff --git a/src/ausearch-avc.c b/src/ausearch-avc.c -index 3857656..36d9832 100644 ---- a/src/ausearch-avc.c -+++ b/src/ausearch-avc.c -@@ -1,7 +1,7 @@ - /* - * ausearch-avc.c - Minimal linked list library for avcs --* Copyright (c) 2006,2008,2014 Red Hat Inc., Durham, North Carolina. --* All Rights Reserved. -+* Copyright (c) 2006,2008,2014 Red Hat Inc. -+* All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the - * terms of the GNU General Public License as published by the Free -@@ -15,7 +15,7 @@ - * - * You should have received a copy of the GNU General Public License - * along with this program; see the file COPYING. If not, write to the --* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor -+* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor - * Boston, MA 02110-1335, USA. - * - * Authors: -@@ -62,15 +62,13 @@ static void alist_last(alist *l) - l->cur = cur; - } - --void alist_append(alist *l, anode *node) -+int alist_append(alist *l, anode *node) - { - anode* newnode; - - newnode = malloc(sizeof(anode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - if (node->scontext) - newnode->scontext = node->scontext; -@@ -108,6 +106,8 @@ void alist_append(alist *l, anode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - int alist_find_subj(alist *l) -diff --git a/src/ausearch-avc.h b/src/ausearch-avc.h -index 3796ed4..59a7174 100644 ---- a/src/ausearch-avc.h -+++ b/src/ausearch-avc.h -@@ -1,6 +1,6 @@ - /* - * ausearch-avc.h - Header file for ausearch-string.c --* Copyright (c) 2006,2008 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2006,2008 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -54,7 +54,7 @@ void alist_create(alist *l); - static inline void alist_first(alist *l) { l->cur = l->head; } - anode *alist_next(alist *l); - static inline anode *alist_get_cur(const alist *l) { return l->cur; } --void alist_append(alist *l, anode *node); -+int alist_append(alist *l, anode *node); - void anode_init(anode *an); - void anode_clear(anode *an); - void alist_clear(alist* l); -diff --git a/src/ausearch-int.c b/src/ausearch-int.c -index 5f57b05..d2288bf 100644 ---- a/src/ausearch-int.c -+++ b/src/ausearch-int.c -@@ -1,6 +1,6 @@ - /* - * ausearch-int.c - Minimal linked list library for integers --* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005,2008 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -41,15 +41,13 @@ int_node *ilist_next(ilist *l) - return l->cur; - } - --void ilist_append(ilist *l, int num, unsigned int hits, int aux) -+int ilist_append(ilist *l, int num, unsigned int hits, int aux) - { - int_node* newnode; - - newnode = malloc(sizeof(int_node)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - newnode->num = num; - newnode->hits = hits; -@@ -65,6 +63,8 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - void ilist_clear(ilist* l) -diff --git a/src/ausearch-int.h b/src/ausearch-int.h -index d7fc740..31fc5d6 100644 ---- a/src/ausearch-int.h -+++ b/src/ausearch-int.h -@@ -1,6 +1,6 @@ - /* - * ausearch-int.h - Header file for ausearch-int.c --* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005,2008 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -48,7 +48,7 @@ void ilist_create(ilist *l); - static inline void ilist_first(ilist *l) { l->cur = l->head; } - int_node *ilist_next(ilist *l); - static inline int_node *ilist_get_cur(const ilist *l) { return l->cur; } --void ilist_append(ilist *l, int num, unsigned int hits, int aux); -+int ilist_append(ilist *l, int num, unsigned int hits, int aux); - void ilist_clear(ilist* l); - - /* append a number if its not already on the list */ -diff --git a/src/ausearch-llist.c b/src/ausearch-llist.c -index 7926980..ec04904 100644 ---- a/src/ausearch-llist.c -+++ b/src/ausearch-llist.c -@@ -1,6 +1,6 @@ - /* - * ausearch-llist.c - Minimal linked list library --* Copyright (c) 2005-2008,2011,2016 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005-2008,2011,2016 Red Hat Inc. - * Copyright (c) 2011 IBM Corp. - * All Rights Reserved. - * -@@ -102,15 +102,13 @@ lnode *list_prev(llist *l) - return l->cur; - } - --void list_append(llist *l, lnode *node) -+int list_append(llist *l, lnode *node) - { - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - if (node->message) - newnode->message = node->message; -@@ -123,7 +121,7 @@ void list_append(llist *l, lnode *node) - newnode->type = node->type; - newnode->a0 = node->a0; - newnode->a1 = node->a1; -- newnode->item = l->cnt; -+ newnode->item = l->cnt; - newnode->next = NULL; - - // if we are at top, fix this up -@@ -135,6 +133,8 @@ void list_append(llist *l, lnode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - int list_find_item(llist *l, unsigned int i) -diff --git a/src/ausearch-llist.h b/src/ausearch-llist.h -index 13ae2a0..338b7cd 100644 ---- a/src/ausearch-llist.h -+++ b/src/ausearch-llist.h -@@ -107,7 +107,7 @@ void list_last(llist *l); - lnode *list_next(llist *l); - lnode *list_prev(llist *l); - static inline lnode *list_get_cur(llist *l) { return l->cur; } --void list_append(llist *l, lnode *node); -+int list_append(llist *l, lnode *node); - void list_clear(llist* l); - int list_get_event(llist* l, event *e); - -diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c -index 3a1b27d..817c97e 100644 ---- a/src/ausearch-nvpair.c -+++ b/src/ausearch-nvpair.c -@@ -1,6 +1,6 @@ - /* - * ausearch-nvpair.c - Minimal linked list library for name-value pairs --* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2006-08 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -34,13 +34,11 @@ void search_list_create(nvlist *l) - l->cnt = 0; - } - --void search_list_append(nvlist *l, nvnode *node) -+int search_list_append(nvlist *l, nvnode *node) - { - nvnode* newnode = malloc(sizeof(nvnode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - newnode->name = node->name; - newnode->val = node->val; -@@ -58,6 +56,8 @@ void search_list_append(nvlist *l, nvnode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - int search_list_find_val(nvlist *l, long val) -diff --git a/src/ausearch-nvpair.h b/src/ausearch-nvpair.h -index 244dca7..19749e3 100644 ---- a/src/ausearch-nvpair.h -+++ b/src/ausearch-nvpair.h -@@ -1,6 +1,6 @@ - /* - * ausearch-nvpair.h - Header file for ausearch-nvpair.c --* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2006-08 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -46,7 +46,7 @@ typedef struct { - - void search_list_create(nvlist *l); - static inline nvnode *search_list_get_cur(nvlist *l) { return l->cur; } --void search_list_append(nvlist *l, nvnode *node); -+int search_list_append(nvlist *l, nvnode *node); - void search_list_clear(nvlist* l); - - /* Given a numeric index, find that record. */ -diff --git a/src/ausearch-string.c b/src/ausearch-string.c -index 86b8a78..abddc04 100644 ---- a/src/ausearch-string.c -+++ b/src/ausearch-string.c -@@ -61,15 +61,13 @@ snode *slist_next(slist *l) - return l->cur; - } - --void slist_append(slist *l, const snode *node) -+int slist_append(slist *l, const snode *node) - { - snode* newnode; - - newnode = malloc(sizeof(snode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - if (node->str) - newnode->str = node->str; -@@ -96,6 +94,8 @@ void slist_append(slist *l, const snode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - void slist_clear(slist* l) -diff --git a/src/ausearch-string.h b/src/ausearch-string.h -index ed4a05b..99fe31b 100644 ---- a/src/ausearch-string.h -+++ b/src/ausearch-string.h -@@ -48,7 +48,7 @@ void slist_create(slist *l); - static inline void slist_first(slist *l) { l->cur = l->head; } - snode *slist_next(slist *l); - static inline snode *slist_get_cur(const slist *l) { return l->cur; } --void slist_append(slist *l, const snode *node); -+int slist_append(slist *l, const snode *node); - void slist_clear(slist* l); - - /* append a string if its not already on the list */ -diff --git a/tools/aulastlog/aulastlog-llist.c b/tools/aulastlog/aulastlog-llist.c -index 0b89be6..2a8aa14 100644 ---- a/tools/aulastlog/aulastlog-llist.c -+++ b/tools/aulastlog/aulastlog-llist.c -@@ -1,7 +1,7 @@ - /* - * aulastlog-llist.c - Minimal linked list library --* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina. --* All Rights Reserved. -+* Copyright (c) 2008 Red Hat Inc.. -+* All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the - * terms of the GNU General Public License as published by the Free -@@ -15,7 +15,7 @@ - * - * You should have received a copy of the GNU General Public License - * along with this program; see the file COPYING. If not, write to the --* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor -+* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor - * Boston, MA 02110-1335, USA. - * - * Authors: -@@ -41,15 +41,13 @@ lnode *list_next(llist *l) - return l->cur; - } - --void list_append(llist *l, lnode *node) -+int list_append(llist *l, lnode *node) - { - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -- if (newnode == NULL) { -- printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); -- return; -- } -+ if (newnode == NULL) -+ return 1; - - newnode->sec = node->sec; - newnode->uid = node->uid; -@@ -62,7 +60,7 @@ void list_append(llist *l, lnode *node) - newnode->term = strdup(node->term); - else - newnode->term = NULL; -- newnode->item = l->cnt; -+ newnode->item = l->cnt; - newnode->next = NULL; - - // if we are at top, fix this up -@@ -74,6 +72,8 @@ void list_append(llist *l, lnode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - void list_clear(llist* l) -diff --git a/tools/aulastlog/aulastlog-llist.h b/tools/aulastlog/aulastlog-llist.h -index 1b43a7f..79e23b4 100644 ---- a/tools/aulastlog/aulastlog-llist.h -+++ b/tools/aulastlog/aulastlog-llist.h -@@ -1,6 +1,6 @@ - /* - * aulastlog-llist.h - Header file for aulastlog-llist.c --* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2008 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -53,7 +53,7 @@ static inline void list_first(llist *l) { l->cur = l->head; } - lnode *list_next(llist *l); - static inline lnode *list_get_cur(llist *l) { return l->cur; } - static inline unsigned int list_get_cnt(llist *l) { return l->cnt; } --void list_append(llist *l, lnode *node); -+int list_append(llist *l, lnode *node); - void list_clear(llist* l); - int list_update_login(llist* l, time_t t); - int list_update_host(llist* l, const char *h); --- -2.50.1 - diff --git a/backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.patch b/backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.patch deleted file mode 100644 index aa12a467555fcce041c2dd01f535745729fd3ddf..0000000000000000000000000000000000000000 --- a/backport-Issue343-Fix-checkpoint-issue-to-ensure-all-complete.patch +++ /dev/null @@ -1,114 +0,0 @@ -From 139c61a9007600c93702947179d7836be1bc8403 Mon Sep 17 00:00:00 2001 -From: burnalting -Date: Thu, 11 Jan 2024 08:22:32 +1100 -Subject: [PATCH] Issue343: Fix checkpoint issue to ensure all complete events - are gained (#345) - -Co-authored-by: Burn Alting - -Reference:https://github.com/linux-audit/audit-userspace/commit/139c61a9007600c93702947179d7836be1bc8403 -Conflict:NA - ---- - src/ausearch-lol.c | 33 +++++++++++++++++++++++++++++++++ - src/ausearch-lol.h | 1 + - src/ausearch.c | 12 +++++++----- - 3 files changed, 41 insertions(+), 5 deletions(-) - -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 9ed39d4f..bcfb9ad8 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -261,6 +261,32 @@ static void check_events(lol *lo, time_t sec) - } - } - -+// This function will check events to see if they are complete but not compare against a given time -+static void check_events_without_time(lol *lo) -+{ -+ int i; -+ -+ for(i=0;i<=lo->maxi; i++) { -+ lolnode *cur = &lo->array[i]; -+ if (cur->status == L_BUILDING) { -+ /* We now iterate over the event's records but without affecting the node's current -+ * pointer (cur->l->cur). That is, we don't call the list-* routines -+ * We could jump to the last record in the list which is normally a PROCTITLE, but this -+ * may not be guaranteed, so we check all record types -+ */ -+ lnode *ln = cur->l->head; -+ while (ln) { -+ if (audit_is_last_record(ln->type)) { -+ cur->status = L_COMPLETE; -+ ready++; -+ break; -+ } -+ ln = ln->next; -+ } -+ } -+ } -+} -+ - // This function adds a new record to an existing linked list - // or creates a new one if its a new event - int lol_add_record(lol *lo, char *buff) -@@ -360,6 +386,13 @@ void terminate_all_events(lol *lo) - } - } - -+// This function will mark all events as complete if it can. -+void complete_all_events(lol *lo) -+{ -+ -+ check_events_without_time(lo); -+} -+ - /* Search the list for any event that is ready to go. The caller - * takes custody of the memory */ - llist* get_ready_event(lol *lo) -diff --git a/src/ausearch-lol.h b/src/ausearch-lol.h -index e189491e..427d083c 100644 ---- a/src/ausearch-lol.h -+++ b/src/ausearch-lol.h -@@ -49,6 +49,7 @@ void lol_create(lol *lo); - void lol_clear(lol *lo); - int lol_add_record(lol *lo, char *buff); - void terminate_all_events(lol *lo); -+void complete_all_events(lol *lo); - llist* get_ready_event(lol *lo); - - void lol_set_eoe_timeout(time_t new_eoe_tmo); -diff --git a/src/ausearch.c b/src/ausearch.c -index c8cafb5f..409e43e9 100644 ---- a/src/ausearch.c -+++ b/src/ausearch.c -@@ -610,19 +610,21 @@ static int get_next_event(llist **l) - * If we get an EINTR error or we are at EOF, we check - * to see if we have any events to print and return - * appropriately. If we are the last file being -- * processed, we mark all incomplete events as -- * complete so they will be printed. -+ * processed, and we are not checkpointing, we mark all incomplete -+ * events as complete so they will be printed. If we are checkpointing -+ * we do an exhaustive validation to see if there are complete events still - */ - if ((ferror_unlocked(log_fd) && - errno == EINTR) || feof_unlocked(log_fd)) { - /* -- * Only mark all events as L_COMPLETE if we are -+ * Only attempt to mark all events as L_COMPLETE if we are - * the last file being processed. -- * We DO NOT do this if we are checkpointing. - */ - if (files_to_process == 0) { - if (!checkpt_filename) -- terminate_all_events(&lo); -+ terminate_all_events(&lo); // terminate as we are not checkpointing -+ else -+ complete_all_events(&lo); // exhaustively check if we can complete events - } - *l = get_ready_event(&lo); - if (*l) --- -2.33.0 - diff --git a/backport-Make-session-id-consistently-typed-327.patch b/backport-Make-session-id-consistently-typed-327.patch deleted file mode 100644 index 9a5bbc0deed4b4945c878b274266a47ed12851db..0000000000000000000000000000000000000000 --- a/backport-Make-session-id-consistently-typed-327.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 8359a7004de5e22c5a9b85c01c56e3b376d84a81 Mon Sep 17 00:00:00 2001 -From: Michael Tautschnig -Date: Thu, 2 Nov 2023 21:53:29 +0100 -Subject: [PATCH] Make session id consistently typed (#327) - -This fixes type-conflicting definitions and declarations. - -Reference:https://github.com/linux-audit/audit-userspace/commit/8359a7004de5e22c5a9b85c01c56e3b376d84a81 -Conflict:NA - ---- - src/aureport-options.c | 3 ++- - src/ausearch-options.c | 10 ++++++---- - 2 files changed, 8 insertions(+), 5 deletions(-) - -diff --git a/src/aureport-options.c b/src/aureport-options.c -index 93621e25..76a4b9f1 100644 ---- a/src/aureport-options.c -+++ b/src/aureport-options.c -@@ -61,7 +61,8 @@ const char *event_uuid = NULL; - const char *event_vmname = NULL; - long long event_exit = 0; - int event_exit_is_set = 0; --int event_ppid = -1, event_session_id = -2; -+pid_t event_ppid = -1; -+uint32_t event_session_id = -2; - int event_debug = 0, event_machine = -1; - time_t arg_eoe_timeout = (time_t)0; - -diff --git a/src/ausearch-options.c b/src/ausearch-options.c -index 8a1f4772..499c2aa3 100644 ---- a/src/ausearch-options.c -+++ b/src/ausearch-options.c -@@ -895,19 +895,21 @@ int check_params(int count, char *vars[]) - size_t len = strlen(optarg); - if (isdigit(optarg[0])) { - errno = 0; -- event_session_id = strtoul(optarg,NULL,10); -- if (errno) -+ unsigned long optval = strtoul(optarg,NULL,10); -+ if (errno || optval >= (1ul << 32)) - retval = -1; -+ event_session_id = optval; - c++; - } else if (len >= 2 && *(optarg)=='-' && - (isdigit(optarg[1]))) { - errno = 0; -- event_session_id = strtoul(optarg, NULL, 0); -- if (errno) { -+ long optval = strtol(optarg, NULL, 0); -+ if (errno || optval < INT_MIN || optval > INT_MAX) { - retval = -1; - fprintf(stderr, "Error converting %s\n", - optarg); - } -+ event_session_id = optval; - c++; - } else { - fprintf(stderr, --- -2.33.0 - diff --git a/backport-Modify-ausearch-checkpoint-code-to-address-audit-use.patch b/backport-Modify-ausearch-checkpoint-code-to-address-audit-use.patch deleted file mode 100644 index d1ccd8d4eec7d21ec5130d63dd4b9f791a7264cc..0000000000000000000000000000000000000000 --- a/backport-Modify-ausearch-checkpoint-code-to-address-audit-use.patch +++ /dev/null @@ -1,54 +0,0 @@ -From 9167f7d23018c0d43f22e4891d337200dbabf6a9 Mon Sep 17 00:00:00 2001 -From: burnalting -Date: Sun, 13 Oct 2024 05:32:11 +1100 -Subject: [PATCH] Modify ausearch checkpoint code to address audit-userspace - issue 404 (#405) - ---- - src/ausearch-checkpt.c | 9 +++++---- - 1 file changed, 5 insertions(+), 4 deletions(-) - -diff --git a/src/ausearch-checkpt.c b/src/ausearch-checkpt.c -index 85c66221..5e4dbff1 100644 ---- a/src/ausearch-checkpt.c -+++ b/src/ausearch-checkpt.c -@@ -21,6 +21,7 @@ - #include - #include - #include -+#include - #include "ausearch-checkpt.h" - - #define DBG 0 /* set to non-zero for debug */ -@@ -134,8 +135,8 @@ void save_ChkPt(const char *fn) - return; - } - // Write the inode in decimal to make ls -i easier to use. -- fprintf(fd, "dev=0x%X\ninode=%u\n", -- (unsigned int)checkpt_dev, (unsigned int)checkpt_ino); -+ fprintf(fd, "dev=0x%" PRIX64 "\ninode=%" PRIu64 "\n", -+ (uint64_t)checkpt_dev, (uint64_t)checkpt_ino); - fprintf(fd, "output=%s %lu.