diff --git a/0067-Fix-minor-memory-leak-in-auditd-kerberos-credentials.patch b/0067-Fix-minor-memory-leak-in-auditd-kerberos-credentials.patch deleted file mode 100644 index 099b410fb36744fc85e31aee65b68c73c610cc5b..0000000000000000000000000000000000000000 --- a/0067-Fix-minor-memory-leak-in-auditd-kerberos-credentials.patch +++ /dev/null @@ -1,43 +0,0 @@ -From c34481d21c51241e571873627a8da17556e153d2 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Tue, 22 Jan 2019 08:10:30 +0100 -Subject: [PATCH 67/99] Fix minor memory leak in auditd kerberos credentials - code - ---- - src/auditd-listen.c | 11 +++++++++-- - 1 files changed, 9 insertions(+), 2 deletions(-) - -diff --git a/src/auditd-listen.c b/src/auditd-listen.c -index 613cae6..bce8ca0 100644 ---- a/src/auditd-listen.c -+++ b/src/auditd-listen.c -@@ -1107,7 +1107,11 @@ next_try: - } - } - -- server_acquire_creds(princ, &server_creds); -+ if (server_acquire_creds(princ, &server_creds)) { -+ free(my_service_name); -+ my_service_name = NULL; -+ return -1; -+ } - } - #endif - -@@ -1127,8 +1131,11 @@ void auditd_tcp_listen_uninit(struct ev_loop *loop, struct daemon_conf *config) - } - - #ifdef USE_GSSAPI -- if (USE_GSS) -+ if (USE_GSS) { - gss_release_cred(&status, &server_creds); -+ free(my_service_name); -+ my_service_name = NULL; -+ } - #endif - - while (client_chain) { --- -1.8.3.1 - diff --git a/Fix-a-couple-more-fuzzer-induced-bugs.patch b/Fix-a-couple-more-fuzzer-induced-bugs.patch deleted file mode 100644 index 716975696f67937402874169e1097582574f360f..0000000000000000000000000000000000000000 --- a/Fix-a-couple-more-fuzzer-induced-bugs.patch +++ /dev/null @@ -1,43 +0,0 @@ -From bbbebbef926376a7bec116a2cc3aadd86af75bb4 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 15 Dec 2018 14:12:56 -0500 -Subject: [PATCH 209/217] Fix a couple more fuzzer induced bugs - ---- - src/ausearch-parse.c | 6 ++++++ - 1 file changed, 6 insertions(+) - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 44499c7..311f699 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -603,6 +603,8 @@ static int parse_syscall(lnode *n, search_items *s) - if (s->key) { - char *saved; - char *keyptr = unescape(str); -+ if (keyptr == NULL) -+ return 45; - char *kptr = strtok_r(keyptr, - key_sep, &saved); - while (kptr) { -@@ -1599,6 +1601,8 @@ static int parse_sockaddr(const lnode *n, search_items *s) - str += 6; - len = strlen(str)/2; - s->hostname = unescape(str); -+ if (s->hostname == NULL) -+ return 4; - saddr = (struct sockaddr *)s->hostname; - if (saddr->sa_family == AF_INET) { - if (len < sizeof(struct sockaddr_in)) { -@@ -2300,6 +2304,8 @@ static int parse_simple_message(const lnode *n, search_items *s) - if (s->key) { - char *saved; - char *keyptr = unescape(ptr); -+ if (keyptr == NULL) -+ return 8; - char *kptr = strtok_r(keyptr, - key_sep, &saved); - while (kptr) { --- -1.8.3.1 - diff --git a/Fix-memory-leak-when-logs-are-corrupted.patch b/Fix-memory-leak-when-logs-are-corrupted.patch deleted file mode 100644 index f692c0bc2995e2a247ff287980c2a5745d6af9c0..0000000000000000000000000000000000000000 --- a/Fix-memory-leak-when-logs-are-corrupted.patch +++ /dev/null @@ -1,29 +0,0 @@ -From cc434ad723bba5c7da4d8e440130f55a9437961c Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 15 Dec 2018 09:55:29 -0500 -Subject: [PATCH 206/217] Fix memory leak when logs are corrupted - ---- - auparse/ellist.c | 5 ++++- - 1 file changed, 4 insertions(+), 1 deletion(-) - -diff --git a/auparse/ellist.c b/auparse/ellist.c -index 90a0524..fd45fac 100644 ---- a/auparse/ellist.c -+++ b/auparse/ellist.c -@@ -331,8 +331,11 @@ int aup_list_append(event_list_t *l, char *record, int list_idx, - - // Then parse the record up into nvlist - rc = parse_up_record(r); -- if (r->cwd) -+ if (r->cwd) { -+ // Should never be 2 cwd records unless log is corrupted -+ free(l->cwd); - l->cwd = r->cwd; -+ } - return rc; - } - --- -1.8.3.1 - diff --git a/More-fuzzer-induced-bug-fixes.patch b/More-fuzzer-induced-bug-fixes.patch deleted file mode 100644 index b5f6ffd265d1ecebc0412d8d26bdbb07602a97e8..0000000000000000000000000000000000000000 --- a/More-fuzzer-induced-bug-fixes.patch +++ /dev/null @@ -1,56 +0,0 @@ -From c218a04655b2426b46d303d711863f9038f15917 Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 15 Dec 2018 14:58:31 -0500 -Subject: [PATCH 210/217] More fuzzer induced bug fixes - ---- - auparse/normalize.c | 10 +++++----- - src/ausearch-parse.c | 4 +++- - 2 files changed, 8 insertions(+), 6 deletions(-) - -diff --git a/auparse/normalize.c b/auparse/normalize.c -index 45d8821..5f15712 100644 ---- a/auparse/normalize.c -+++ b/auparse/normalize.c -@@ -44,11 +44,11 @@ - * Both record and field are 0 based. Simple records are always 0. Compound - * records start at 0 and go up. - */ --#define UNSET 0xFFFF --#define get_record(y) ((y >> 16) & 0x0000FFFF) --#define set_record(y, x) (((x & 0x0000FFFF) << 16) | (y & 0x0000FFFF)) --#define get_field(y) (y & 0x0000FFFF) --#define set_field(y, x) ((y & 0xFFFF0000) | (x & 0x0000FFFF)) -+#define UNSET 0xFFFFU -+#define get_record(y) ((y >> 16) & 0x0000FFFFU) -+#define set_record(y, x) (((x & 0x0000FFFFU) << 16) | (y & 0x0000FFFFU)) -+#define get_field(y) (y & 0x0000FFFFU) -+#define set_field(y, x) ((y & 0xFFFF0000U) | (x & 0x0000FFFFU)) - #define is_unset(y) (get_record(y) == UNSET) - #define D au->norm_data - -diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c -index 311f699..cc2a06c 100644 ---- a/src/ausearch-parse.c -+++ b/src/ausearch-parse.c -@@ -40,7 +40,7 @@ - #include "ausearch-parse.h" - #include "auparse-idata.h" - --#define NAME_OFFSET 36 -+#define NAME_OFFSET 28 - static const char key_sep[2] = { AUDIT_KEY_SEPARATOR, 0 }; - - static int parse_task_info(lnode *n, search_items *s); -@@ -714,6 +714,8 @@ static int common_path_parser(search_items *s, char *path) - sn.str = unescape(path); - *term = ' '; - } -+ if (sn.str == NULL) -+ return 7; - // Attempt to rebuild path if relative - if ((sn.str[0] == '.') && ((sn.str[1] == '.') || - (sn.str[1] == '/')) && s->cwd) { --- -1.8.3.1 - diff --git a/Port-af_unix-plugin-to-libev.patch b/Port-af_unix-plugin-to-libev.patch deleted file mode 100644 index 129571bd6165187b2aaa8d673f5a76e94f908a7e..0000000000000000000000000000000000000000 --- a/Port-af_unix-plugin-to-libev.patch +++ /dev/null @@ -1,279 +0,0 @@ -From 6d6c65e8e374ce31037e20b1cdc314808efd0e3c Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 24 Nov 2018 10:06:08 -0500 -Subject: [PATCH] Port af_unix plugin to libev - ---- - audisp/Makefile.am | 3 ++- - audisp/audispd-builtins.c | 42 +++++++++++++++++++++++++++++++-------- - audisp/audispd-builtins.h | 9 ++------- - audisp/audispd.c | 38 ----------------------------------- - src/auditd.c | 18 ++++++++--------- - 5 files