%03u:%lu 0x%X\n", - last_event.node ? last_event.node : "-", - (long unsigned int)last_event.sec, last_event.milli, -@@ -218,7 +219,7 @@ int load_ChkPt(const char *fn) - - if (strncmp(lbuf, "dev=", 4) == 0) { - errno = 0; -- chkpt_input_dev = strtoul(&lbuf[4], NULL, 16); -+ chkpt_input_dev = (dev_t)strtoull(&lbuf[4], NULL, 16); - if (errno) { - fprintf(stderr, "Malformed dev checkpoint " - "line - [%s]\n", lbuf); -@@ -227,7 +228,7 @@ int load_ChkPt(const char *fn) - } - } else if (strncmp(lbuf, "inode=", 6) == 0) { - errno = 0; -- chkpt_input_ino = strtoul(&lbuf[6], NULL, 0); -+ chkpt_input_ino = (ino_t)strtoull(&lbuf[6], NULL, 0); - if (errno) { - fprintf(stderr, "Malformed inode checkpoint " - "line - [%s]\n", lbuf); --- -2.43.0 - diff --git a/backport-Release-queue-mutexes-during-teardown.patch b/backport-Release-queue-mutexes-during-teardown.patch deleted file mode 100644 index 77e82fcc30b2ad1c01331cacc3f2ce0880d1b090..0000000000000000000000000000000000000000 --- a/backport-Release-queue-mutexes-during-teardown.patch +++ /dev/null @@ -1,44 +0,0 @@ -From bbac8f8bb4dd2fe43388c08c593edac1de712e74 Mon Sep 17 00:00:00 2001 -From: Cropi -Date: Mon, 23 Jun 2025 12:38:15 +0200 -Subject: [PATCH] Release queue mutexes during teardown -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -Destroy the queue mutex and condition variable in the zos‑remote cleanup -and destroy the queue mutex in the main audisp queue destructor after -freeing entries. - ---- - audisp/plugins/zos-remote/zos-remote-queue.c | 2 ++ - audisp/queue.c | 1 + - 2 files changed, 3 insertions(+) - -diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c -index 67397f3..eb2c0da 100644 ---- a/audisp/plugins/zos-remote/zos-remote-queue.c -+++ b/audisp/plugins/zos-remote/zos-remote-queue.c -@@ -152,5 +152,7 @@ void destroy_queue(void) - } - - free(q); -+ pthread_mutex_destroy(&queue_lock); -+ pthread_cond_destroy(&queue_nonempty); - } - -diff --git a/audisp/queue.c b/audisp/queue.c -index 183a5af..6bb31c3 100644 ---- a/audisp/queue.c -+++ b/audisp/queue.c -@@ -270,6 +270,7 @@ void destroy_queue(void) - free((void *)q[i]); - - free(q); -+ pthread_mutex_destroy(&queue_lock); - q_last = 0; - q_depth = 0; - processing_suspended = 1; --- -2.43.0 - diff --git a/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch b/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch deleted file mode 100644 index ab59a6dd0585b73fa7350a6edd5a9d1d612444c3..0000000000000000000000000000000000000000 --- a/backport-Rewrite-legacy-service-functions-in-terms-of-systemc.patch +++ /dev/null @@ -1,214 +0,0 @@ -From 38572e7eead76015b388723038f03e2ef0b1e3c1 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 25 Aug 2023 10:41:20 -0400 -Subject: [PATCH] Rewrite legacy service functions in terms of systemctl - -Reference:https://github.com/linux-audit/audit-userspace/commit/38572e7eead76015b388723038f03e2ef0b1e3c1 -Conflict:init.d/Makefile.am,ChangeLog - ---- - init.d/Makefile.am | 3 +-- - init.d/audit-functions | 52 --------------------------------------- - init.d/auditd.condrestart | 7 +++--- - init.d/auditd.reload | 6 +---- - init.d/auditd.resume | 6 +---- - init.d/auditd.rotate | 6 +---- - init.d/auditd.state | 4 +-- - init.d/auditd.stop | 3 +-- - 8 files changed, 10 insertions(+), 77 deletions(-) - delete mode 100644 init.d/audit-functions - -diff --git a/init.d/Makefile.am b/init.d/Makefile.am -index fdbf81c..3a73697 100644 ---- a/init.d/Makefile.am -+++ b/init.d/Makefile.am -@@ -26,7 +26,7 @@ EXTRA_DIST = auditd.init auditd.service auditd.sysconfig auditd.conf \ - auditd.cron libaudit.conf auditd.condrestart \ - auditd.reload auditd.restart auditd.resume \ - auditd.rotate auditd.state auditd.stop \ -- audit-stop.rules augenrules audit-functions -+ audit-stop.rules augenrules - libconfig = libaudit.conf - if ENABLE_SYSTEMD - initdir = /usr/lib/systemd/system -@@ -61,7 +61,6 @@ if ENABLE_SYSTEMD - $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.stop ${DESTDIR}${legacydir}/stop - $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.restart ${DESTDIR}${legacydir}/restart - $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/auditd.condrestart ${DESTDIR}${legacydir}/condrestart -- $(INSTALL_SCRIPT) -D -m 750 ${srcdir}/audit-functions ${DESTDIR}${libexecdir} - else - $(INSTALL_SCRIPT) -D ${srcdir}/auditd.init ${DESTDIR}${initdir}/auditd - endif -diff --git a/init.d/audit-functions b/init.d/audit-functions -deleted file mode 100644 -index 12f5023..0000000 ---- a/init.d/audit-functions -+++ /dev/null -@@ -1,52 +0,0 @@ --# -*-Shell-script-*- -- --# Make sure umask is sane --umask 022 -- --#/usr/libexec/audit/audit-functions -- --# killproc {program} [-signal] --killproc () --{ -- local daemon="$1" -- local sig= -- [ -n "${2:-}" ] && sig=$2 -- -- # This matches src/auditd.c -- local pid_file="/var/run/auditd.pid" -- local pid_dir=$(dirname $pid_file) -- -- if [ ! -d "$pid_dir" ] ; then -- return 4 -- fi -- -- local pid= -- if [ -f "$pid_file" ] ; then -- # pid file exists, use it -- while : ; do -- read line -- [ -z "$line" ] && break -- for p in $line ; do -- # pid is numeric and corresponds to a process -- if [ -z "${p//[0-9]/}" ] && [ -d "/proc/$p" ] ; then -- d=$(cat "/proc/$p/comm") -- if [ "$d" = "$daemon" ] ; then -- pid="$p" -- break -- fi -- fi -- done -- done < "$pid_file" -- else -- # need to search /proc -- p=$(pidof "$daemon") -- if [ -n "$p" ] ; then -- pid="$p" -- fi -- fi -- -- # At this point we should have a pid or the process is dead -- if [ -n "$pid" ] && [ -n "$sig" ] ; then -- kill "$sig" "$pid" >/dev/null 2>&1 -- fi --} -diff --git a/init.d/auditd.condrestart b/init.d/auditd.condrestart -index d86e5e4..c5803ff 100644 ---- a/init.d/auditd.condrestart -+++ b/init.d/auditd.condrestart -@@ -2,9 +2,10 @@ - # Helper script to provide legacy auditd service options not - # directly supported by systemd. - --state=`service auditd status | awk '/^ Active/ { print $2 }'` --if [ $state = "active" ] ; then -- /usr/libexec/initscripts/legacy-actions/auditd/restart -+state=$(systemctl status auditd | awk '/Active:/ { print $2 }') -+if [ "$state" = "active" ] ; then -+ /usr/libexec/initscripts/legacy-actions/auditd/stop -+ /bin/systemctl start auditd - RETVAL="$?" - exit $RETVAL - fi -diff --git a/init.d/auditd.reload b/init.d/auditd.reload -index e689534..53ff2f4 100644 ---- a/init.d/auditd.reload -+++ b/init.d/auditd.reload -@@ -5,13 +5,9 @@ - # Check that we are root ... so non-root users stop here - test $(id -u) = 0 || exit 4 - --PATH=/sbin:/bin:/usr/bin:/usr/sbin --prog="auditd" --. /usr/libexec/audit-functions -- - printf "Reconfiguring: " - /sbin/augenrules --load --killproc $prog -HUP -+/sbin/auditctl --signal reload - RETVAL=$? - echo - exit $RETVAL -diff --git a/init.d/auditd.resume b/init.d/auditd.resume -index 6852fd6..96189eb 100644 ---- a/init.d/auditd.resume -+++ b/init.d/auditd.resume -@@ -5,12 +5,8 @@ - # Check that we are root ... so non-root users stop here - test $(id -u) = 0 || exit 4 - --PATH=/sbin:/bin:/usr/bin:/usr/sbin --prog="auditd" --. /usr/libexec/audit-functions -- - printf "Resuming logging: " --killproc $prog -USR2 -+/sbin/auditctl --signal resume - RETVAL=$? - echo - exit $RETVAL -diff --git a/init.d/auditd.rotate b/init.d/auditd.rotate -index 643b935..dcb12c2 100644 ---- a/init.d/auditd.rotate -+++ b/init.d/auditd.rotate -@@ -5,12 +5,8 @@ - # Check that we are root ... so non-root users stop here - test $(id -u) = 0 || exit 4 - --PATH=/sbin:/bin:/usr/bin:/usr/sbin --prog="auditd" --. /usr/libexec/audit-functions -- - printf "Rotating logs: " --killproc $prog -USR1 -+/sbin/auditctl --signal rotate - RETVAL=$? - echo - exit $RETVAL -diff --git a/init.d/auditd.state b/init.d/auditd.state -index 4724c4f..6ae0845 100644 ---- a/init.d/auditd.state -+++ b/init.d/auditd.state -@@ -6,12 +6,10 @@ - test $(id -u) = 0 || exit 4 - - PATH=/sbin:/bin:/usr/bin:/usr/sbin --prog="auditd" - state_file="/var/run/auditd.state" --. /usr/libexec/audit-functions - - printf "Getting auditd internal state: " --killproc $prog -CONT -+/sbin/auditctl --signal state - RETVAL=$? - echo -e "\n" - sleep 1 -diff --git a/init.d/auditd.stop b/init.d/auditd.stop -index d3fbc79..5049285 100644 ---- a/init.d/auditd.stop -+++ b/init.d/auditd.stop -@@ -7,7 +7,6 @@ test $(id -u) = 0 || exit 4 - - PATH=/sbin:/bin:/usr/bin:/usr/sbin - prog="auditd" --. /usr/libexec/audit-functions - pid= - p=$(pidof "$prog") - if [ -n "$p" ] ; then -@@ -15,7 +14,7 @@ if [ -n "$p" ] ; then - fi - - printf "Stopping logging: " --killproc $prog -TERM -+/sbin/auditctl --signal stop - RETVAL=$? - if [ -n "$pid" ] ; then - # Wait up to 20 seconds for auditd to shutdown --- -2.33.0 - diff --git a/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch b/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch deleted file mode 100644 index 3af513bd02f3b9a7ebc3dbb9258a4ea32c0b25dd..0000000000000000000000000000000000000000 --- a/backport-Solve-issue-363-by-moving-check-to-after-load_config.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 0604569e79a5d1c76b32f15576e129e0b813659f Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sun, 24 Mar 2024 13:06:59 -0400 -Subject: [PATCH] Solve issue #363 by moving check to after load_config - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/0604569e79a5d1c76b32f15576e129e0b813659f - ---- - src/auditd.c | 29 +++++++++++++++-------------- - 1 file changed, 15 insertions(+), 14 deletions(-) - -diff --git a/src/auditd.c b/src/auditd.c -index e0fe9925..67ce06c0 100644 ---- a/src/auditd.c -+++ b/src/auditd.c -@@ -676,20 +676,6 @@ int main(int argc, char *argv[]) - } - session = audit_get_session(); - --#ifndef DEBUG -- /* Make sure we can do our job. Containers may not give you -- * capabilities, so we revert to a uid check for that case. */ -- if (!audit_can_control()) { -- if (!config.local_events && geteuid() == 0) -- ; -- else { -- fprintf(stderr, -- "You must be root or have capabilities to run this program.\n"); -- return 4; -- } -- } --#endif -- - /* Register sighandlers */ - sa.sa_flags = 0 ; - sigemptyset( &sa.sa_mask ) ; -@@ -717,6 +703,21 @@ int main(int argc, char *argv[]) - free_config(&config); - return 6; - } -+ -+#ifndef DEBUG -+ /* Make sure we can do our job. Containers may not give you -+ * capabilities, so we revert to a uid check for that case. */ -+ if (!audit_can_control()) { -+ if (!config.local_events && geteuid() == 0) -+ ; -+ else { -+ fprintf(stderr, -+ "You must be root or have capabilities to run this program.\n"); -+ return 4; -+ } -+ } -+#endif -+ - if (config.daemonize == D_FOREGROUND) - config.write_logs = 0; - --- -2.33.0 - diff --git a/backport-Terminate-a-couple-strncpy.patch b/backport-Terminate-a-couple-strncpy.patch deleted file mode 100644 index 239c6f3f7fb91fced1f76e66aa627c2adfe6f3f1..0000000000000000000000000000000000000000 --- a/backport-Terminate-a-couple-strncpy.patch +++ /dev/null @@ -1,37 +0,0 @@ -From 361f506ab0c626e3b14763372a35005dbb154731 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Thu, 19 Jun 2025 22:21:43 -0400 -Subject: [PATCH] Terminate a couple strncpy - ---- - src/aureport.c | 1 + - src/ausearch.c | 1 + - 2 files changed, 2 insertions(+) - -diff --git a/src/aureport.c b/src/aureport.c -index 22618f02..e4560b50 100644 ---- a/src/aureport.c -+++ b/src/aureport.c -@@ -172,6 +172,7 @@ static int process_logs(void) - clear_config (&config); - - strncpy(dirname, user_file, MAXPATHLEN-32); -+ dirname[MAXPATHLEN-32] = '\0'; - if (dirname[strlen(dirname)-1] != '/') - strcat(dirname, "/"); - strcat (dirname, "audit.log"); -diff --git a/src/ausearch.c b/src/ausearch.c -index cf77ba14..51e2dffa 100644 ---- a/src/ausearch.c -+++ b/src/ausearch.c -@@ -244,6 +244,7 @@ static int process_logs(void) - clear_config (&config); - - strncpy(dirname, user_file, MAXPATHLEN-32); -+ dirname[MAXPATHLEN-32] = '\0'; - if (dirname[strlen(dirname)-1] != '/') - strcat(dirname, "/"); - strcat (dirname, "audit.log"); --- -2.43.0 - diff --git a/backport-Update-_get_hostname-436.patch b/backport-Update-_get_hostname-436.patch deleted file mode 100644 index b3b7c9e16fae2caf34556ddc5bf9f66886d2549c..0000000000000000000000000000000000000000 --- a/backport-Update-_get_hostname-436.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 63a274a1710fcc44af4139c0b17575cedc020fbe Mon Sep 17 00:00:00 2001 -From: Attila Lakatos -Date: Wed, 26 Feb 2025 00:31:06 +0100 -Subject: [PATCH] Update _get_hostname (#436) - -Programs such as su may include "/dev/pts/X" instead of "pts/X," -causing a regression compared to previous versions. ---- - lib/audit_logging.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - -diff --git a/lib/audit_logging.c b/lib/audit_logging.c -index 4da95b5e..f63c37d2 100644 ---- a/lib/audit_logging.c -+++ b/lib/audit_logging.c -@@ -243,7 +243,8 @@ static const char *_get_hostname(const char *ttyn) - { - if (ttyn && ((strncmp(ttyn, "pts", 3) == 0) || - (strncmp(ttyn, "tty", 3) == 0) || -- (strncmp(ttyn, "/dev/tty", 8) == 0) )) { -+ (strncmp(ttyn, "/dev/tty", 8) == 0) || -+ (strncmp(ttyn, "/dev/pts", 8) == 0) )) { - if (_host[0] == 0) { - gethostname(_host, HOSTLEN); - _host[HOSTLEN - 1] = 0; --- -2.43.0 - diff --git a/backport-Use-atomic_int-if-available-for-signal-related-flags.patch b/backport-Use-atomic_int-if-available-for-signal-related-flags.patch deleted file mode 100644 index bd7bb3cbc8aa8a0168d2e9ffa29825f270ecf93d..0000000000000000000000000000000000000000 --- a/backport-Use-atomic_int-if-available-for-signal-related-flags.patch +++ /dev/null @@ -1,92 +0,0 @@ -From 184f20c56576300343b8f8b60a8bebb185074485 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 26 Apr 2024 12:44:56 -0400 -Subject: [PATCH] Use atomic_int if available for signal related flags - -Conflict:src/auditd.c -Reference:https://github.com/linux-audit/audit-userspace/commit/184f20c56576300343b8f8b60a8bebb185074485 - ---- - configure.ac | 7 ++++++- - src/auditd-event.c | 5 ++++- - src/auditd.c | 9 ++++++--- - 3 files changed, 16 insertions(+), 5 deletions(-) - -diff --git a/configure.ac b/configure.ac -index 8644ccc..61d32a8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -87,7 +87,12 @@ AC_LINK_IFELSE( - [AC_DEFINE(HAVE_STRNDUPA, 1, [Let us know if we have it or not])], - [] - ) -- -+AC_CHECK_HEADERS([stdatomic.h], [ -+ AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the header file.]) -+ AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the header file.]) -+ ], [ -+ AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if is not available.]) -+]) - AC_MSG_CHECKING(__attr_access support) - AC_COMPILE_IFELSE( - [AC_LANG_SOURCE( -diff --git a/src/auditd-event.c b/src/auditd-event.c -index c74b420..74c4fbd 100644 ---- a/src/auditd-event.c -+++ b/src/auditd-event.c -@@ -36,6 +36,9 @@ - #include /* POSIX_HOST_NAME_MAX */ - #include /* toupper */ - #include /* dirname */ -+#ifdef HAVE_ATOMIC -+#include -+#endif - #include "auditd-event.h" - #include "auditd-dispatch.h" - #include "auditd-listen.h" -@@ -45,7 +48,7 @@ - #include "auparse-idata.h" - - /* This is defined in auditd.c */ --extern volatile int stop; -+extern volatile ATOMIC_INT stop; - - /* Local function prototypes */ - static void send_ack(const struct auditd_event *e, int ack_type, -diff --git a/src/auditd.c b/src/auditd.c -index 901f741..aebb919 100644 ---- a/src/auditd.c -+++ b/src/auditd.c -@@ -38,6 +38,9 @@ - #include - #include - #include -+#ifdef HAVE_ATOMIC -+#include -+#endif - - #include "libaudit.h" - #include "auditd-event.h" -@@ -62,7 +65,7 @@ - #define SUBJ_LEN 4097 - - /* Global Data */ --volatile int stop = 0; -+volatile ATOMIC_INT stop = 0; - - /* Local data */ - static int fd = -1, pipefds[2] = {-1, -1}; -@@ -72,8 +75,8 @@ static const char *state_file = "/var/run/auditd.state"; - static int init_pipe[2]; - static int do_fork = 1, opt_aggregate_only = 0, config_dir_set = 0; - static struct auditd_event *cur_event = NULL, *reconfig_ev = NULL; --static int hup_info_requested = 0; --static int usr1_info_requested = 0, usr2_info_requested = 0; -+static ATOMIC_INT hup_info_requested = 0; -+static ATOMIC_INT usr1_info_requested = 0, usr2_info_requested = 0; - static char subj[SUBJ_LEN]; - static uint32_t session; - static int hup_flag = 0; --- -2.33.0 - diff --git a/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch b/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch deleted file mode 100644 index 6e8f9a85c8ea5f11c02b1d10143dc35210ac87e6..0000000000000000000000000000000000000000 --- a/backport-Use-atomic_uint-if-available-for-signal-related-flag.patch +++ /dev/null @@ -1,85 +0,0 @@ -From 3955b5e29e119122dc2fc0a53ba82529613e4e1c Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 26 Apr 2024 14:03:02 -0400 -Subject: [PATCH] Use atomic_uint if available for signal related flags - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/3955b5e29e119122dc2fc0a53ba82529613e4e1c - ---- - audisp/audispd.c | 7 +++++-- - audisp/queue.c | 9 ++++++--- - configure.ac | 2 ++ - 3 files changed, 13 insertions(+), 5 deletions(-) - -diff --git a/audisp/audispd.c b/audisp/audispd.c -index 0902a073..e4e49087 100644 ---- a/audisp/audispd.c -+++ b/audisp/audispd.c -@@ -37,6 +37,9 @@ - #include - #include - #include -+#ifdef HAVE_ATOMIC -+#include -+#endif - - #include "audispd-pconfig.h" - #include "audispd-config.h" -@@ -46,8 +49,8 @@ - #include "private.h" - - /* Global Data */ --static volatile int stop = 0; --volatile int disp_hup = 0; -+static volatile ATOMIC_INT stop = 0; -+volatile ATOMIC_INT disp_hup = 0; - - /* Local data */ - static daemon_conf_t daemon_config; -diff --git a/audisp/queue.c b/audisp/queue.c -index 8bd20ea1..183a5af8 100644 ---- a/audisp/queue.c -+++ b/audisp/queue.c -@@ -25,17 +25,20 @@ - #include - #include - #include -+#ifdef HAVE_ATOMIC -+#include -+#endif - #include "queue.h" - - static volatile event_t **q; - static pthread_mutex_t queue_lock; - static pthread_cond_t queue_nonempty; --static unsigned int q_next, q_last, q_depth, processing_suspended; --static unsigned int currently_used, max_used, overflowed; -+static unsigned int q_next, q_last, q_depth, processing_suspended, overflowed; -+static ATOMIC_UNSIGNED currently_used, max_used; - static const char *SINGLE = "1"; - static const char *HALT = "0"; - static int queue_full_warning = 0; --extern volatile int disp_hup; -+extern volatile ATOMIC_INT disp_hup; - #define QUEUE_FULL_LIMIT 5 - - void reset_suspended(void) -diff --git a/configure.ac b/configure.ac -index f0650f3f..969d36e8 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -89,8 +89,10 @@ AC_LINK_IFELSE( - AC_CHECK_HEADERS([stdatomic.h], [ - AC_DEFINE([HAVE_ATOMIC], 1, [Define to 1 if you have the header file.]) - AC_DEFINE([ATOMIC_INT], atomic_int, [Define atomic_int if you have the header file.]) -+ AC_DEFINE([ATOMIC_UNSIGNED], atomic_uint, [Define atomic_uint if you have the header file.]) - ], [ - AC_DEFINE([ATOMIC_INT], int, [Define to the type of an int if is not available.]) -+ AC_DEFINE([ATOMIC_UNSIGNED], unsigned, [Define to the type of an unsigned if is not available.]) - ]) - AC_MSG_CHECKING(__attr_access support) - AC_COMPILE_IFELSE( --- -2.33.0 - diff --git a/backport-add-some-error-checking-around-timer-services.patch b/backport-add-some-error-checking-around-timer-services.patch deleted file mode 100644 index a68419a1d779abc9aeebec2b24cc78a59017e2ab..0000000000000000000000000000000000000000 --- a/backport-add-some-error-checking-around-timer-services.patch +++ /dev/null @@ -1,131 +0,0 @@ -From 5490ce232729fecc114fd5b492344afd8d78c89d Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 24 May 2025 15:21:45 -0400 -Subject: [PATCH] add some error checking around timer services - ---- - audisp/plugins/ids/nvpair.c | 6 +++++- - audisp/plugins/ids/nvpair.h | 2 +- - audisp/plugins/ids/reactions.c | 8 ++------ - audisp/plugins/ids/timer-services.c | 16 +++++++++++++--- - audisp/plugins/ids/timer-services.h | 2 +- - 5 files changed, 22 insertions(+), 12 deletions(-) - -diff --git a/audisp/plugins/ids/nvpair.c b/audisp/plugins/ids/nvpair.c -index a62ab86e4..9ad24cb88 100644 ---- a/audisp/plugins/ids/nvpair.c -+++ b/audisp/plugins/ids/nvpair.c -@@ -46,9 +46,11 @@ void nvpair_list_create(nvlist *l) - return l->cur; - }*/ - --void nvpair_list_append(nvlist *l, nvnode *node) -+int nvpair_list_append(nvlist *l, nvnode *node) - { - nvnode* newnode = malloc(sizeof(nvnode)); -+ if (newnode == NULL) -+ return 1; - - newnode->arg = node->arg; - newnode->job = node->job; -@@ -70,6 +72,8 @@ void nvpair_list_append(nvlist *l, nvnode *node) - // make newnode current - l->cur = newnode; - l->cnt++; -+ -+ return 0; - } - - int nvpair_list_find_job(nvlist *l, time_t t) -diff --git a/audisp/plugins/ids/nvpair.h b/audisp/plugins/ids/nvpair.h -index e93e9be51..45d9a85c7 100644 ---- a/audisp/plugins/ids/nvpair.h -+++ b/audisp/plugins/ids/nvpair.h -@@ -51,7 +51,7 @@ void nvpair_list_create(nvlist *l); - static inline void nvlist_first(nvlist *l) { l->cur = l->head; } - //nvnode *nvlist_next(nvlist *l); - static inline nvnode *nvpair_list_get_cur(nvlist *l) { return l->cur; } --void nvpair_list_append(nvlist *l, nvnode *node); -+int nvpair_list_append(nvlist *l, nvnode *node); - void nvpair_list_delete_cur(nvlist *l); - void nvpair_list_clear(nvlist* l); - -diff --git a/audisp/plugins/ids/reactions.c b/audisp/plugins/ids/reactions.c -index 43f6f08dd..2d7ae9881 100644 ---- a/audisp/plugins/ids/reactions.c -+++ b/audisp/plugins/ids/reactions.c -@@ -206,9 +206,7 @@ int lock_account_timed(const char *acct, unsigned long length) - if (rc) - return rc; - -- add_timer_job(UNLOCK_ACCOUNT, acct, length); -- -- return 0; -+ return add_timer_job(UNLOCK_ACCOUNT, acct, length); - } - - int block_ip_address(const char *addr) -@@ -227,9 +225,7 @@ int block_ip_address_timed(const char *addr, unsigned long length) - if (rc) - return rc; - -- add_timer_job(UNBLOCK_ADDRESS, addr, length); -- -- return 0; -+ return add_timer_job(UNBLOCK_ADDRESS, addr, length); - } - - #define MINUTES 60 -diff --git a/audisp/plugins/ids/timer-services.c b/audisp/plugins/ids/timer-services.c -index 773e077d4..ca3d68c59 100644 ---- a/audisp/plugins/ids/timer-services.c -+++ b/audisp/plugins/ids/timer-services.c -@@ -25,6 +25,7 @@ - #include - #include - #include // for snprintf -+#include // for free - #include "timer-services.h" - #include "nvpair.h" - #include "reactions.h" -@@ -88,15 +89,24 @@ void do_timer_services(unsigned int interval) - } - } - --void add_timer_job(jobs_t job, const char *arg, unsigned long length) -+int add_timer_job(jobs_t job, const char *arg, unsigned long length) - { - nvnode node; - - node.job = job; -- node.arg = strdup(arg); - node.expiration = time(NULL) + length; -+ node.arg = strdup(arg); -+ if (node.arg == NULL) { -+ if (debug) -+ my_printf("timer-services: strdup failed adding job"); -+ return 1; -+ } - -- nvpair_list_append(&jobs, &node); -+ if (nvpair_list_append(&jobs, &node)) { -+ free(node.arg); -+ return 1; -+ } -+ return 0; - } - - void shutdown_timer_services(void) -diff --git a/audisp/plugins/ids/timer-services.h b/audisp/plugins/ids/timer-services.h -index 8a13c15a3..03fca14a3 100644 ---- a/audisp/plugins/ids/timer-services.h -+++ b/audisp/plugins/ids/timer-services.h -@@ -28,7 +28,7 @@ typedef enum {UNLOCK_ACCOUNT, UNBLOCK_ADDRESS} jobs_t; - - void init_timer_services(void); - void do_timer_services(unsigned int interval); --void add_timer_job(jobs_t job, const char *arg, unsigned long length); -+int add_timer_job(jobs_t job, const char *arg, unsigned long length); - void shutdown_timer_services(void); - - #endif diff --git a/backport-adding-the-file-descriptor-closure.patch b/backport-adding-the-file-descriptor-closure.patch deleted file mode 100644 index 49d846a9847307e114f77085f6cdb91d422fc9fc..0000000000000000000000000000000000000000 --- a/backport-adding-the-file-descriptor-closure.patch +++ /dev/null @@ -1,27 +0,0 @@ -From 5eef876b3eb2fa3348be6cd31bd651a98b164deb Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Wed, 27 Mar 2024 17:34:33 +0300 -Subject: [PATCH] adding the file descriptor closure - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/5eef876b3eb2fa3348be6cd31bd651a98b164deb - ---- - src/auditctl.c | 1 + - 1 file changed, 1 insertion(+) - -diff --git a/src/auditctl.c b/src/auditctl.c -index 503b4e2b..7949d95c 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -1393,6 +1393,7 @@ static int fileopt(const char *file) - fields = malloc(nf * sizeof(char *)); - if (fields == NULL) { - audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); -+ fclose(f); - return 1; - } - --- -2.33.0 - diff --git a/backport-ausearch-format-Fix-display-of-renamed-file-411.patch b/backport-ausearch-format-Fix-display-of-renamed-file-411.patch deleted file mode 100644 index e7d2cfd158f79a7d735ec3b090055642ab7c56b8..0000000000000000000000000000000000000000 --- a/backport-ausearch-format-Fix-display-of-renamed-file-411.patch +++ /dev/null @@ -1,48 +0,0 @@ -From 7cdcfd30c6122acc6b2e54e1ad8cd1a12dd537d2 Mon Sep 17 00:00:00 2001 -From: Attila Lakatos -Date: Mon, 21 Oct 2024 04:25:37 +0200 -Subject: [PATCH] ausearch format: Fix display of renamed file (#411) -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -In some cases, ausearch was not correctly showing -the new name of a renamed file when searching for -audit events. If the target file didn’t exist prior -to the rename, ausearch was unable to parse the new -file name. This occurred because ausearch attempted -to retrieve this information from the 7th record, -which is absent when the target file does not exist. ---- - auparse/normalize.c | 15 ++++++++++++++- - 1 file changed, 14 insertions(+), 1 deletion(-) - -diff --git a/auparse/normalize.c b/auparse/normalize.c -index 036c0b86..f1a07d18 100644 ---- a/auparse/normalize.c -+++ b/auparse/normalize.c -@@ -693,7 +693,20 @@ static int normalize_syscall(auparse_state_t *au, const char *syscall) - case NORM_FILE_RENAME: - act = "renamed"; - D.thing.what = NORM_WHAT_FILE; // this gets overridden -- set_prime_object2(au, "name", 4); -+ /* A sucessfull syscall from the rename family will provide -+ * the following items: -+ * 0 - new dir, in which the file will be located -+ * 1 - old dir, in which the file was located -+ * 2 - old name, the name of the original file -+ * if the file was already present in the new dir: -+ * 3 - removal of the new file -+ * 4 - creation of the new file -+ * otherwise: -+ * 3 - creation of the new file -+ */ -+ -+ // The 3rd record will always contain the name of the new file -+ set_prime_object2(au, "name", 3); - set_file_object(au, 2); // Thing renamed is 2 after - simple_file_attr(au); - break; --- -2.33.0 - diff --git a/backport-ausearch-parse-fix-parsing-for-success-uid-in-parse_.patch b/backport-ausearch-parse-fix-parsing-for-success-uid-in-parse_.patch deleted file mode 100644 index faf1f73232db28ddfcb8b7826c12d6097fe5f0be..0000000000000000000000000000000000000000 --- a/backport-ausearch-parse-fix-parsing-for-success-uid-in-parse_.patch +++ /dev/null @@ -1,43 +0,0 @@ -From f97f0579fafcd9fc58d892699a22ae7ee68aeff3 Mon Sep 17 00:00:00 2001 -From: Sergio Correia -Date: Mon, 16 Dec 2024 09:06:13 +0000 -Subject: [PATCH] ausearch-parse: fix parsing for success/uid in - parse_daemon1() (#394) - -In parse_daemon1(), we may have the uid= field appear both before and -after pid=, which may cause our parsing of it to fail, as we may have -skipped past it. For uid=, let us search from the beginning. - -Example for this case: - -type=DAEMON_END msg=audit(1709723032.140:753): op=terminate auid=0 uid=0 ses=8 pid=107086 subj=unconfined_u:unconfined_r:unconfined_t:s0-s0:c0.c1023 res=success - -ausearch -if sample.log -a 753 -m DAEMON_END -ui 0 --session 8 -p 107086 --success yes - -Signed-off-by: Sergio Correia - -Reference:https://github.com/linux-audit/audit-userspace/commit/f97f0579fafcd9fc58d892699a22ae7ee68aeff3 -Conflict:NA - ---- - src/ausearch-parse.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 4c9bef0d..e15396d7 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -1549,7 +1549,9 @@ static int parse_daemon1(const lnode *n, search_items *s) - - // uid - optional - if (event_uid != -1) { -- ptr = term; -+ // As the uid= field may happen in different orders, e.g. both before -+ // and after pid=, let us search for the uid from the beginning. -+ term = mptr; - str = strstr(term, " uid="); - if (str) { - ptr = str + 5; --- -2.33.0 - diff --git a/backport-avoiding-of-NULL-pointers-dereference-366.patch b/backport-avoiding-of-NULL-pointers-dereference-366.patch deleted file mode 100644 index 9d630bfd8aeb372aca66312991b6f9b99486f735..0000000000000000000000000000000000000000 --- a/backport-avoiding-of-NULL-pointers-dereference-366.patch +++ /dev/null @@ -1,41 +0,0 @@ -From 4780cd1a790286213dda646f782fa7128fb092a9 Mon Sep 17 00:00:00 2001 -From: Yugend <77495782+Yugend@users.noreply.github.com> -Date: Sat, 4 May 2024 00:39:36 +0300 -Subject: [PATCH] avoiding of NULL pointers dereference (#366) - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/4780cd1a790286213dda646f782fa7128fb092a9 - ---- - src/ausearch-parse.c | 8 ++++++++ - 1 file changed, 8 insertions(+) - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 1a5b047f..be57606b 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -719,6 +719,10 @@ static int common_path_parser(search_items *s, char *path) - // append - snode sn; - sn.str = strdup(path); -+ if (sn.str == NULL) { -+ fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__); -+ return 8; -+ } - sn.key = NULL; - sn.hits = 1; - // Attempt to rebuild path if relative -@@ -1217,6 +1221,10 @@ skip: - saved = *term; - *term = 0; - s->hostname = strdup(str); -+ if (s->hostname == NULL) { -+ fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__); -+ return 33; -+ } - *term = saved; - - // Lets see if there is something more --- -2.33.0 - diff --git a/backport-cllist_append-append-improvement.patch b/backport-cllist_append-append-improvement.patch deleted file mode 100644 index d90a3769ed57f8c8c799ca704f1f253eee7fb609..0000000000000000000000000000000000000000 --- a/backport-cllist_append-append-improvement.patch +++ /dev/null @@ -1,62 +0,0 @@ -From 1a483c71b09dc885ddfaa9518117e62b09bb0b04 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Thu, 19 Jun 2025 12:31:38 -0400 -Subject: [PATCH] cllist_append append improvement - -cllist_append() depends on cur always pointing to the tail; appending -after list traversal may corrupt the list. A dedicated tail pointer -would avoid misuse. - ---- - auparse/normalize-llist.c | 7 +++++-- - auparse/normalize-llist.h | 1 + - 2 files changed, 6 insertions(+), 2 deletions(-) - -diff --git a/auparse/normalize-llist.c b/auparse/normalize-llist.c -index 433c457..253c5e5 100644 ---- a/auparse/normalize-llist.c -+++ b/auparse/normalize-llist.c -@@ -28,6 +28,7 @@ void cllist_create(cllist *l, void (*cleanup)(void *)) - { - l->head = NULL; - l->cur = NULL; -+ l->tail = NULL; - l->cleanup = cleanup; - l->cnt = 0; - } -@@ -50,6 +51,7 @@ void cllist_clear(cllist *l) - } - l->head = NULL; - l->cur = NULL; -+ l->tail = NULL; - l->cnt = 0; - } - -@@ -79,9 +81,10 @@ void cllist_append(cllist *l, uint32_t num, void *data) - if (l->head == NULL) - l->head = newnode; - else // Otherwise add pointer to newnode -- l->cur->next = newnode; -+ l->tail->next = newnode; - -- // make newnode current -+ // update tail and make newnode current -+ l->tail = newnode; - l->cur = newnode; - l->cnt++; - } -diff --git a/auparse/normalize-llist.h b/auparse/normalize-llist.h -index 3f2e3fb..6e3a8d5 100644 ---- a/auparse/normalize-llist.h -+++ b/auparse/normalize-llist.h -@@ -41,6 +41,7 @@ typedef struct _data_node { - typedef struct { - data_node *head; // List head - data_node *cur; // Pointer to current node -+ data_node *tail; // Pointer to last node - void (*cleanup)(void *); // Function to call when releasing memory - unsigned int cnt; // How many items in this list - } cllist; --- -2.43.0 - diff --git a/backport-code-cleanup-constification-deadcode-removal-lower-s.patch b/backport-code-cleanup-constification-deadcode-removal-lower-s.patch deleted file mode 100644 index c3c7def0f13ab7c163b52bd9fa9e919ab2d3970b..0000000000000000000000000000000000000000 --- a/backport-code-cleanup-constification-deadcode-removal-lower-s.patch +++ /dev/null @@ -1,1196 +0,0 @@ -From 0ed54fc841e4deeeb07ece3ec5933320623ad209 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 4 Nov 2023 15:46:35 -0400 -Subject: [PATCH] code cleanup - constification, deadcode removal, lower scopes - ---- - src/auditctl-listing.c | 2 +- - src/auditctl-listing.h | 2 +- - src/auditctl-llist.c | 2 +- - src/auditctl-llist.h | 4 +- - src/auditctl.c | 12 +-- - src/auditd-config.c | 199 +++++++++++++++++++---------------------- - src/auditd-config.h | 4 - - src/auditd-dispatch.h | 1 - - src/auditd-event.c | 5 +- - src/auditd-event.h | 5 +- - src/auditd-listen.c | 11 ++- - src/auditd-listen.h | 2 +- - src/auditd-reconfig.c | 5 -- - src/aureport-options.c | 4 +- - src/aureport-options.h | 2 - - src/aureport-scan.c | 4 +- - src/ausearch-avc.h | 2 +- - src/ausearch-int.h | 2 +- - src/ausearch-lol.h | 1 - - src/ausearch-lookup.c | 6 +- - src/ausearch-lookup.h | 1 - - src/ausearch-nvpair.c | 8 -- - src/ausearch-nvpair.h | 2 - - src/ausearch-options.c | 2 +- - src/ausearch-parse.c | 2 +- - src/ausearch-string.c | 2 +- - src/ausearch-string.h | 4 +- - src/ausearch-time.c | 2 +- - 28 files changed, 131 insertions(+), 167 deletions(-) - -diff --git a/src/auditctl-listing.c b/src/auditctl-listing.c -index d9a3da2..9c32267 100644 ---- a/src/auditctl-listing.c -+++ b/src/auditctl-listing.c -@@ -562,7 +562,7 @@ static const char *get_failure(unsigned f) - * 0 if no more should be read and 1 to indicate that more messages of this - * type may need to be read. - */ --int audit_print_reply(struct audit_reply *rep, int fd) -+int audit_print_reply(const struct audit_reply *rep, int fd) - { - _audit_elf = 0; - -diff --git a/src/auditctl-listing.h b/src/auditctl-listing.h -index 9bc28f0..f8b77db 100644 ---- a/src/auditctl-listing.h -+++ b/src/auditctl-listing.h -@@ -29,7 +29,7 @@ - #include "libaudit.h" - - void audit_print_init(void); --int audit_print_reply(struct audit_reply *rep, int fd); -+int audit_print_reply(const struct audit_reply *rep, int fd); - int key_match(const struct audit_rule_data *r); - - #endif -diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c -index 481502d..5282ee3 100644 ---- a/src/auditctl-llist.c -+++ b/src/auditctl-llist.c -@@ -59,7 +59,7 @@ lnode *list_next(llist *l) - return l->cur; - } - --void list_append(llist *l, struct audit_rule_data *r, size_t sz) -+void list_append(llist *l, const struct audit_rule_data *r, size_t sz) - { - lnode* newnode; - -diff --git a/src/auditctl-llist.h b/src/auditctl-llist.h -index 630be08..c8f60df 100644 ---- a/src/auditctl-llist.h -+++ b/src/auditctl-llist.h -@@ -49,8 +49,8 @@ void list_create(llist *l); - void list_first(llist *l); - void list_last(llist *l); - lnode *list_next(llist *l); --static inline lnode *list_get_cur(llist *l) { return l->cur; } --void list_append(llist *l, struct audit_rule_data *r, size_t sz); -+static inline lnode *list_get_cur(const llist *l) { return l->cur; } -+void list_append(llist *l, const struct audit_rule_data *r, size_t sz); - void list_clear(llist* l); - - #endif -diff --git a/src/auditctl.c b/src/auditctl.c -index 74fd714..088e64e 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -295,7 +295,7 @@ static int audit_setup_watch_name(struct audit_rule_data **rulep, char *path) - * Setup a watch permissions. - * Returns a 1 on success & -1 on failure. - */ --static int audit_setup_perms(struct audit_rule_data *rule, const char *opt) -+static int audit_setup_perms(const char *opt) - { - unsigned int i, len, val = 0; - -@@ -543,10 +543,10 @@ static int parse_syscall(const char *optarg) - static int parse_io_uring(const char *optarg) - { - if (strchr(optarg, ',')) { -- int retval; -+ int retval = -1; - char *saved, *ptr, *tmp = strdup(optarg); - if (tmp == NULL) -- return -1; -+ return retval; - ptr = strtok_r(tmp, ",", &saved); - while (ptr) { - retval = audit_rule_io_uringbyname_data(rule_new, ptr); -@@ -561,7 +561,7 @@ static int parse_io_uring(const char *optarg) - } - #endif - --static struct option long_opts[] = -+static const struct option long_opts[] = - { - #if HAVE_DECL_AUDIT_FEATURE_VERSION == 1 - {"loginuid-immutable", 0, NULL, 1}, -@@ -1071,7 +1071,7 @@ process_keys: - audit_msg(LOG_ERR, "permission option needs a filter"); - retval = -1; - } else -- retval = audit_setup_perms(rule_new, optarg); -+ retval = audit_setup_perms(optarg); - break; - case 'q': - if (_audit_syscalladded) { -@@ -1263,7 +1263,7 @@ static void preprocess(char *buf) - } - - --void postprocess(char *buf) -+static void postprocess(char *buf) - { - char *str = strdup(buf); - char *pos1 = str; -diff --git a/src/auditd-config.c b/src/auditd-config.c -index 2d43e34..6a860fa 100644 ---- a/src/auditd-config.c -+++ b/src/auditd-config.c -@@ -67,83 +67,83 @@ static char *get_line(FILE *f, char *buf, unsigned size, int *lineno, - const char *file); - static int nv_split(char *buf, struct nv_pair *nv); - static const struct kw_pair *kw_lookup(const char *val); --static int local_events_parser(struct nv_pair *nv, int line, -+static int local_events_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int write_logs_parser(struct nv_pair *nv, int line, -+static int write_logs_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int log_file_parser(struct nv_pair *nv, int line, -+static int log_file_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int num_logs_parser(struct nv_pair *nv, int line, -+static int num_logs_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int log_group_parser(struct nv_pair *nv, int line, -+static int log_group_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int qos_parser(struct nv_pair *nv, int line, -+static int qos_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int dispatch_parser(struct nv_pair *nv, int line, -+static int dispatch_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int name_format_parser(struct nv_pair *nv, int line, -+static int name_format_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int name_parser(struct nv_pair *nv, int line, -+static int name_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int max_log_size_parser(struct nv_pair *nv, int line, -+static int max_log_size_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int max_log_size_action_parser(struct nv_pair *nv, int line, -+static int max_log_size_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int log_format_parser(struct nv_pair *nv, int line, -+static int log_format_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int flush_parser(struct nv_pair *nv, int line, -+static int flush_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int freq_parser(struct nv_pair *nv, int line, -+static int freq_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int space_left_parser(struct nv_pair *nv, int line, -+static int space_left_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int space_action_parser(struct nv_pair *nv, int line, -+static int space_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int action_mail_acct_parser(struct nv_pair *nv, int line, -+static int action_mail_acct_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int verify_email_parser(struct nv_pair *nv, int line, -+static int verify_email_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int admin_space_left_parser(struct nv_pair *nv, int line, -+static int admin_space_left_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int admin_space_left_action_parser(struct nv_pair *nv, int line, -+static int admin_space_left_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int disk_full_action_parser(struct nv_pair *nv, int line, -+static int disk_full_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int disk_error_action_parser(struct nv_pair *nv, int line, -+static int disk_error_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int priority_boost_parser(struct nv_pair *nv, int line, -+static int priority_boost_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int tcp_listen_port_parser(struct nv_pair *nv, int line, -+static int tcp_listen_port_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int tcp_listen_queue_parser(struct nv_pair *nv, int line, -+static int tcp_listen_queue_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int tcp_max_per_addr_parser(struct nv_pair *nv, int line, -+static int tcp_max_per_addr_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int use_libwrap_parser(struct nv_pair *nv, int line, -+static int use_libwrap_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int tcp_client_ports_parser(struct nv_pair *nv, int line, -+static int tcp_client_ports_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int tcp_client_max_idle_parser(struct nv_pair *nv, int line, -+static int tcp_client_max_idle_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int transport_parser(struct nv_pair *nv, int line, -+static int transport_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int enable_krb5_parser(struct nv_pair *nv, int line, -+static int enable_krb5_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int krb5_principal_parser(struct nv_pair *nv, int line, -+static int krb5_principal_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int krb5_key_file_parser(struct nv_pair *nv, int line, -+static int krb5_key_file_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int distribute_network_parser(struct nv_pair *nv, int line, -+static int distribute_network_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int q_depth_parser(struct nv_pair *nv, int line, -+static int q_depth_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int overflow_action_parser(struct nv_pair *nv, int line, -+static int overflow_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int max_restarts_parser(struct nv_pair *nv, int line, -+static int max_restarts_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int plugin_dir_parser(struct nv_pair *nv, int line, -+static int plugin_dir_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); --static int eoe_timeout_parser(struct nv_pair *nv, int line, -+static int eoe_timeout_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config); - static int sanity_check(struct daemon_conf *config); - -@@ -274,7 +274,6 @@ static int allow_links = 0; - static const char *config_dir = NULL; - static char *config_file = NULL; - -- - void set_allow_links(int allow) - { - allow_links = allow; -@@ -290,16 +289,6 @@ int set_config_dir(const char *val) - return 0; - } - --const char *get_config_dir(void) --{ -- /* This function is used to determine if audispd is started with -- * a -c parameter followed by the config_dir location. If we are -- * using the standard location, do not pass back a location. */ -- if (config_file && strcmp(config_file, CONFIG_FILE) == 0) -- return NULL; -- return config_dir; --} -- - /* - * Set everything to its default value - */ -@@ -578,7 +567,7 @@ static const struct kw_pair *kw_lookup(const char *val) - return &keywords[i]; - } - --static int local_events_parser(struct nv_pair *nv, int line, -+static int local_events_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - unsigned long i; -@@ -596,7 +585,7 @@ static int local_events_parser(struct nv_pair *nv, int line, - return 1; - } - --static int write_logs_parser(struct nv_pair *nv, int line, -+static int write_logs_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - unsigned long i; -@@ -614,7 +603,7 @@ static int write_logs_parser(struct nv_pair *nv, int line, - return 1; - } - --static int log_file_parser(struct nv_pair *nv, int line, -+static int log_file_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - char *dir = NULL, *tdir; -@@ -695,7 +684,7 @@ finish_up: - return 0; - } - --static int num_logs_parser(struct nv_pair *nv, int line, -+static int num_logs_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -705,7 +694,7 @@ static int num_logs_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -730,7 +719,7 @@ static int num_logs_parser(struct nv_pair *nv, int line, - return 0; - } - --static int qos_parser(struct nv_pair *nv, int line, -+static int qos_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_WARNING, "The disp_qos option is deprecated - line %d", -@@ -738,7 +727,7 @@ static int qos_parser(struct nv_pair *nv, int line, - return 0; - } - --static int dispatch_parser(struct nv_pair *nv, int line, -+static int dispatch_parser(const const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG, "dispatch_parser called with: %s", nv->value); -@@ -747,7 +736,7 @@ static int dispatch_parser(struct nv_pair *nv, int line, - return 0; - } - --static int name_format_parser(struct nv_pair *nv, int line, -+static int name_format_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -763,7 +752,7 @@ static int name_format_parser(struct nv_pair *nv, int line, - return 1; - } - --static int name_parser(struct nv_pair *nv, int line, -+static int name_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG, "name_parser called with: %s", nv->value); -@@ -774,7 +763,7 @@ static int name_parser(struct nv_pair *nv, int line, - return 0; - } - --static int max_log_size_parser(struct nv_pair *nv, int line, -+static int max_log_size_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -784,7 +773,7 @@ static int max_log_size_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -805,7 +794,7 @@ static int max_log_size_parser(struct nv_pair *nv, int line, - return 0; - } - --static int max_log_size_action_parser(struct nv_pair *nv, int line, -+static int max_log_size_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -822,7 +811,7 @@ static int max_log_size_action_parser(struct nv_pair *nv, int line, - return 1; - } - --static int log_format_parser(struct nv_pair *nv, int line, -+static int log_format_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -846,14 +835,14 @@ static int log_format_parser(struct nv_pair *nv, int line, - return 1; - } - --static int log_group_parser(struct nv_pair *nv, int line, -+static int log_group_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - gid_t gid = 0; - - audit_msg(LOG_DEBUG, "log_group_parser called with: %s", - nv->value); -- if (isdigit(nv->value[0])) { -+ if (isdigit((unsigned char)nv->value[0])) { - errno = 0; - gid = strtoul(nv->value,NULL,10); - if (errno) { -@@ -878,7 +867,7 @@ static int log_group_parser(struct nv_pair *nv, int line, - return 0; - } - --static int flush_parser(struct nv_pair *nv, int line, -+static int flush_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -894,7 +883,7 @@ static int flush_parser(struct nv_pair *nv, int line, - return 1; - } - --static int freq_parser(struct nv_pair *nv, int line, -+static int freq_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -904,7 +893,7 @@ static int freq_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -932,7 +921,7 @@ static int freq_parser(struct nv_pair *nv, int line, - return 0; - } - --static int space_left_parser(struct nv_pair *nv, int line, -+static int space_left_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - char *p, *ptr = (char *)nv->value; -@@ -944,7 +933,7 @@ static int space_left_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i]) && ptr[i] != '%') { -+ if (!isdigit((unsigned char)ptr[i]) && ptr[i] != '%') { - audit_msg(LOG_ERR, - "Value %c %s should only be numbers or percent - line %d", - ptr[i],nv->value, line); -@@ -1027,7 +1016,7 @@ static int check_exe_name(const char *val, int line) - return 0; - } - --static int space_action_parser(struct nv_pair *nv, int line, -+static int space_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1121,7 +1110,7 @@ static int validate_email(const char *acct) - return 0; - } - --static int action_mail_acct_parser(struct nv_pair *nv, int line, -+static int action_mail_acct_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - char *tmail; -@@ -1144,7 +1133,7 @@ static int action_mail_acct_parser(struct nv_pair *nv, int line, - return 0; - } - --static int verify_email_parser(struct nv_pair *nv, int line, -+static int verify_email_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - unsigned long i; -@@ -1162,7 +1151,7 @@ static int verify_email_parser(struct nv_pair *nv, int line, - return 1; - } - --static int admin_space_left_parser(struct nv_pair *nv, int line, -+static int admin_space_left_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - char *p, *ptr = (char *)nv->value; -@@ -1175,7 +1164,7 @@ static int admin_space_left_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i]) && ptr[i] != '%') { -+ if (!isdigit((unsigned char)ptr[i]) && ptr[i] != '%') { - audit_msg(LOG_ERR, - "Value %c %s should only be numbers or percent - line %d", - ptr[i],nv->value, line); -@@ -1212,7 +1201,7 @@ static int admin_space_left_parser(struct nv_pair *nv, int line, - return 0; - } - --static int admin_space_left_action_parser(struct nv_pair *nv, int line, -+static int admin_space_left_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1242,7 +1231,7 @@ static int admin_space_left_action_parser(struct nv_pair *nv, int line, - return 1; - } - --static int disk_full_action_parser(struct nv_pair *nv, int line, -+static int disk_full_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1269,7 +1258,7 @@ static int disk_full_action_parser(struct nv_pair *nv, int line, - return 1; - } - --static int disk_error_action_parser(struct nv_pair *nv, int line, -+static int disk_error_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1297,7 +1286,7 @@ static int disk_error_action_parser(struct nv_pair *nv, int line, - return 1; - } - --static int priority_boost_parser(struct nv_pair *nv, int line, -+static int priority_boost_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1308,7 +1297,7 @@ static int priority_boost_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1336,7 +1325,7 @@ static