changed, 47 insertions(+), 63 deletions(-) - -diff --git a/audisp/Makefile.am b/audisp/Makefile.am -index 5aa1d09..852169e 100644 ---- a/audisp/Makefile.am -+++ b/audisp/Makefile.am -@@ -22,7 +22,7 @@ - - SUBDIRS = plugins - CONFIG_CLEAN_FILES = *.rej *.orig --AM_CPPFLAGS = -D_GNU_SOURCE -fPIC -DPIC -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/src -+AM_CPPFLAGS = -D_GNU_SOURCE -fPIC -DPIC -I${top_srcdir} -I${top_srcdir}/lib -I${top_srcdir}/src -I${top_srcdir}/src/libev - LIBS = -L${top_builddir}/lib -laudit - LDADD = -lpthread - -@@ -30,5 +30,6 @@ noinst_HEADERS = audispd-pconfig.h audispd-llist.h audispd-config.h \ - queue.h audispd-builtins.h libdisp.h - libdisp_a_SOURCES = audispd.c audispd-pconfig.c queue.c \ - audispd-llist.c audispd-builtins.c -+libdisp_a_CFLAGS = -fno-strict-aliasing - noinst_LIBRARIES = libdisp.a - -diff --git a/audisp/audispd-builtins.c b/audisp/audispd-builtins.c -index 1fbe680..024faec 100644 ---- a/audisp/audispd-builtins.c -+++ b/audisp/audispd-builtins.c -@@ -1,6 +1,6 @@ - /* - * audispd-builtins.c - some common builtin plugins --* Copyright (c) 2007,2010,2013 Red Hat Inc., Durham, North Carolina. -+* Copyright (c) 2007,2010,2013,2018 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -35,12 +35,17 @@ - #include // writev - #include - #include -+#include "ev.h" - #include "audispd-pconfig.h" - #include "audispd-builtins.h" - -+// Global data -+extern struct ev_loop *loop; -+ - // Local data - static volatile int sock = -1, conn = -1; - static char *path = NULL; -+static struct ev_io af_unix_watcher; - - // Local prototypes - static void init_af_unix(const plugin_conf_t *conf); -@@ -63,21 +68,37 @@ void stop_builtin(plugin_conf_t *conf) - syslog(LOG_ERR, "Unknown builtin %s", conf->path); - } - --static void af_unix_accept(int fd) -+static int watching = 0; -+static void stop_watching(void) -+{ -+ if (watching) { -+ ev_io_stop(loop, &af_unix_watcher); -+ watching = 0; -+ } -+} -+ -+static void af_unix_accept(struct ev_loop *l, struct ev_io *_io, int revents) - { - int cmd; - - do { -- conn = accept(fd, NULL, NULL); -+ conn = accept(_io->fd, NULL, NULL); - } while (conn < 0 && errno == EINTR); - - // De-register since this is intended to be one listener - if (conn >= 0) -- remove_event(fd); -+ stop_watching(); - cmd = fcntl(conn, F_GETFD); - fcntl(conn, F_SETFD, cmd|FD_CLOEXEC); - } - -+static void start_watching(void) -+{ -+ ev_io_init(&af_unix_watcher, af_unix_accept, sock, EV_READ); -+ ev_io_start(loop, &af_unix_watcher); -+ watching = 1; -+} -+ - static int create_af_unix_socket(const char *path, int mode) - { - struct sockaddr_un addr; -@@ -122,8 +143,8 @@ static int create_af_unix_socket(const char *path, int mode) - // Make socket listening...won't block - (void)listen(sock, 5); - -- // Register socket with poll -- add_event(sock, af_unix_accept); -+ // Register socket with libev -+ start_watching(); - return 0; - } - -@@ -213,7 +234,8 @@ void send_af_unix_string(const char *s, unsigned int len) - if (rc < 0 && errno == EPIPE) { - close(conn); - conn = -1; -- add_event(sock, af_unix_accept); -+ stop_watching(); -+ start_watching(); - } - } - } -@@ -237,7 +259,8 @@ void send_af_unix_binary(event_t *e) - if (rc < 0 && errno == EPIPE) { - close(conn); - conn = -1; -- add_event(sock, af_unix_accept); -+ stop_watching(); -+ start_watching(); - } - } - } -@@ -250,10 +273,13 @@ void destroy_af_unix(void) - conn = -1; - did_something = 1; - } -+ stop_watching(); - if (sock >= 0) { -+ - close(sock); - sock = -1; - did_something = 1; -+ - } - if (path) { - unlink(path); -diff --git a/audisp/audispd-builtins.h b/audisp/audispd-builtins.h -index 2083775..2d344ea 100644 ---- a/audisp/audispd-builtins.h -+++ b/audisp/audispd-builtins.h -@@ -1,6 +1,6 @@ - /* --* audispd-builtins.h - Minimal linked list library --* Copyright (c) 2007,2013 Red Hat Inc., Durham, North Carolina. -+* audispd-builtins.h - Interface to builtin plugins -+* Copyright (c) 2007,2013,2018 Red Hat Inc., Durham, North Carolina. - * All Rights Reserved. - * - * This software may be freely redistributed and/or modified under the -@@ -33,10 +33,5 @@ void send_af_unix_string(const char *s, unsigned int len); - void send_af_unix_binary(event_t *e); - void destroy_af_unix(void); - --typedef void (*poll_callback_ptr)(int fd); --int add_event(int fd, poll_callback_ptr cb); --int remove_event(int fd); -- -- - #endif - -diff --git a/audisp/audispd.c b/audisp/audispd.c -index e9584b7..9c3a118 100644 ---- a/audisp/audispd.c -+++ b/audisp/audispd.c -@@ -31,7 +31,6 @@ - #include - #include - #include --#include - #include - #include - #include -@@ -578,43 +577,6 @@ static int event_loop(void) - return 1; - } - --static struct pollfd pfd[4]; --static poll_callback_ptr pfd_cb[4]; --static volatile int pfd_cnt=0; --int add_event(int fd, poll_callback_ptr cb) --{ -- if (pfd_cnt > 3) -- return -1; -- -- pfd[pfd_cnt].fd = fd; -- pfd[pfd_cnt].events = POLLIN; -- pfd[pfd_cnt].revents = 0; -- pfd_cb[pfd_cnt] = cb; -- pfd_cnt++; -- return 0; --} -- --int remove_event(int fd) --{ -- int start, i; -- if (pfd_cnt == 0) -- return -1; -- -- for (start=0; start < pfd_cnt; start++) { -- if (pfd[start].fd == fd) -- break; -- } -- for (i=start; i<(pfd_cnt-1); i++) { -- pfd[i].events = pfd[i+1].events; -- pfd[i].revents = pfd[i+1].revents; -- pfd[i].fd = pfd[i+1].fd; -- pfd_cb[i] = pfd_cb[i+1]; -- } -- -- pfd_cnt--; -- return 0; --} -- - /* returns > 0 if plugins and 0 if none */ - int libdisp_active(void) - { -diff --git a/src/auditd.c b/src/auditd.c -index bd7e3b8..22bdc9b 100644 ---- a/src/auditd.c -+++ b/src/auditd.c -@@ -581,6 +581,7 @@ static void close_pipes(void) - close(pipefds[1]); - } - -+struct ev_loop *loop; - int main(int argc, char *argv[]) - { - struct sigaction sa; -@@ -598,7 +599,6 @@ int main(int argc, char *argv[]) - enum startup_state opt_startup = startup_enable; - extern char *optarg; - extern int optind; -- struct ev_loop *loop; - struct ev_io netlink_watcher; - struct ev_io pipe_watcher; - struct ev_signal sigterm_watcher; -@@ -749,14 +749,6 @@ int main(int argc, char *argv[]) - return 1; - } - -- if (init_dispatcher(&config)) { -- if (pidfile) -- unlink(pidfile); -- tell_parent(FAILURE); -- free_config(&config); -- return 1; -- } -- - /* Get machine name ready for use */ - if (resolve_node(&config)) { - if (pidfile) -@@ -892,6 +884,14 @@ int main(int argc, char *argv[]) - /* Depending on value of opt_startup (-s) set initial audit state */ - loop = ev_default_loop (EVFLAG_NOENV); - -+ if (init_dispatcher(&config)) { -+ if (pidfile) -+ unlink(pidfile); -+ tell_parent(FAILURE); -+ free_config(&config); -+ return 1; -+ } -+ - if (!opt_aggregate_only) { - ev_io_init (&netlink_watcher, netlink_handler, fd, EV_READ); - ev_io_start (loop, &netlink_watcher); diff --git a/audit-2.8.5.tar.gz b/audit-2.8.5.tar.gz new file mode 100644 index 0000000000000000000000000000000000000000..18816cfe8f2dacb84e419279e2dee2cd3a86b34f Binary files /dev/null and b/audit-2.8.5.tar.gz differ diff --git a/audit-3.0-alpha5.tar.gz b/audit-3.0-alpha5.tar.gz deleted file mode 100644 index 51f3d1796c7d4b2d8e82c7c31176a632ab53bdf9..0000000000000000000000000000000000000000 Binary files a/audit-3.0-alpha5.tar.gz and /dev/null differ diff --git a/audit.spec b/audit.spec index ad93f61b605831629379159bace5d7caeaf970ac..37c21a6f62709fca09db673c1f68582fbe0e5a69 100644 --- a/audit.spec +++ b/audit.spec @@ -2,25 +2,18 @@ Summary: User space tools for kernel auditing Name: audit -Version: 3.0 -Release: 5 +Epoch: 1 +Version: 2.8.5 +Release: 1 License: GPLv2+ and LGPLv2+ -URL: http://people.redhat.com/sgrubb/audit/ -Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}-alpha5.tar.gz +URL: https://people.redhat.com/sgrubb/audit/ +Source0: https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source1: https://www.gnu.org/licenses/lgpl-2.1.txt -Patch6000: bindings-swig-src-auditswig.i-Do-not-hardcode-the-pa.patch -Patch6001: Fix-memory-leak-when-logs-are-corrupted.patch -Patch6002: fix-out-of-bound-read-on-shutdown.patch -Patch6003: Fix-a-couple-more-fuzzer-induced-bugs.patch -Patch6004: More-fuzzer-induced-bug-fixes.patch -Patch6005: Fix-memleak-in-auparse-caused-by-corrected-event-ordering.patch -Patch6006: Port-af_unix-plugin-to-libev.patch -Patch6007: 0067-Fix-minor-memory-leak-in-auditd-kerberos-credentials.patch - -Patch9000: bugfix-audit-support-armv7b.patch -Patch9001: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch -Patch9002: bugfix-audit-reload-coredump.patch +Patch0: Fix-memleak-in-auparse-caused-by-corrected-event-ordering.patch +Patch1: bugfix-audit-support-armv7b.patch +Patch2: bugfix-audit-userspace-missing-syscalls-for-aarm64.patch +Patch3: bugfix-audit-reload-coredump.patch BuildRequires: gcc swig libtool systemd kernel-headers >= 2.6.29 BuildRequires: openldap-devel krb5-devel libcap-ng-devel @@ -74,7 +67,6 @@ License: LGPLv2+ Requires: %{name}%{?_isa} = %{version}-%{release} Requires: kernel-headers >= 2.6.29 Provides: audit-libs-devel audit-libs-static -Obsoletes: audit-libs-devel audit-libs-static %description devel The audit-libs-devel package contains the header files needed for developing @@ -196,6 +188,7 @@ fi %attr(755,root,root) /sbin/ausearch %attr(755,root,root) /sbin/aureport %attr(750,root,root) /sbin/autrace +%attr(755,root,root) /sbin/audispd %attr(755,root,root) /sbin/augenrules %attr(755,root,root) %{_bindir}/aulast %attr(755,root,root) %{_bindir}/aulastlog @@ -219,7 +212,8 @@ fi %ghost %config(noreplace) %attr(600,root,root) /etc/audit/rules.d/audit.rules %ghost %config(noreplace) %attr(640,root,root) /etc/audit/audit.rules %config(noreplace) %attr(640,root,root) /etc/audit/audit-stop.rules -%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/af_unix.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/audispd.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/af_unix.conf %files libs /%{_lib}/libaudit.so.1* @@ -227,16 +221,15 @@ fi %config(noreplace) %attr(640,root,root) /etc/libaudit.conf %files -n audispd-plugins -%config(noreplace) %attr(640,root,root) /etc/audit/audisp-remote.conf -%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/au-remote.conf -%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/syslog.