int priority_boost_parser(struct nv_pair *nv, int line, - return 0; - } - --static int tcp_listen_port_parser(struct nv_pair *nv, int line, -+static int tcp_listen_port_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1353,7 +1342,7 @@ static int tcp_listen_port_parser(struct nv_pair *nv, int line, - #else - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1388,7 +1377,7 @@ static int tcp_listen_port_parser(struct nv_pair *nv, int line, - #endif - } - --static int tcp_listen_queue_parser(struct nv_pair *nv, int line, -+static int tcp_listen_queue_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1405,7 +1394,7 @@ static int tcp_listen_queue_parser(struct nv_pair *nv, int line, - #else - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1443,7 +1432,7 @@ static int tcp_listen_queue_parser(struct nv_pair *nv, int line, - } - - --static int tcp_max_per_addr_parser(struct nv_pair *nv, int line, -+static int tcp_max_per_addr_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1460,7 +1449,7 @@ static int tcp_max_per_addr_parser(struct nv_pair *nv, int line, - #else - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1497,7 +1486,7 @@ static int tcp_max_per_addr_parser(struct nv_pair *nv, int line, - #endif - } - --static int use_libwrap_parser(struct nv_pair *nv, int line, -+static int use_libwrap_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - unsigned long i; -@@ -1515,7 +1504,7 @@ static int use_libwrap_parser(struct nv_pair *nv, int line, - return 1; - } - --static int tcp_client_ports_parser(struct nv_pair *nv, int line, -+static int tcp_client_ports_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1537,7 +1526,7 @@ static int tcp_client_ports_parser(struct nv_pair *nv, int line, - saw_dash = ptr + i; - continue; - } -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers, or " - "two numbers separated by a dash - line %d", -@@ -1546,7 +1535,7 @@ static int tcp_client_ports_parser(struct nv_pair *nv, int line, - } - } - for (; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers, or " - "two numbers separated by a dash - line %d", -@@ -1598,7 +1587,7 @@ static int tcp_client_ports_parser(struct nv_pair *nv, int line, - #endif - } - --static int tcp_client_max_idle_parser(struct nv_pair *nv, int line, -+static int tcp_client_max_idle_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1615,7 +1604,7 @@ static int tcp_client_max_idle_parser(struct nv_pair *nv, int line, - #else - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1646,7 +1635,7 @@ static int tcp_client_max_idle_parser(struct nv_pair *nv, int line, - #endif - } - --static int transport_parser(struct nv_pair *nv, int line, -+static int transport_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1664,7 +1653,7 @@ static int transport_parser(struct nv_pair *nv, int line, - return 1; - } - --static int enable_krb5_parser(struct nv_pair *nv, int line, -+static int enable_krb5_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG, "enable_krb5_parser called with: %s", -@@ -1690,7 +1679,7 @@ static int enable_krb5_parser(struct nv_pair *nv, int line, - #endif - } - --static int krb5_principal_parser(struct nv_pair *nv, int line, -+static int krb5_principal_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG,"krb5_principal_parser called with: %s",nv->value); -@@ -1704,7 +1693,7 @@ static int krb5_principal_parser(struct nv_pair *nv, int line, - return 0; - } - --static int krb5_key_file_parser(struct nv_pair *nv, int line, -+static int krb5_key_file_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG, "krb5_key_file_parser called with: %s", nv->value); -@@ -1718,7 +1707,7 @@ static int krb5_key_file_parser(struct nv_pair *nv, int line, - return 0; - } - --static int distribute_network_parser(struct nv_pair *nv, int line, -+static int distribute_network_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - unsigned long i; -@@ -1737,7 +1726,7 @@ static int distribute_network_parser(struct nv_pair *nv, int line, - return 1; - } - --static int q_depth_parser(struct nv_pair *nv, int line, -+static int q_depth_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1747,7 +1736,7 @@ static int q_depth_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1774,7 +1763,7 @@ static int q_depth_parser(struct nv_pair *nv, int line, - return 0; - } - --static int overflow_action_parser(struct nv_pair *nv, int line, -+static int overflow_action_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - int i; -@@ -1792,7 +1781,7 @@ static int overflow_action_parser(struct nv_pair *nv, int line, - return 1; - } - --static int max_restarts_parser(struct nv_pair *nv, int line, -+static int max_restarts_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1803,7 +1792,7 @@ static int max_restarts_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -@@ -1830,7 +1819,7 @@ static int max_restarts_parser(struct nv_pair *nv, int line, - return 0; - } - --static int plugin_dir_parser(struct nv_pair *nv, int line, -+static int plugin_dir_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - audit_msg(LOG_DEBUG, "plugin_dir_parser called with: %s", nv->value); -@@ -1851,7 +1840,7 @@ static int plugin_dir_parser(struct nv_pair *nv, int line, - return 0; - } - --static int eoe_timeout_parser(struct nv_pair *nv, int line, -+static int eoe_timeout_parser(const struct nv_pair *nv, int line, - struct daemon_conf *config) - { - const char *ptr = nv->value; -@@ -1861,7 +1850,7 @@ static int eoe_timeout_parser(struct nv_pair *nv, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -diff --git a/src/auditd-config.h b/src/auditd-config.h -index 0bd69d6..dae6a50 100644 ---- a/src/auditd-config.h -+++ b/src/auditd-config.h -@@ -99,10 +99,7 @@ struct daemon_conf - }; - - void set_allow_links(int allow); -- --/* Return 0 on success. */ - int set_config_dir(const char *val); --const char *get_config_dir(void); - - int load_config(struct daemon_conf *config, log_test_t lt); - void clear_config(struct daemon_conf *config); -@@ -115,7 +112,6 @@ void init_config_manager(void); - #ifdef AUDITD_EVENT_H - int start_config_manager(struct auditd_event *e); - #endif --void shutdown_config(void); - void free_config(struct daemon_conf *config); - - #endif -diff --git a/src/auditd-dispatch.h b/src/auditd-dispatch.h -index 9dc2b2e..c5d63e1 100644 ---- a/src/auditd-dispatch.h -+++ b/src/auditd-dispatch.h -@@ -28,7 +28,6 @@ - - int dispatcher_pid(void); - void dispatcher_reaped(void); --int make_dispatcher_fd_private(void); - int init_dispatcher(const struct daemon_conf *config); - void shutdown_dispatcher(void); - void reconfigure_dispatcher(const struct daemon_conf *config); -diff --git a/src/auditd-event.c b/src/auditd-event.c -index b2a4726..1a81471 100644 ---- a/src/auditd-event.c -+++ b/src/auditd-event.c -@@ -95,6 +95,9 @@ static auparse_state_t *au = NULL; - #define FORMAT_BUF_LEN (MAX_AUDIT_MESSAGE_LENGTH + _POSIX_HOST_NAME_MAX) - #define MIN_SPACE_LEFT 24 - -+static inline int from_network(const struct auditd_event *e) -+{ if (e && e->ack_func) return 1; return 0; } -+ - int dispatch_network_events(void) - { - return config->distribute_network_events; -@@ -539,7 +542,7 @@ void enqueue_event(struct auditd_event *e) - - /* This function allocates memory and fills the event fields with - passed arguments. Caller must free memory. */ --struct auditd_event *create_event(char *msg, ack_func_type ack_func, -+struct auditd_event *create_event(const char *msg, ack_func_type ack_func, - void *ack_data, uint32_t sequence_id) - { - struct auditd_event *e; -diff --git a/src/auditd-event.h b/src/auditd-event.h -index dceff68..1f0b7ac 100644 ---- a/src/auditd-event.h -+++ b/src/auditd-event.h -@@ -37,9 +37,6 @@ struct auditd_event { - unsigned long sequence_id; - }; - --static inline int from_network(const struct auditd_event *e) --{ if (e && e->ack_func) return 1; return 0; } -- - #include "auditd-config.h" - - int dispatch_network_events(void); -@@ -51,7 +48,7 @@ void cleanup_event(struct auditd_event *e); - void format_event(struct auditd_event *e); - void enqueue_event(struct auditd_event *e); - void handle_event(struct auditd_event *e); --struct auditd_event *create_event(char *msg, ack_func_type ack_func, -+struct auditd_event *create_event(const char *msg, ack_func_type ack_func, - void *ack_data, uint32_t sequence_id); - - #endif -diff --git a/src/auditd-listen.c b/src/auditd-listen.c -index 6dbbb8c..cf92f2b 100644 ---- a/src/auditd-listen.c -+++ b/src/auditd-listen.c -@@ -55,7 +55,6 @@ - - #include "ev.h" - --extern volatile int stop; - extern int send_audit_event(int type, const char *str); - #define DEFAULT_BUF_SZ 192 - -@@ -91,7 +90,7 @@ static char *my_service_name, *my_gss_realm; - #define USE_GSS (transport == T_KRB5) - #endif - --static char *sockaddr_to_string(struct sockaddr_storage *addr) -+static char *sockaddr_to_string(const struct sockaddr_storage *addr) - { - static char buf[INET6_ADDRSTRLEN]; - -@@ -103,7 +102,7 @@ static char *sockaddr_to_string(struct sockaddr_storage *addr) - return buf; - } - --static unsigned int sockaddr_to_port(struct sockaddr_storage *addr) -+static unsigned int sockaddr_to_port(const struct sockaddr_storage *addr) - { - unsigned int rc; - -@@ -765,7 +764,7 @@ static int auditd_tcpd_check(int sock) - * a 1 if there are too many and a 0 otherwise. It assumes the incoming - * connection has not been added to the linked list yet. - */ --static int check_num_connections(struct sockaddr_storage *aaddr) -+static int check_num_connections(const struct sockaddr_storage *aaddr) - { - int num = 0; - struct ev_tcp *client = client_chain; -@@ -1169,7 +1168,7 @@ void auditd_tcp_listen_uninit(struct ev_loop *loop, struct daemon_conf *config) - transport = T_TCP; - } - --static void periodic_reconfigure(struct daemon_conf *config) -+static void periodic_reconfigure(const struct daemon_conf *config) - { - struct ev_loop *loop = ev_default_loop(EVFLAG_AUTO); - if (config->tcp_listen_port && config->tcp_client_max_idle) { -@@ -1181,7 +1180,7 @@ static void periodic_reconfigure(struct daemon_conf *config) - } - } - --void auditd_tcp_listen_reconfigure(struct daemon_conf *nconf, -+void auditd_tcp_listen_reconfigure(const struct daemon_conf *nconf, - struct daemon_conf *oconf) - { - use_libwrap = nconf->use_libwrap; -diff --git a/src/auditd-listen.h b/src/auditd-listen.h -index 4fb9c37..ed91d3d 100644 ---- a/src/auditd-listen.h -+++ b/src/auditd-listen.h -@@ -32,7 +32,7 @@ - int auditd_tcp_listen_init ( struct ev_loop *loop, struct daemon_conf *config ); - void auditd_tcp_listen_uninit ( struct ev_loop *loop, - struct daemon_conf *config ); --void auditd_tcp_listen_reconfigure ( struct daemon_conf *nconf, -+void auditd_tcp_listen_reconfigure ( const struct daemon_conf *nconf, - struct daemon_conf *oconf ); - void write_connection_state(FILE *f); - #else -diff --git a/src/auditd-reconfig.c b/src/auditd-reconfig.c -index 80611aa..7e6c412 100644 ---- a/src/auditd-reconfig.c -+++ b/src/auditd-reconfig.c -@@ -78,11 +78,6 @@ int start_config_manager(struct auditd_event *e) - return rc; - } - --void shutdown_config(void) --{ -- pthread_cancel(config_thread); --} -- - static void *config_thread_main(void *arg) - { - sigset_t sigs; -diff --git a/src/aureport-options.c b/src/aureport-options.c -index 2d9ccc8..7480c8a 100644 ---- a/src/aureport-options.c -+++ b/src/aureport-options.c -@@ -82,7 +82,7 @@ struct nv_pair { - const char *name; - }; - --enum { R_INFILE, R_TIME_END, R_TIME_START, R_VERSION, R_SUMMARY, R_LOG_TIMES, -+enum { R_INFILE, R_TIME_END, R_TIME_START, R_VERSION, R_LOG_TIMES, - R_CONFIGS, R_LOGINS, R_USERS, R_TERMINALS, R_HOSTS, R_EXES, R_FILES, - R_AVCS, R_SYSCALLS, R_PIDS, R_EVENTS, R_ACCT_MODS, - R_INTERPRET, R_HELP, R_ANOMALY, R_RESPONSE, R_SUMMARY_DET, R_CRYPTO, -@@ -90,7 +90,7 @@ enum { R_INFILE, R_TIME_END, R_TIME_START, R_VERSION, R_SUMMARY, R_LOG_TIMES, - R_KEYS, R_TTY, R_NO_CONFIG, R_COMM, R_VIRT, R_INTEG, R_ESCAPE, - R_DEBUG, R_EOE_TMO }; - --static struct nv_pair optiontab[] = { -+static const struct nv_pair optiontab[] = { - { R_AUTH, "-au" }, - { R_AUTH, "--auth" }, - { R_AVCS, "-a" }, -diff --git a/src/aureport-options.h b/src/aureport-options.h -index a559f64..9826398 100644 ---- a/src/aureport-options.h -+++ b/src/aureport-options.h -@@ -29,8 +29,6 @@ - #include "ausearch-common.h" - - /* Global variables that describe what search is to be performed */ --extern const char *event_context; -- - typedef enum { RPT_UNSET, RPT_TIME, RPT_SUMMARY, RPT_AVC, RPT_MAC, - RPT_CONFIG, RPT_EVENT, RPT_FILE, RPT_HOST, RPT_LOGIN, - RPT_ACCT_MOD, RPT_PID, RPT_SYSCALL, RPT_TERM, RPT_USER, -diff --git a/src/aureport-scan.c b/src/aureport-scan.c -index 4095e86..93f03d6 100644 ---- a/src/aureport-scan.c -+++ b/src/aureport-scan.c -@@ -112,7 +112,7 @@ void destroy_counters(void) - } - - /* This function will return 0 on no match and 1 on match */ --int classify_success(const llist *l) -+static int classify_success(const llist *l) - { - //printf("%d,succ=%d:%d\n", l->head->type, event_failed, l->s.success); - // If match only failed... -@@ -126,7 +126,7 @@ int classify_success(const llist *l) - } - - /* This function will return 0 on no match and 1 on match */ --int classify_conf(const llist *l) -+static int classify_conf(const llist *l) - { - int rc = 1; - extern int no_config; -diff --git a/src/ausearch-avc.h b/src/ausearch-avc.h -index 6739ffe..3796ed4 100644 ---- a/src/ausearch-avc.h -+++ b/src/ausearch-avc.h -@@ -53,7 +53,7 @@ typedef struct { - void alist_create(alist *l); - static inline void alist_first(alist *l) { l->cur = l->head; } - anode *alist_next(alist *l); --static inline anode *alist_get_cur(alist *l) { return l->cur; } -+static inline anode *alist_get_cur(const alist *l) { return l->cur; } - void alist_append(alist *l, anode *node); - void anode_init(anode *an); - void anode_clear(anode *an); -diff --git a/src/ausearch-int.h b/src/ausearch-int.h -index fea8499..d7fc740 100644 ---- a/src/ausearch-int.h -+++ b/src/ausearch-int.h -@@ -47,7 +47,7 @@ typedef struct { - void ilist_create(ilist *l); - static inline void ilist_first(ilist *l) { l->cur = l->head; } - int_node *ilist_next(ilist *l); --static inline int_node *ilist_get_cur(ilist *l) { return l->cur; } -+static inline int_node *ilist_get_cur(const ilist *l) { return l->cur; } - void ilist_append(ilist *l, int num, unsigned int hits, int aux); - void ilist_clear(ilist* l); - -diff --git a/src/ausearch-lol.h b/src/ausearch-lol.h -index bab0c81..427d083 100644 ---- a/src/ausearch-lol.h -+++ b/src/ausearch-lol.h -@@ -53,7 +53,6 @@ void complete_all_events(lol *lo); - llist* get_ready_event(lol *lo); - - void lol_set_eoe_timeout(time_t new_eoe_tmo); --void setup_userspace_configitems(); - - #endif - -diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c -index 09385c9..8af3e66 100644 ---- a/src/ausearch-lookup.c -+++ b/src/ausearch-lookup.c -@@ -110,7 +110,7 @@ const char *aulookup_syscall(llist *l, char *buf, size_t size) - } - - // See include/linux/net.h --static struct nv_pair socktab[] = { -+static const struct nv_pair socktab[] = { - {SYS_SOCKET, "socket"}, - {SYS_BIND, "bind"}, - {SYS_CONNECT, "connect"}, -@@ -163,7 +163,7 @@ static const char *aulookup_socketcall(long sc) - /* - * This table maps ipc calls to their text name - */ --static struct nv_pair ipctab[] = { -+static const struct nv_pair ipctab[] = { - {SEMOP, "semop"}, - {SEMGET, "semget"}, - {SEMCTL, "semctl"}, -@@ -251,7 +251,7 @@ void aulookup_destroy_uid_list(void) - uid_list_created = 0; - } - --int is_hex_string(const char *str) -+static int is_hex_string(const char *str) - { - int c=0; - while (*str) { -diff --git a/src/ausearch-lookup.h b/src/ausearch-lookup.h -index c5fc9f4..c80f782 100644 ---- a/src/ausearch-lookup.h -+++ b/src/ausearch-lookup.h -@@ -40,7 +40,6 @@ const char *aulookup_uid(uid_t uid, char *buf, size_t size) - __attr_access ((__write_only__, 2, 3)); - void aulookup_destroy_uid_list(void); - char *unescape(const char *buf); --int is_hex_string(const char *str); - void print_tty_data(const char *val); - void safe_print_string_n(const char *s, unsigned int len, int ret) - __attr_access ((__read_only__, 1, 2)); -diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c -index 7b00bef..3a1b27d 100644 ---- a/src/ausearch-nvpair.c -+++ b/src/ausearch-nvpair.c -@@ -34,14 +34,6 @@ void search_list_create(nvlist *l) - l->cnt = 0; - } - --nvnode *search_list_next(nvlist *l) --{ -- if (l->cur == NULL) -- return NULL; -- l->cur = l->cur->next; -- return l->cur; --} -- - void search_list_append(nvlist *l, nvnode *node) - { - nvnode* newnode = malloc(sizeof(nvnode)); -diff --git a/src/ausearch-nvpair.h b/src/ausearch-nvpair.h -index 95b63fe..244dca7 100644 ---- a/src/ausearch-nvpair.h -+++ b/src/ausearch-nvpair.h -@@ -45,8 +45,6 @@ typedef struct { - } nvlist; - - void search_list_create(nvlist *l); --static inline void search_list_first(nvlist *l) { l->cur = l->head; } --nvnode *search_list_next(nvlist *l); - static inline nvnode *search_list_get_cur(nvlist *l) { return l->cur; } - void search_list_append(nvlist *l, nvnode *node); - void search_list_clear(nvlist* l); -diff --git a/src/ausearch-options.c b/src/ausearch-options.c -index 7d6a4f0..1c65364 100644 ---- a/src/ausearch-options.c -+++ b/src/ausearch-options.c -@@ -95,7 +95,7 @@ S_PPID, S_KEY, S_RAW, S_NODE, S_IN_LOGS, S_JUST_ONE, S_SESSION, S_EXIT, - S_LINEBUFFERED, S_UUID, S_VMNAME, S_DEBUG, S_CHECKPOINT, S_ARCH, S_FORMAT, - S_EXTRA_TIME, S_EXTRA_LABELS, S_EXTRA_KEYS, S_EXTRA_OBJ2, S_ESCAPE, S_EOE_TMO }; - --static struct nv_pair optiontab[] = { -+static const struct nv_pair optiontab[] = { - { S_EVENT, "-a" }, - { S_ARCH, "--arch" }, - { S_EVENT, "--event" }, -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 1e51a67..13a1457 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -1724,7 +1724,7 @@ static int parse_sockaddr(const lnode *n, search_items *s) - if (len != sizeof(saddr->sa_family) && - len < 4) { - fprintf(stderr, -- "sun_path len too short (%d)\n", -+ "sun_path len too short (%u)\n", - len); - return 4; - } -diff --git a/src/ausearch-string.c b/src/ausearch-string.c -index 4016a41..86b8a78 100644 ---- a/src/ausearch-string.c -+++ b/src/ausearch-string.c -@@ -61,7 +61,7 @@ snode *slist_next(slist *l) - return l->cur; - } - --void slist_append(slist *l, snode *node) -+void slist_append(slist *l, const snode *node) - { - snode* newnode; - -diff --git a/src/ausearch-string.h b/src/ausearch-string.h -index 6d14737..ed4a05b 100644 ---- a/src/ausearch-string.h -+++ b/src/ausearch-string.h -@@ -47,8 +47,8 @@ typedef struct { - void slist_create(slist *l); - static inline void slist_first(slist *l) { l->cur = l->head; } - snode *slist_next(slist *l); --static inline snode *slist_get_cur(slist *l) { return l->cur; } --void slist_append(slist *l, snode *node); -+static inline snode *slist_get_cur(const slist *l) { return l->cur; } -+void slist_append(slist *l, const snode *node); - void slist_clear(slist* l); - - /* append a string if its not already on the list */ -diff --git a/src/ausearch-time.c b/src/ausearch-time.c -index edcd78d..d2409a2 100644 ---- a/src/ausearch-time.c -+++ b/src/ausearch-time.c -@@ -43,7 +43,7 @@ struct nv_pair { - const char *name; - }; - --static struct nv_pair timetab[] = { -+static const struct nv_pair timetab[] = { - { T_NOW, "now" }, - { T_RECENT, "recent" }, - { T_THIS_HOUR, "this-hour" }, --- -2.50.1 - diff --git a/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch b/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch deleted file mode 100644 index 312fca2c61bab0414e09a893fc552245f26eb261..0000000000000000000000000000000000000000 --- a/backport-correcting-memcmp-args-in-check_rule_mismatch-functi.patch +++ /dev/null @@ -1,28 +0,0 @@ -From 3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0 Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Wed, 27 Mar 2024 17:41:07 +0300 -Subject: [PATCH] correcting memcmp args in check_rule_mismatch function - -Conflict:src/auditctl.c -Reference:https://github.com/linux-audit/audit-userspace/commit/3f3b3a2377ce1977dd4136aa653f2f65c3cd2fe0 - ---- - src/auditctl.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/auditctl.c b/src/auditctl.c -index 7949d95c..acb1e518 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -392,7 +392,7 @@ static int check_rule_mismatch(int lineno, const char *option) - audit_rule_syscallbyname_data(&tmprule, ptr); - ptr = strtok_r(NULL, ",", &saved); - } -- if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE)) -+ if (memcmp(tmprule.mask, rule_new->mask, AUDIT_BITMASK_SIZE * sizeof(tmprule.mask[0]))) - rc = 1; - free(tmp); - --- -2.33.0 - diff --git a/backport-first-part-of-NULL-pointer-checks.patch b/backport-first-part-of-NULL-pointer-checks.patch deleted file mode 100644 index f1aa1603106bd75a6b08f20a967b30cff5344b29..0000000000000000000000000000000000000000 --- a/backport-first-part-of-NULL-pointer-checks.patch +++ /dev/null @@ -1,147 +0,0 @@ -From b046de44454fa2616dbb8899f1b41d65ce876e33 Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Fri, 15 Mar 2024 17:08:16 +0300 -Subject: [PATCH] first part of NULL pointer checks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/b046de44454fa2616dbb8899f1b41d65ce876e33 - ---- - audisp/audispd-llist.c | 3 +++ - auparse/auparse.c | 7 +++++++ - src/auditctl-llist.c | 3 +++ - src/auditctl.c | 5 +++++ - src/ausearch-avc.c | 3 +++ - src/ausearch-int.c | 3 +++ - src/ausearch-llist.c | 3 +++ - tools/aulastlog/aulastlog-llist.c | 3 +++ - 8 files changed, 30 insertions(+) - -diff --git a/audisp/audispd-llist.c b/audisp/audispd-llist.c -index c562a72a..c338327d 100644 ---- a/audisp/audispd-llist.c -+++ b/audisp/audispd-llist.c -@@ -74,6 +74,9 @@ void plist_append(conf_llist *l, plugin_conf_t *p) - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -+ if (newnode == NULL) { -+ return; -+ } - - if (p) { - void *pp = malloc(sizeof(struct plugin_conf)); -diff --git a/auparse/auparse.c b/auparse/auparse.c -index e196373b..516ee8f1 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -113,6 +113,11 @@ static int setup_log_file_array(auparse_state_t *au) - } - num--; - tmp = malloc((num+2)*sizeof(char *)); -+ if (!tmp) { -+ fprintf(stderr, "No memory\n"); -+ aup_free_config(&config); -+ return 1; -+ } - - /* Got it, now process logs from last to first */ - if (num > 0) -@@ -489,6 +494,8 @@ auparse_state_t *auparse_init(ausource_t source, const void *b) - if (access_ok(b)) - goto bad_exit; - tmp = malloc(2*sizeof(char *)); -+ if (tmp == NULL) -+ goto bad_exit; - tmp[0] = strdup(b); - tmp[1] = NULL; - au->source_list = tmp; -diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c -index 182d88b5..0f81d4c8 100644 ---- a/src/auditctl-llist.c -+++ b/src/auditctl-llist.c -@@ -64,6 +64,9 @@ void list_append(llist *l, const struct audit_rule_data *r, size_t sz) - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -+ if (newnode == NULL) { -+ return; -+ } - - if (r) { - void *rr = malloc(sz); -diff --git a/src/auditctl.c b/src/auditctl.c -index dac5118a..ee7e33c8 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -1391,6 +1391,11 @@ static int fileopt(const char *file) - } - i = 0; - fields = malloc(nf * sizeof(char *)); -+ if (fields == NULL) { -+ audit_msg(LOG_ERR, "Memory allocation error"); -+ return 1; -+ } -+ - fields[i++] = "auditctl"; - fields[i++] = ptr; - while( (ptr=audit_strsplit(NULL)) && (i < nf-1)) { -diff --git a/src/ausearch-avc.c b/src/ausearch-avc.c -index 10d153f6..6aa98c70 100644 ---- a/src/ausearch-avc.c -+++ b/src/ausearch-avc.c -@@ -67,6 +67,9 @@ void alist_append(alist *l, anode *node) - anode* newnode; - - newnode = malloc(sizeof(anode)); -+ if (newnode == NULL) { -+ return; -+ } - - if (node->scontext) - newnode->scontext = node->scontext; -diff --git a/src/ausearch-int.c b/src/ausearch-int.c -index 718dacda..0e8b0ffe 100644 ---- a/src/ausearch-int.c -+++ b/src/ausearch-int.c -@@ -46,6 +46,9 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) - int_node* newnode; - - newnode = malloc(sizeof(int_node)); -+ if (newnode == NULL) { -+ return; -+ } - - newnode->num = num; - newnode->hits = hits; -diff --git a/src/ausearch-llist.c b/src/ausearch-llist.c -index 0fa6f671..36fcae6d 100644 ---- a/src/ausearch-llist.c -+++ b/src/ausearch-llist.c -@@ -107,6 +107,9 @@ void list_append(llist *l, lnode *node) - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -+ if (newnode == NULL) { -+ return; -+ } - - if (node->message) - newnode->message = node->message; -diff --git a/tools/aulastlog/aulastlog-llist.c b/tools/aulastlog/aulastlog-llist.c -index 84882ca8..779afb50 100644 ---- a/tools/aulastlog/aulastlog-llist.c -+++ b/tools/aulastlog/aulastlog-llist.c -@@ -46,6 +46,9 @@ void list_append(llist *l, lnode *node) - lnode* newnode; - - newnode = malloc(sizeof(lnode)); -+ if (newnode == NULL) { -+ return; -+ } - - newnode->sec = node->sec; - newnode->uid = node->uid; --- -2.33.0 - diff --git a/backport-fix-one-more-leak.patch b/backport-fix-one-more-leak.patch deleted file mode 100644 index af271ffa06a469d7d096e2736b45ce2f17f387b2..0000000000000000000000000000000000000000 --- a/backport-fix-one-more-leak.patch +++ /dev/null @@ -1,30 +0,0 @@ -From 613ccbdd1011692c6724a11cc8798112dd26d202 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 21 May 2024 13:17:38 -0400 -Subject: [PATCH] fix one more leak - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/613ccbdd1011692c6724a11cc8798112dd26d202 - ---- - src/ausearch-lol.c | 4 +++- - 1 file changed, 3 insertions(+), 1 deletion(-) - -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 784c58f6..d156ce42 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -371,7 +371,9 @@ int lol_add_record(lol *lo, char *buff) - l = malloc(sizeof(llist)); - if (l == NULL) { - free((char *)e.node); -- fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); -+ free(n.message); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", -+ __FILE__, __LINE__); - return 0; - } - list_create(l); --- -2.33.0 - diff --git a/backport-fix-the-use-of-isdigit-everywhere.patch b/backport-fix-the-use-of-isdigit-everywhere.patch deleted file mode 100644 index b558044f2f1fd7944e401a7bd59cc53be9dbcc35..0000000000000000000000000000000000000000 --- a/backport-fix-the-use-of-isdigit-everywhere.patch +++ /dev/null @@ -1,401 +0,0 @@ -From 149a3464ef35fbaa98c57e2775a7a4ab20c2ee75 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sun, 5 Nov 2023 14:24:49 -0500 -Subject: [PATCH] fix the use of isdigit everywhere - -Reference:https://github.com/linux-audit/audit-userspace/commit/149a3464ef35fbaa98c57e2775a7a4ab20c2ee75 -Conflict:NA - ---- - audisp/plugins/af_unix/audisp-af_unix.c | 2 +- - audisp/plugins/ids/ids_config.c | 2 +- - audisp/plugins/remote/remote-config.c | 2 +- - audisp/plugins/zos-remote/zos-remote-config.c | 6 ++-- - auparse/auditd-config.c | 2 +- - auparse/interpret.c | 6 ++-- - src/auditctl.c | 6 ++-- - src/aureport-options.c | 4 +-- - src/aureport-output.c | 2 +- - src/ausearch-options.c | 36 +++++++++---------- - src/ausearch-parse.c | 2 +- - tools/ausyscall/ausyscall.c | 4 +-- - 12 files changed, 37 insertions(+), 37 deletions(-) - -diff --git a/audisp/plugins/af_unix/audisp-af_unix.c b/audisp/plugins/af_unix/audisp-af_unix.c -index ffcc7603..ffbf2ac0 100644 ---- a/audisp/plugins/af_unix/audisp-af_unix.c -+++ b/audisp/plugins/af_unix/audisp-af_unix.c -@@ -126,7 +126,7 @@ int setup_socket(int argc, char *argv[]) - } else { - int i; - for (i=1; i < 3; i++) { -- if (isdigit(argv[i][0])) { -+ if (isdigit((unsigned char)argv[i][0])) { - errno = 0; - mode = strtoul(argv[i], NULL, 8); - if (errno) { -diff --git a/audisp/plugins/ids/ids_config.c b/audisp/plugins/ids/ids_config.c -index 4da5ca93..f773794a 100644 ---- a/audisp/plugins/ids/ids_config.c -+++ b/audisp/plugins/ids/ids_config.c -@@ -345,7 +345,7 @@ static int unsigned_int_parser(struct nv_pair *nv, int line, unsigned int *val) - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - syslog(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -diff --git a/audisp/plugins/remote/remote-config.c b/audisp/plugins/remote/remote-config.c -index 02b51337..8de7b27f 100644 ---- a/audisp/plugins/remote/remote-config.c -+++ b/audisp/plugins/remote/remote-config.c -@@ -484,7 +484,7 @@ static int parse_uint (const struct nv_pair *nv, int line, unsigned int *valp, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - syslog(LOG_ERR, - "Value %s should only be numbers - line %d", - nv->value, line); -diff --git a/audisp/plugins/zos-remote/zos-remote-config.c b/audisp/plugins/zos-remote/zos-remote-config.c -index b92dc778..2f7e42f5 100644 ---- a/audisp/plugins/zos-remote/zos-remote-config.c -+++ b/audisp/plugins/zos-remote/zos-remote-config.c -@@ -301,7 +301,7 @@ static int port_parser(struct nv_pair *nv, int line, plugin_conf_t * c) - - /* check that all chars are numbers */ - for (i = 0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - log_err("Value %s should only be numbers - line %d", nv->value, line); - return 1; - } -@@ -327,7 +327,7 @@ static int timeout_parser(struct nv_pair *nv, int line, plugin_conf_t * c) - - /* check that all chars are numbers */ - for (i = 0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - log_err("Value %s should only be numbers - line %d", nv->value, line); - return 1; - } -@@ -376,7 +376,7 @@ static int q_depth_parser(struct nv_pair *nv, int line, plugin_conf_t * c) - - /* check that all chars are numbers */ - for (i = 0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - log_err("Value %s should only be numbers - line %d", nv->value, line); - return 1; - } -diff --git a/auparse/auditd-config.c b/auparse/auditd-config.c -index 9a6a6a71..6e5c86a8 100644 ---- a/auparse/auditd-config.c -+++ b/auparse/auditd-config.c -@@ -340,7 +340,7 @@ static int eoe_timeout_parser(auparse_state_t *au, const char *val, int line, - - /* check that all chars are numbers */ - for (i=0; ptr[i]; i++) { -- if (!isdigit(ptr[i])) { -+ if (!isdigit((unsigned char)ptr[i])) { - audit_msg(au, LOG_ERR, - "Value %s should only be numbers - line %d", - val, line); -diff --git a/auparse/interpret.c b/auparse/interpret.c -index f13723b6..77c96468 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -325,7 +325,7 @@ static void key_escape(const char *orig, char *dest, auparse_esc_t escape_mode) - static int is_int_string(const char *str) - { - while (*str) { -- if (!isdigit(*str)) -+ if (!isdigit((unsigned char)*str)) - return 0; - str++; - } -@@ -1485,7 +1485,7 @@ static const char *print_success(const char *val) - { - int res; - -- if (isdigit(*val)) { -+ if (isdigit((unsigned char)*val)) { - errno = 0; - res = strtoul(val, NULL, 10); - if (errno) { -@@ -2319,7 +2319,7 @@ static const char *print_fanotify(const char *val) - { - int res; - -- if (isdigit(*val)) { -+ if (isdigit((unsigned char)*val)) { - errno = 0; - res = strtoul(val, NULL, 10); - if (errno) { -diff --git a/src/auditctl.c b/src/auditctl.c -index ccd62bc3..e1ca0f83 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -680,7 +680,7 @@ static int setopt(int count, int lineno, char *vars[]) - } - break; - case 'r': -- if (optarg && isdigit(optarg[0])) { -+ if (optarg && isdigit((unsigned char)optarg[0])) { - uint32_t rate; - errno = 0; - rate = strtoul(optarg,NULL,0); -@@ -699,7 +699,7 @@ static int setopt(int count, int lineno, char *vars[]) - } - break; - case 'b': -- if (optarg && isdigit(optarg[0])) { -+ if (optarg && isdigit((unsigned char)optarg[0])) { - uint32_t limit; - errno = 0; - limit = strtoul(optarg,NULL,0); -@@ -1134,7 +1134,7 @@ process_keys: - case 2: - #if HAVE_DECL_AUDIT_VERSION_BACKLOG_WAIT_TIME == 1 || \ - HAVE_DECL_AUDIT_STATUS_BACKLOG_WAIT_TIME == 1 -- if (optarg && isdigit(optarg[0])) { -+ if (optarg && isdigit((unsigned char)optarg[0])) { - uint32_t bwt; - errno = 0; - bwt = strtoul(optarg,NULL,0); -diff --git a/src/aureport-options.c b/src/aureport-options.c -index 203c3880..7480c8a9 100644 ---- a/src/aureport-options.c -+++ b/src/aureport-options.c -@@ -385,7 +385,7 @@ int check_params(int count, char *vars[]) - // } else { - // UNIMPLEMENTED; - // set_detail(D_SPECIFIC); --// if (isdigit(optarg[0])) { -+// if (isdigit((unsigned char)optarg[0])) { - // errno = 0; - // event_id = strtoul(optarg, - // NULL, 10); -@@ -764,7 +764,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - arg_eoe_timeout = (time_t)strtoul(optarg, NULL, 10); - if (errno || arg_eoe_timeout == 0) { -diff --git a/src/aureport-output.c b/src/aureport-output.c -index a635d536..27a2ce25 100644 ---- a/src/aureport-output.c -+++ b/src/aureport-output.c -@@ -976,7 +976,7 @@ static void do_user_summary_output(slist *sptr) - long uid; - char name[64]; - -- if (sn->str[0] == '-' || isdigit(sn->str[0])) { -+ if (sn->str[0] == '-' || isdigit((unsigned char)sn->str[0])) { - uid = strtol(sn->str, NULL, 10); - printf("%u ", sn->hits); - safe_print_string(aulookup_uid(uid, name, -diff --git a/src/ausearch-options.c b/src/ausearch-options.c -index 53d0db64..1c653648 100644 ---- a/src/ausearch-options.c -+++ b/src/ausearch-options.c -@@ -253,7 +253,7 @@ static int convert_str_to_msg(const char *optarg) - { - int tmp, retval = 0; - -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - tmp = strtoul(optarg, NULL, 10); - if (errno) { -@@ -335,7 +335,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_id = strtoul(optarg, NULL, 10); - if (errno) { -@@ -357,7 +357,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - arg_eoe_timeout = (time_t)strtoul(optarg, NULL, 10); - if (errno || arg_eoe_timeout == 0) { -@@ -463,7 +463,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_gid = strtoul(optarg,NULL,10); - if (errno) { -@@ -497,7 +497,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_egid = strtoul(optarg,NULL,10); - if (errno) { -@@ -529,7 +529,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_gid = strtoul(optarg,NULL,10); - if (errno) { -@@ -655,7 +655,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_ppid = strtol(optarg,NULL,10); - if (errno) -@@ -676,7 +676,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_pid = strtol(optarg,NULL,10); - if (errno) -@@ -794,7 +794,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_syscall = (int)strtoul(optarg, NULL, 10); - if (errno) { -@@ -893,7 +893,7 @@ int check_params(int count, char *vars[]) - } - { - size_t len = strlen(optarg); -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - unsigned long optval = strtoul(optarg,NULL,10); - if (errno || optval >= (1ul << 32)) -@@ -901,7 +901,7 @@ int check_params(int count, char *vars[]) - event_session_id = optval; - c++; - } else if (len >= 2 && *(optarg)=='-' && -- (isdigit(optarg[1]))) { -+ (isdigit((unsigned char)optarg[1]))) { - errno = 0; - long optval = strtol(optarg, NULL, 0); - if (errno || optval < INT_MIN || optval > INT_MAX) { -@@ -933,7 +933,7 @@ int check_params(int count, char *vars[]) - } - { - size_t len = strlen(optarg); -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_exit = strtoll(optarg, NULL, 0); - if (errno) { -@@ -942,7 +942,7 @@ int check_params(int count, char *vars[]) - optarg); - } - } else if (len >= 2 && *(optarg)=='-' && -- (isdigit(optarg[1]))) { -+ (isdigit((unsigned char)optarg[1]))) { - errno = 0; - event_exit = strtoll(optarg, NULL, 0); - if (errno) { -@@ -1074,7 +1074,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_uid = strtoul(optarg,NULL,10); - if (errno) { -@@ -1107,7 +1107,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_euid = strtoul(optarg,NULL,10); - if (errno) { -@@ -1140,7 +1140,7 @@ int check_params(int count, char *vars[]) - retval = -1; - break; - } -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_uid = strtoul(optarg,NULL,10); - if (errno) { -@@ -1184,7 +1184,7 @@ int check_params(int count, char *vars[]) - } - { - size_t len = strlen(optarg); -- if (isdigit(optarg[0])) { -+ if (isdigit((unsigned char)optarg[0])) { - errno = 0; - event_loginuid = strtoul(optarg,NULL,10); - if (errno) { -@@ -1194,7 +1194,7 @@ int check_params(int count, char *vars[]) - retval = -1; - } - } else if (len >= 2 && *(optarg)=='-' && -- (isdigit(optarg[1]))) { -+ (isdigit((unsigned char)optarg[1]))) { - errno = 0; - event_loginuid = strtol(optarg, NULL, 0); - if (errno) { -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index e6868c6e..1a5b047f 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -1128,7 +1128,7 @@ try_again: - return 25; - ptr = str + 4; - term = ptr; -- while (isdigit(*term)) -+ while (isdigit((unsigned char)*term)) - term++; - if (term == ptr) - return 14; -diff --git a/tools/ausyscall/ausyscall.c b/tools/ausyscall/ausyscall.c -index bf751f17..489b1095 100644 ---- a/tools/ausyscall/ausyscall.c -+++ b/tools/ausyscall/ausyscall.c -@@ -47,9 +47,9 @@ int main(int argc, char *argv[]) - usage(); - } else if (argc < 2) - usage(); -- -+ - for (i=1; i -Date: Fri, 15 Mar 2024 18:13:36 +0300 -Subject: [PATCH] last part of NULL pointer checks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/97f3c78b6b31126c1128927d9c85bb794a1efa17 - ---- - auparse/interpret.c | 3 +++ - src/ausearch-lookup.c | 4 ++++ - 2 files changed, 7 insertions(+) - -diff --git a/auparse/interpret.c b/auparse/interpret.c -index 12ae35e2..f6f39449 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -420,6 +420,9 @@ int load_interpretation_list(const char *buffer) - il.cnt = 0; - - il.record = buf = strdup(buffer); -+ if (buf == NULL) { -+ goto err_out; -+ } - if (strncmp(buf, "SADDR=", 6) == 0) { - // We have SOCKADDR record. It has no other values. - // Handle it by itself. -diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c -index bdcd7aaf..86239f39 100644 ---- a/src/ausearch-lookup.c -+++ b/src/ausearch-lookup.c -@@ -302,6 +302,10 @@ char *unescape(const char *buf) - return NULL; - - str = strndup(buf, ptr - buf); -+ if (str == NULL) { -+ fprintf(stderr, "Memory alocation error"); -+ return NULL; -+ } - - if (*buf == '(') - return str; --- -2.33.0 - diff --git a/backport-lib-avoid-UB-on-sequence-wrap-around-347.patch b/backport-lib-avoid-UB-on-sequence-wrap-around-347.patch deleted file mode 100644 index 24b5056b4950f9e1cdfb8021f070f47b597c34e9..0000000000000000000000000000000000000000 --- a/backport-lib-avoid-UB-on-sequence-wrap-around-347.patch +++ /dev/null @@ -1,42 +0,0 @@ -From f5c35d7d5e064af5ad31d22f900d148d932ad9b1 Mon Sep 17 00:00:00 2001 -From: cgzones -Date: Mon, 15 Jan 2024 21:44:04 +0100 -Subject: [PATCH] lib: avoid UB on sequence wrap-around (#347) - -Signed integer overflow is undefined, allowing compilers to optimize the -condition `++sequence < 0` away. - -Reference:https://github.com/linux-audit/audit-userspace/commit/f5c35d7d5e064af5ad31d22f900d148d932ad9b1 -Conflict:NA - ---- - lib/netlink.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/lib/netlink.c b/lib/netlink.c -index 3381651a..4a6bd54d 100644 ---- a/lib/netlink.c -+++ b/lib/netlink.c -@@ -26,6 +26,7 @@ - #include - #include - #include -+#include - #include - #include - #include "libaudit.h" -@@ -204,8 +205,10 @@ int __audit_send(int fd, int type, const void *data, unsigned int size, int *seq - return -errno; - } - -- if (++sequence < 0) -+ if (sequence == INT_MAX) - sequence = 1; -+ else -+ sequence++; - *seq = sequence; - - memset(&req, 0, sizeof(req)); --- -2.33.0 - diff --git a/backport-lib-cast-to-unsigned-char-for-character-test-functio.patch b/backport-lib-cast-to-unsigned-char-for-character-test-functio.patch deleted file mode 100644 index eab74d64c9ab557d23dd0fcdc5a83ffeb044332d..0000000000000000000000000000000000000000 --- a/backport-lib-cast-to-unsigned-char-for-character-test-functio.patch +++ /dev/null @@ -1,165 +0,0 @@ -From 3aa3ccb2bb1c8804fbf43b260c93b65e831242c1 Mon Sep 17 00:00:00 2001 -From: cgzones -Date: Thu, 2 Nov 2023 21:20:40 +0100 -Subject: [PATCH] lib: cast to unsigned char for character test functions - (#338) - -Passing a value not representable by unsigned char is undefined -behavior. - -Reference:https://github.com/linux-audit/audit-userspace/commit/3aa3ccb2bb1c8804fbf43b260c93b65e831242c1 -Conflict:NA - ---- - lib/libaudit.c | 32 ++++++++++++++++---------------- - lib/lookup_table.c | 2 +- - 2 files changed, 17 insertions(+), 17 deletions(-) - -diff --git a/lib/libaudit.c b/lib/libaudit.c -index 960525a..abcdf4a 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -1031,7 +1031,7 @@ int audit_rule_syscallbyname_data(struct audit_rule_data *rule, - return -2; - nr = audit_name_to_syscall(scall, machine); - if (nr < 0) { -- if (isdigit(scall[0])) -+ if (isdigit((unsigned char)scall[0])) - nr = strtol(scall, NULL, 0); - } - if (nr >= 0) -@@ -1056,7 +1056,7 @@ int audit_rule_io_uringbyname_data(struct audit_rule_data *rule, - } - nr = audit_name_to_uringop(scall); - if (nr < 0) { -- if (isdigit(scall[0])) -+ if (isdigit((unsigned char)scall[0])) - nr = strtol(scall, NULL, 0); - } - if (nr >= 0) -@@ -1585,11 +1585,11 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - case AUDIT_OBJ_UID: - // Do positive & negative separate for 32 bit systems - vlen = strlen(v); -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtoul(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && -- (isdigit((char)*(v+1)))) -+ (isdigit((unsigned char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else { -@@ -1609,7 +1609,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - case AUDIT_SGID: - case AUDIT_FSGID: - case AUDIT_OBJ_GID: -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else { -@@ -1625,11 +1625,11 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - if (flags != AUDIT_FILTER_EXIT) - return -EAU_EXITONLY; - vlen = strlen(v); -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && -- (isdigit((char)*(v+1)))) -+ (isdigit((unsigned char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else { -@@ -1644,7 +1644,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - flags != AUDIT_FILTER_USER) - return -EAU_MSGTYPEEXCLUDEUSER; - -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else -@@ -1715,7 +1715,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - return -EAU_ARCHMISPLACED; - if (!(op == AUDIT_NOT_EQUAL || op == AUDIT_EQUAL)) - return -EAU_OPEQNOTEQ; -- if (isdigit((char)*(v))) { -+ if (isdigit((unsigned char)*(v))) { - int machine; - - errno = 0; -@@ -1757,7 +1757,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - return -EAU_STRTOOLONG; - - for (i = 0; i < len; i++) { -- switch (tolower(v[i])) { -+ switch (tolower((unsigned char)v[i])) { - case 'r': - val |= AUDIT_PERM_READ; - break; -@@ -1791,7 +1791,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - return -EAU_FIELDUNAVAIL; - if (!(op == AUDIT_NOT_EQUAL || op == AUDIT_EQUAL)) - return -EAU_OPEQNOTEQ; -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtoul(v, NULL, 0); - else -@@ -1804,11 +1804,11 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - break; - case AUDIT_ARG0...AUDIT_ARG3: - vlen = strlen(v); -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtoul(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && -- (isdigit((char)*(v+1)))) -+ (isdigit((unsigned char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else -@@ -1824,11 +1824,11 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - return -EAU_FIELDNOFILTER; - // Do positive & negative separate for 32 bit systems - vlen = strlen(v); -- if (isdigit((char)*(v))) -+ if (isdigit((unsigned char)*(v))) - rule->values[rule->field_count] = - strtoul(v, NULL, 0); - else if (vlen >= 2 && *(v)=='-' && -- (isdigit((char)*(v+1)))) -+ (isdigit((unsigned char)*(v+1)))) - rule->values[rule->field_count] = - strtol(v, NULL, 0); - else if (strcmp(v, "unset") == 0) -@@ -1854,7 +1854,7 @@ int audit_rule_fieldpair_data(struct audit_rule_data **rulep, const char *pair, - if (field == AUDIT_PPID && !(flags==AUDIT_FILTER_EXIT)) - return -EAU_EXITONLY; - -- if (!isdigit((char)*(v))) -+ if (!isdigit((unsigned char)*(v))) - return -EAU_FIELDVALNUM; - - if (field == AUDIT_INODE) -diff --git a/lib/lookup_table.c b/lib/lookup_table.c -index 2f5e6cd..d839205 100644 ---- a/lib/lookup_table.c -+++ b/lib/lookup_table.c -@@ -255,7 +255,7 @@ int audit_name_to_msg_type(const char *msg_type) - strncpy(buf, msg_type + 8, len); - errno = 0; - return strtol(buf, NULL, 10); -- } else if (isdigit(*msg_type)) { -+ } else if (isdigit((unsigned char)*msg_type)) { - errno = 0; - return strtol(msg_type, NULL, 10); - } --- -2.33.0 - diff --git a/backport-lib-close-audit-socket-in-load_feature_bitmap-334.patch b/backport-lib-close-audit-socket-in-load_feature_bitmap-334.patch deleted file mode 100644 index 02367cc1c975c1a4eec0f1d97acee093d1132fff..0000000000000000000000000000000000000000 --- a/backport-lib-close-audit-socket-in-load_feature_bitmap-334.patch +++ /dev/null @@ -1,35 +0,0 @@ -From 3f928b21486369c495d9eaca46eb9d506ae576b3 Mon Sep 17 00:00:00 2001 -From: cgzones -Date: Wed, 1 Nov 2023 20:35:40 +0100 -Subject: [PATCH] lib: close audit socket in load_feature_bitmap() (#334) - - -Reference:https://github.com/linux-audit/audit-userspace/commit/3f928b21486369c495d9eaca46eb9d506ae576b3 -Conflict:NA - ---- - lib/libaudit.c | 2 ++ - 1 file changed, 2 insertions(+) - -diff --git a/lib/libaudit.c b/lib/libaudit.c -index ded3ab47..4c317c87 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -657,12 +657,14 @@ static void load_feature_bitmap(void) - - /* Found it... */ - features_bitmap = rep.status->feature_bitmap; -+ audit_close(fd); - return; - } - } - } - #endif - features_bitmap = AUDIT_FEATURES_UNSUPPORTED; -+ audit_close(fd); - } - - uint32_t audit_get_features(void) --- -2.33.0 - diff --git a/backport-lib-enclose-macro-to-avoid-precedence-issues.patch b/backport-lib-enclose-macro-to-avoid-precedence-issues.patch deleted file mode 100644 index 22b74bcbfc94725167bdb252f4fd71247ed479a4..0000000000000000000000000000000000000000 --- a/backport-lib-enclose-macro-to-avoid-precedence-issues.patch +++ /dev/null @@ -1,29 +0,0 @@ -From e97c79260a2e7bdbf02c5162b0c40451c9555111 Mon Sep 17 00:00:00 2001 -From: =?UTF-8?q?Christian=20G=C3=B6ttsche?= -Date: Tue, 31 Oct 2023 16:49:10 +0100 -Subject: [PATCH] lib: enclose macro to avoid precedence issues - - -Reference:https://github.com/linux-audit/audit-userspace/commit/e97c79260a2e7bdbf02c5162b0c40451c9555111 -Conflict:NA - ---- - lib/audit_logging.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/lib/audit_logging.c b/lib/audit_logging.c -index 8b8b6207..e8b79d3e 100644 ---- a/lib/audit_logging.c -+++ b/lib/audit_logging.c -@@ -38,7 +38,7 @@ - #include "private.h" - - #define TTY_PATH 32 --#define MAX_USER (UT_NAMESIZE * 2) + 8 -+#define MAX_USER ((UT_NAMESIZE * 2) + 8) - - // NOTE: The kernel fills in pid, uid, and loginuid of sender. Therefore, - // these routines do not need to send them. --- -2.33.0 - diff --git a/backport-make-slist_last-a-static-function.patch b/backport-make-slist_last-a-static-function.patch deleted file mode 100644 index e935950d6799f0b5f374af962e4ecdbacb26976a..0000000000000000000000000000000000000000 --- a/backport-make-slist_last-a-static-function.patch +++ /dev/null @@ -1,58 +0,0 @@ -From b6d376d9f6a5593e7d8029fca1094f16d724bfe7 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Fri, 1 Sep 2023 13:06:36 -0400 -Subject: [PATCH] make slist_last a static function - ---- - src/ausearch-string.c | 6 +++--- - src/ausearch-string.h | 3 +-- - 2 files changed, 4 insertions(+), 5 deletions(-) - -diff --git a/src/ausearch-string.c b/src/ausearch-string.c -index d723ac0..4016a41 100644 ---- a/src/ausearch-string.c -+++ b/src/ausearch-string.c -@@ -1,6 +1,6 @@ - /* - * ausearch-string.c - Minimal linked list library for strings --* Copyright (c) 2005,2008,2014 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005,2008,2014 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -34,10 +34,10 @@ void slist_create(slist *l) - l->cnt = 0; - } - --void slist_last(slist *l) -+static inline void slist_last(slist *l) - { - register snode* cur; -- -+ - if (l->head == NULL) - return; - -diff --git a/src/ausearch-string.h b/src/ausearch-string.h -index 1cfc4a6..6d14737 100644 ---- a/src/ausearch-string.h -+++ b/src/ausearch-string.h -@@ -1,6 +1,6 @@ - /* - * ausearch-string.h - Header file for ausearch-string.c --* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2005,2008 Red Hat Inc. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -46,7 +46,6 @@ typedef struct { - - void slist_create(slist *l); - static inline void slist_first(slist *l) { l->cur = l->head; } --void slist_last(slist *l); - snode *slist_next(slist *l); - static inline snode *slist_get_cur(slist *l) { return l->cur; } - void slist_append(slist *l, snode *node); --- -2.50.1 - diff --git a/backport-memory-allocation-updates-341.patch b/backport-memory-allocation-updates-341.patch deleted file mode 100644 index 254e6b3114924889ec81c8bc16ce1a0cac578269..0000000000000000000000000000000000000000 --- a/backport-memory-allocation-updates-341.patch +++ /dev/null @@ -1,56 +0,0 @@ -From b92027ac9e29659483a5e920e548fe74126f72af Mon Sep 17 00:00:00 2001 -From: cgzones -Date: Wed, 1 Nov 2023 22:15:40 +0100 -Subject: [PATCH] memory allocation updates (#341) - -* Check memory allocation - -Avoid later NULL dereference. - -* Check memory allocation and merge zeroing - -Avoid later NULL dereference. - -Reference:https://github.com/linux-audit/audit-userspace/commit/b92027ac9e29659483a5e920e548fe74126f72af -Conflict:NA - ---- - auparse/interpret.c | 2 ++ - lib/libaudit.c | 7 +++++-- - 2 files changed, 7 insertions(+), 2 deletions(-) - -diff --git a/auparse/interpret.c b/auparse/interpret.c -index ecde07ae..76ca2814 100644 ---- a/auparse/interpret.c -+++ b/auparse/interpret.c -@@ -366,6 +366,8 @@ char *au_unescape(char *buf) - // strlen(buf) / 2. - olen = strlen(buf); - str = malloc(olen+1); -+ if (!str) -+ return NULL; - - saved = *ptr; - *ptr = 0; -diff --git a/lib/libaudit.c b/lib/libaudit.c -index 6a42871b..d90d83b8 100644 ---- a/lib/libaudit.c -+++ b/lib/libaudit.c -@@ -891,9 +891,12 @@ int audit_make_equivalent(int fd, const char *mount_point, - struct { - uint32_t sizes[2]; - unsigned char buf[]; -- } *cmd = malloc(sizeof(*cmd) + len1 + len2); -+ } *cmd = calloc(1, sizeof(*cmd) + len1 + len2); - -- memset(cmd, 0, sizeof(*cmd) + len1 + len2); -+ if (!cmd) { -+ audit_msg(LOG_ERR, "Cannot allocate memory!"); -+ return -ENOMEM; -+ } - - cmd->sizes[0] = len1; - cmd->sizes[1] = len2; --- -2.33.0 - diff --git a/backport-second-part-of-NULL-pointer-checks.patch b/backport-second-part-of-NULL-pointer-checks.patch deleted file mode 100644 index 868286be5ab752c232ae79feb51aad2c8279bfa0..0000000000000000000000000000000000000000 --- a/backport-second-part-of-NULL-pointer-checks.patch +++ /dev/null @@ -1,188 +0,0 @@ -From 15d29a145ebe67cae52316871fcdedb5a19ce628 Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Fri, 15 Mar 2024 18:00:54 +0300 -Subject: [PATCH] second part of NULL pointer checks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/15d29a145ebe67cae52316871fcdedb5a19ce628 - ---- - audisp/plugins/zos-remote/zos-remote-queue.c | 5 +++++ - audisp/queue.c | 5 +++++ - auparse/normalize-llist.c | 3 +++ - auparse/normalize.c | 9 +++++++++ - lib/gen_tables.c | 10 ++++++++-- - src/ausearch-lol.c | 12 ++++++++++++ - src/ausearch-nvpair.c | 3 +++ - src/ausearch-string.c | 3 +++ - 8 files changed, 48 insertions(+), 2 deletions(-) - -diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c -index 37d91bd8..47dd006e 100644 ---- a/audisp/plugins/zos-remote/zos-remote-queue.c -+++ b/audisp/plugins/zos-remote/zos-remote-queue.c -@@ -130,6 +130,11 @@ void increase_queue_depth(unsigned int size) - void *tmp_q; - - tmp_q = realloc(q, size * sizeof(BerElement *)); -+ if (tmp_q == NULL) { -+ log_err("Memory allocation error");; -+ pthread_mutex_unlock(&queue_lock); -+ return; -+ } - q = tmp_q; - for (i=q_depth; inum = num; - newnode->data = data; -diff --git a/auparse/normalize.c b/auparse/normalize.c -index ae6e3d2d..58d28213 100644 ---- a/auparse/normalize.c -+++ b/auparse/normalize.c -@@ -1191,6 +1191,11 @@ static int normalize_compound(auparse_state_t *au) - if (f) { - const char *exe = auparse_interpret_field(au); - D.how = strdup(exe); -+ if (D.how == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ free((void *)syscall); -+ return 1; -+ } - if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || - (strncmp(D.how, "/usr/bin/sh", 11) == 0) || - (strncmp(D.how, "/usr/bin/bash", 13) == 0) || -@@ -1999,6 +2004,10 @@ map: - if (f) { - const char *exe = auparse_interpret_field(au); - D.how = strdup(exe); -+ if (D.how == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ return 1; -+ } - if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || - (strncmp(D.how, "/usr/bin/sh", 11) == 0) || - (strncmp(D.how, "/usr/bin/bash", 13) == 0) || -diff --git a/lib/gen_tables.c b/lib/gen_tables.c -index 3326759d..4ff233d0 100644 ---- a/lib/gen_tables.c -+++ b/lib/gen_tables.c -@@ -271,7 +271,10 @@ output_i2s(const char *prefix) - } - - unique_values = malloc(NUM_VALUES * sizeof(*unique_values)); -- assert(unique_values != NULL); -+ if (unique_values == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ abort(); -+ } - n = 0; - for (i = 0; i < NUM_VALUES; i++) { - if (n == 0 || unique_values[n - 1].val != values[i].val) { -@@ -351,7 +354,10 @@ output_i2s_transtab(const char *prefix) - printf("{%d,%zu},", values[i].val, values[i].s_offset); - } - uc_prefix = strdup(prefix); -- assert(uc_prefix != NULL); -+ if (uc_prefix == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ abort(); -+ } - for (i = 0; uc_prefix[i] != '\0'; i++) - uc_prefix[i] = toupper((unsigned char)uc_prefix[i]); - printf("\n" -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index bcfb9ad8..c2140b7e 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -47,6 +47,10 @@ void lol_create(lol *lo) - lo->maxi = -1; - lo->limit = ARRAY_LIMIT; - lo->array = (lolnode *)malloc(size); -+ if (lo->array == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ return; -+ } - memset(lo->array, 0, size); - } - -@@ -305,6 +309,10 @@ int lol_add_record(lol *lo, char *buff) - n.a1 = 0L; - n.type = e.type; - n.message = strdup(buff); -+ if(n.message == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ return 0; -+ } - ptr = strchr(n.message, AUDIT_INTERP_SEPARATOR); - if (ptr) { - n.mlen = ptr - n.message; -@@ -359,6 +367,10 @@ int lol_add_record(lol *lo, char *buff) - - // Create new event and fill it in - l = malloc(sizeof(llist)); -+ if (l == NULL) { -+ fprintf(stderr, "Memory allocation error"); -+ return 0; -+ } - list_create(l); - l->e.milli = e.milli; - l->e.sec = e.sec; -diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c -index 8d0088e5..c344c27c 100644 ---- a/src/ausearch-nvpair.c -+++ b/src/ausearch-nvpair.c -@@ -37,6 +37,9 @@ void search_list_create(nvlist *l) - void search_list_append(nvlist *l, nvnode *node) - { - nvnode* newnode = malloc(sizeof(nvnode)); -+ if (newnode == NULL) { -+ return; -+ } - - newnode->name = node->name; - newnode->val = node->val; -diff --git a/src/ausearch-string.c b/src/ausearch-string.c -index fbbacd77..f875bb2c 100644 ---- a/src/ausearch-string.c -+++ b/src/ausearch-string.c -@@ -49,6 +49,9 @@ void slist_append(slist *l, const snode *node) - snode* newnode; - - newnode = malloc(sizeof(snode)); -+ if (newnode == NULL) { -+ return; -+ } - - if (node->str) - newnode->str = node->str; --- -2.33.0 - diff --git a/backport-update-error-messages-in-NULL-Checks.patch b/backport-update-error-messages-in-NULL-Checks.patch deleted file mode 100644 index c3af0443e281507cd55fcff8583da9ad98981014..0000000000000000000000000000000000000000 --- a/backport-update-error-messages-in-NULL-Checks.patch +++ /dev/null @@ -1,279 +0,0 @@ -From dc7450f2fd056c7ca5eb29182ccb30ec0a4228c5 Mon Sep 17 00:00:00 2001 -From: Yugend -Date: Fri, 22 Mar 2024 14:01:59 +0300 -Subject: [PATCH] update error messages in NULL Checks - -Conflict:NA -Reference:https://github.com/linux-audit/audit-userspace/commit/dc7450f2fd056c7ca5eb29182ccb30ec0a4228c5 - ---- - audisp/audispd-llist.c | 1 + - audisp/plugins/zos-remote/zos-remote-queue.c | 2 +- - audisp/queue.c | 2 +- - auparse/auparse.c | 2 +- - auparse/normalize-llist.c | 1 + - auparse/normalize.c | 4 ++-- - lib/gen_tables.c | 4 ++-- - src/auditctl-llist.c | 1 + - src/auditctl.c | 2 +- - src/ausearch-avc.c | 1 + - src/ausearch-int.c | 1 + - src/ausearch-llist.c | 1 + - src/ausearch-lol.c | 6 +++--- - src/ausearch-lookup.c | 2 +- - src/ausearch-nvpair.c | 1 + - src/ausearch-string.c | 1 + - tools/aulastlog/aulastlog-llist.c | 1 + - 17 files changed, 21 insertions(+), 12 deletions(-) - -diff --git a/audisp/audispd-llist.c b/audisp/audispd-llist.c -index c338327d..30d7f03b 100644 ---- a/audisp/audispd-llist.c -+++ b/audisp/audispd-llist.c -@@ -75,6 +75,7 @@ void plist_append(conf_llist *l, plugin_conf_t *p) - - newnode = malloc(sizeof(lnode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/audisp/plugins/zos-remote/zos-remote-queue.c b/audisp/plugins/zos-remote/zos-remote-queue.c -index f8019890..67397f38 100644 ---- a/audisp/plugins/zos-remote/zos-remote-queue.c -+++ b/audisp/plugins/zos-remote/zos-remote-queue.c -@@ -131,7 +131,7 @@ void increase_queue_depth(unsigned int size) - - tmp_q = realloc(q, size * sizeof(BerElement *)); - if (tmp_q == NULL) { -- log_err("Memory allocation error");; -+ log_err("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - pthread_mutex_unlock(&queue_lock); - return; - } -diff --git a/audisp/queue.c b/audisp/queue.c -index 76b62593..8bd20ea1 100644 ---- a/audisp/queue.c -+++ b/audisp/queue.c -@@ -230,7 +230,7 @@ void increase_queue_depth(unsigned int size) - - tmp_q = realloc(q, size * sizeof(event_t *)); - if (tmp_q == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of Memory. Check %s file, %d line", __FILE__, __LINE__); - pthread_mutex_unlock(&queue_lock); - return; - } -diff --git a/auparse/auparse.c b/auparse/auparse.c -index e782058d..c423ffa8 100644 ---- a/auparse/auparse.c -+++ b/auparse/auparse.c -@@ -114,7 +114,7 @@ static int setup_log_file_array(auparse_state_t *au) - num--; - tmp = malloc((num+2)*sizeof(char *)); - if (!tmp) { -- fprintf(stderr, "No memory\n"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - aup_free_config(&config); - free(filename); - return 1; -diff --git a/auparse/normalize-llist.c b/auparse/normalize-llist.c -index 32d5f124..433c457f 100644 ---- a/auparse/normalize-llist.c -+++ b/auparse/normalize-llist.c -@@ -67,6 +67,7 @@ void cllist_append(cllist *l, uint32_t num, void *data) - - newnode = malloc(sizeof(data_node)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/auparse/normalize.c b/auparse/normalize.c -index 58d28213..d4f6c441 100644 ---- a/auparse/normalize.c -+++ b/auparse/normalize.c -@@ -1192,7 +1192,7 @@ static int normalize_compound(auparse_state_t *au) - const char *exe = auparse_interpret_field(au); - D.how = strdup(exe); - if (D.how == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - free((void *)syscall); - return 1; - } -@@ -2005,7 +2005,7 @@ map: - const char *exe = auparse_interpret_field(au); - D.how = strdup(exe); - if (D.how == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 1; - } - if ((strncmp(D.how, "/usr/bin/python", 15) == 0) || -diff --git a/lib/gen_tables.c b/lib/gen_tables.c -index 4ff233d0..a2930ff9 100644 ---- a/lib/gen_tables.c -+++ b/lib/gen_tables.c -@@ -272,7 +272,7 @@ output_i2s(const char *prefix) - - unique_values = malloc(NUM_VALUES * sizeof(*unique_values)); - if (unique_values == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - abort(); - } - n = 0; -@@ -355,7 +355,7 @@ output_i2s_transtab(const char *prefix) - } - uc_prefix = strdup(prefix); - if (uc_prefix == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - abort(); - } - for (i = 0; uc_prefix[i] != '\0'; i++) -diff --git a/src/auditctl-llist.c b/src/auditctl-llist.c -index 0f81d4c8..5282ee32 100644 ---- a/src/auditctl-llist.c -+++ b/src/auditctl-llist.c -@@ -65,6 +65,7 @@ void list_append(llist *l, const struct audit_rule_data *r, size_t sz) - - newnode = malloc(sizeof(lnode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/src/auditctl.c b/src/auditctl.c -index ee7e33c8..093dca00 100644 ---- a/src/auditctl.c -+++ b/src/auditctl.c -@@ -1392,7 +1392,7 @@ static int fileopt(const char *file) - i = 0; - fields = malloc(nf * sizeof(char *)); - if (fields == NULL) { -- audit_msg(LOG_ERR, "Memory allocation error"); -+ audit_msg(LOG_ERR, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 1; - } - -diff --git a/src/ausearch-avc.c b/src/ausearch-avc.c -index 6aa98c70..38576563 100644 ---- a/src/ausearch-avc.c -+++ b/src/ausearch-avc.c -@@ -68,6 +68,7 @@ void alist_append(alist *l, anode *node) - - newnode = malloc(sizeof(anode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/src/ausearch-int.c b/src/ausearch-int.c -index 0e8b0ffe..5f57b059 100644 ---- a/src/ausearch-int.c -+++ b/src/ausearch-int.c -@@ -47,6 +47,7 @@ void ilist_append(ilist *l, int num, unsigned int hits, int aux) - - newnode = malloc(sizeof(int_node)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/src/ausearch-llist.c b/src/ausearch-llist.c -index 36fcae6d..7926980c 100644 ---- a/src/ausearch-llist.c -+++ b/src/ausearch-llist.c -@@ -108,6 +108,7 @@ void list_append(llist *l, lnode *node) - - newnode = malloc(sizeof(lnode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/src/ausearch-lol.c b/src/ausearch-lol.c -index 7562dc21..a5418079 100644 ---- a/src/ausearch-lol.c -+++ b/src/ausearch-lol.c -@@ -48,7 +48,7 @@ void lol_create(lol *lo) - lo->limit = ARRAY_LIMIT; - lo->array = (lolnode *)malloc(size); - if (lo->array == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - lo->limit = 0; - return; - } -@@ -311,7 +311,7 @@ int lol_add_record(lol *lo, char *buff) - n.type = e.type; - n.message = strdup(buff); - if(n.message == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 0; - } - ptr = strchr(n.message, AUDIT_INTERP_SEPARATOR); -@@ -369,7 +369,7 @@ int lol_add_record(lol *lo, char *buff) - // Create new event and fill it in - l = malloc(sizeof(llist)); - if (l == NULL) { -- fprintf(stderr, "Memory allocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return 0; - } - list_create(l); -diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c -index 86239f39..2d6f48ca 100644 ---- a/src/ausearch-lookup.c -+++ b/src/ausearch-lookup.c -@@ -303,7 +303,7 @@ char *unescape(const char *buf) - - str = strndup(buf, ptr - buf); - if (str == NULL) { -- fprintf(stderr, "Memory alocation error"); -+ fprintf(stderr, "Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return NULL; - } - -diff --git a/src/ausearch-nvpair.c b/src/ausearch-nvpair.c -index c344c27c..3a1b27db 100644 ---- a/src/ausearch-nvpair.c -+++ b/src/ausearch-nvpair.c -@@ -38,6 +38,7 @@ void search_list_append(nvlist *l, nvnode *node) - { - nvnode* newnode = malloc(sizeof(nvnode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/src/ausearch-string.c b/src/ausearch-string.c -index f875bb2c..bd317b96 100644 ---- a/src/ausearch-string.c -+++ b/src/ausearch-string.c -@@ -50,6 +50,7 @@ void slist_append(slist *l, const snode *node) - - newnode = malloc(sizeof(snode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - -diff --git a/tools/aulastlog/aulastlog-llist.c b/tools/aulastlog/aulastlog-llist.c -index 779afb50..0b89be65 100644 ---- a/tools/aulastlog/aulastlog-llist.c -+++ b/tools/aulastlog/aulastlog-llist.c -@@ -47,6 +47,7 @@ void list_append(llist *l, lnode *node) - - newnode = malloc(sizeof(lnode)); - if (newnode == NULL) { -+ printf("Out of memory. Check %s file, %d line", __FILE__, __LINE__); - return; - } - --- -2.33.0 - diff --git a/bugfix-audit-reload-coredump.patch b/bugfix-audit-reload-coredump.patch index 8cd0a452aeea41115d786c21b0763b94615299af..6cf262e5dc6a253b7ee84ee3bb2687406fd886a7 100644 --- a/bugfix-audit-reload-coredump.patch +++ b/bugfix-audit-reload-coredump.patch @@ -1,7 +1,7 @@ -From 2a7404291e431757bc417c9c3250f2ca84a82d89 Mon Sep 17 00:00:00 2001 +From cee0354371cd349e6bc6491a6055492b2084dc46 Mon Sep 17 00:00:00 2001 From: Leo Fang Date: Mon, 24 May 2021 19:16:02 +0800 -Subject: [PATCH] bugfix-audit-reload-coredump +Subject: [PATCH 2/3] bugfix-audit-reload-coredump --- src/auditd-reconfig.c | 2 ++ @@ -9,7 +9,7 @@ Subject: [PATCH] bugfix-audit-reload-coredump 2 files changed, 26 insertions(+), 2 deletions(-) diff --git a/src/auditd-reconfig.c b/src/auditd-reconfig.c -index 37e0adc..66ded38 100644 +index 0e669ff..4c46ef4 100644 --- a/src/auditd-reconfig.c +++ b/src/auditd-reconfig.c @@ -35,6 +35,7 @@ @@ -20,8 +20,8 @@ index 37e0adc..66ded38 100644 /* This is the configuration manager code */ static pthread_t config_thread; -@@ -122,6 +123,7 @@ static void *config_thread_main(void *arg) - //send_audit_event(AUDIT_DAEMON_CONFIG, txt); +@@ -116,6 +117,7 @@ static void *config_thread_main(void *arg) + send_audit_event(AUDIT_DAEMON_CONFIG, txt); free_config(&new_config); free(e); + reconfig_pthread_failed(); @@ -29,18 +29,18 @@ index 37e0adc..66ded38 100644 pthread_mutex_unlock(&config_lock); diff --git a/src/auditd.c b/src/auditd.c -index 5933703..53f4803 100644 +index a031927..50f9e03 100644 --- a/src/auditd.c +++ b/src/auditd.c -@@ -76,6 +76,7 @@ static int hup_info_requested = 0; - static int usr1_info_requested = 0, usr2_info_requested = 0; +@@ -93,6 +93,7 @@ static ATOMIC_INT hup_info_requested = 0; + static ATOMIC_INT usr1_info_requested = 0, usr2_info_requested = 0; static char subj[SUBJ_LEN]; static uint32_t session; +static int hup_flag = 0; + static struct ev_timer report_timer_watcher; + struct ev_loop *loop; - /* Local function prototypes */ - int send_audit_event(int type, const char *str); -@@ -525,8 +526,23 @@ static void netlink_handler(struct ev_loop *loop, struct ev_io *io, +@@ -643,8 +644,23 @@ static void netlink_handler(struct ev_loop *loop, struct ev_io *io, char hup[MAX_AUDIT_MESSAGE_LENGTH]; audit_msg(LOG_DEBUG, "HUP detected, starting config manager"); @@ -66,9 +66,9 @@ index 5933703..53f4803 100644 audit_format_signal_info(hup, sizeof(hup), "reconfigure state=no-change", -@@ -576,9 +592,15 @@ static void pipe_handler(struct ev_loop *loop, struct ev_io *io, - // Drain the pipe - won't block because libev sets non-blocking mode - read(pipefds[0], buf, sizeof(buf)); +@@ -695,9 +711,15 @@ static void pipe_handler(struct ev_loop *loop, struct ev_io *io, + if (read(pipefds[0], buf, sizeof(buf)) < 0) + ; /* Intentionally blank - nothing we can do */ enqueue_event(reconfig_ev); + hup_flag = 0; reconfig_ev = NULL; @@ -83,5 +83,5 @@ index 5933703..53f4803 100644 { const char *msg = "ready\n"; -- -2.27.0 +2.43.0 diff --git a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch index cd2593b006f2edadbfa0750d790cca9c2a7d2352..6ed66fa835609cda9b7108727f0e2d6935c8c0a6 100644 --- a/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch +++ b/bugfix-audit-userspace-missing-syscalls-for-aarm64.patch @@ -1,25 +1,25 @@ -From ad68debcab63df34dc7b1fc4b4fd4fc4f01b8d7c Mon Sep 17 00:00:00 2001 +From 013651c37eb254bd2b315224f73ad24860eac1a5 Mon Sep 17 00:00:00 2001 From: jinbo Date: Mon, 12 Nov 2018 21:54:29 +0800 -Subject: [PATCH] audit: userspace missing syscalls for aarm64 +Subject: [PATCH 1/3] audit: userspace missing syscalls for aarm64 API_change: n reason: reconsitution userspace audit missing syscalls for aarm64 Signed-off-by: jinbo --- - lib/aarch64_table.h | 44 +++++++++++++++++++++++++++++++++++++++++- - 1 file changed, 43 insertions(+), 1 deletion(-) + lib/aarch64_table.h | 44 ++++++++++++++++++++++++++++++++++++++++++++ + 1 file changed, 44 insertions(+) diff --git a/lib/aarch64_table.h b/lib/aarch64_table.h -index c61aa91..ea634c1 100644 +index 8dea469..e997584 100644 --- a/lib/aarch64_table.h +++ b/lib/aarch64_table.h -@@ -327,4 +327,46 @@ _S(448, "process_mrelease") - _S(449, "futex_waitv") - _S(450, "set_mempolicy_home_node") - _S(451, "cachestat") -- +@@ -345,3 +345,47 @@ _S(466, "removexattrat") + _S(467, "open_tree_attr") + _S(468, "file_getattr") + _S(469, "file_setattr") ++ +_S(1024, "open") +_S(1025, "link") +_S(1026, "unlink") @@ -64,5 +64,5 @@ index c61aa91..ea634c1 100644 +_S(1078, "sysctl") +_S(1079, "fork") -- -1.8.5.6 +2.43.0