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/audisp-remote.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/au-remote.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/syslog.conf %attr(750,root,root) /sbin/audisp-remote -%attr(750,root,root) /sbin/audisp-syslog %attr(700,root,root) %dir %{_var}/spool/audit %files -n audispd-plugins-zos -%config(noreplace) %attr(640,root,root) /etc/audit/plugins.d/audispd-zos-remote.conf -%config(noreplace) %attr(640,root,root) /etc/audit/zos-remote.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/plugins.d/audispd-zos-remote.conf +%config(noreplace) %attr(640,root,root) /etc/audisp/zos-remote.conf %attr(750,root,root) /sbin/audispd-zos-remote %files devel @@ -276,6 +269,9 @@ fi %attr(644,root,root) %{_mandir}/man8/*.8.gz %changelog +* Tue Aug 11 2020 wangchen - 2.8.5-1 +- revert to 2.8.5 + * Wed Jan 22 2020 openEuler Buildteam - 3.0-5 - add subpackages diff --git a/bindings-swig-src-auditswig.i-Do-not-hardcode-the-pa.patch b/bindings-swig-src-auditswig.i-Do-not-hardcode-the-pa.patch deleted file mode 100644 index 0746ffc4cadd3b704b43f9e069847f8ee30af3e4..0000000000000000000000000000000000000000 --- a/bindings-swig-src-auditswig.i-Do-not-hardcode-the-pa.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 5d206ce4ac545595170d1ed1490d4824b442bd19 Mon Sep 17 00:00:00 2001 -From: Helmut Grohne -Date: Mon, 1 Oct 2018 07:48:54 +0200 -Subject: [PATCH 177/217] bindings/swig/src/auditswig.i: Do not hardcode the - path of stdint.h - -auditswig.i hard codes the path to stdint.h. That will fail to work with -non-glibc libcs and after moving glibc's headers (#798955). The path is -hard coded, because swig's %include does not search the standard header -search path. Rather than using %include here, we can use #include, -because stdint.h does not declare any functions. Thus swig entirely -ignores stdint.h and leaves the search to the C compiler. - -https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=909967 ---- - bindings/swig/src/auditswig.i | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i -index 356a5ab..7ebb373 100644 ---- a/bindings/swig/src/auditswig.i -+++ b/bindings/swig/src/auditswig.i -@@ -41,6 +41,6 @@ typedef unsigned __u32; - typedef unsigned uid_t; - %include "/usr/include/linux/audit.h" - #define __extension__ /*nothing*/ --%include "/usr/include/stdint.h" -+#include - %include "../lib/libaudit.h" - --- -1.8.3.1 - diff --git a/fix-out-of-bound-read-on-shutdown.patch b/fix-out-of-bound-read-on-shutdown.patch deleted file mode 100644 index 6462fe31b09621f78bb0a488d72c89bf27e09dbc..0000000000000000000000000000000000000000 --- a/fix-out-of-bound-read-on-shutdown.patch +++ /dev/null @@ -1,25 +0,0 @@ -From 5b62b99bcdba4bf9cc3c03a0ffc26d6b9b7a56ce Mon Sep 17 00:00:00 2001 -From: Steve Grubb -Date: Sat, 15 Dec 2018 13:35:29 -0500 -Subject: [PATCH 208/217] fix out of bound read on shutdown - ---- - src/auditd-listen.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/src/auditd-listen.c b/src/auditd-listen.c -index 9db5f35..a2560ad 100644 ---- a/src/auditd-listen.c -+++ b/src/auditd-listen.c -@@ -1118,7 +1118,7 @@ - #endif - - ev_io_stop(loop, &tcp_listen_watcher); -- while (nlsocks >= 0) { -+ while (nlsocks > 0) { - nlsocks--; - close(listen_socket[nlsocks]); - } --- -1.8.3.1 -