150 lines
4.4 KiB
Diff
150 lines
4.4 KiB
Diff
|
diff -Naur audit-2.8.2.orig/audisp/audispd.c audit-2.8.2/audisp/audispd.c
|
||
|
--- audit-2.8.2.orig/audisp/audispd.c 2018-03-11 17:16:39.363923401 -0700
|
||
|
+++ audit-2.8.2/audisp/audispd.c 2018-03-11 17:17:35.163922402 -0700
|
||
|
@@ -31,7 +31,9 @@
|
||
|
#include <pthread.h>
|
||
|
#include <dirent.h>
|
||
|
#include <fcntl.h>
|
||
|
-#include <sys/poll.h>
|
||
|
+#include <limits.h>
|
||
|
+#include <poll.h>
|
||
|
+#include <sys/uio.h>
|
||
|
#include <netdb.h>
|
||
|
#include <arpa/inet.h>
|
||
|
#include <limits.h>
|
||
|
diff -Naur audit-2.8.2.orig/auparse/auparse.c audit-2.8.2/auparse/auparse.c
|
||
|
--- audit-2.8.2.orig/auparse/auparse.c 2018-03-11 17:16:39.356923401 -0700
|
||
|
+++ audit-2.8.2/auparse/auparse.c 2018-03-11 17:19:15.311920608 -0700
|
||
|
@@ -1104,13 +1104,22 @@
|
||
|
static int extract_timestamp(const char *b, au_event_t *e)
|
||
|
{
|
||
|
char *ptr, *tmp;
|
||
|
+ char _tmp[341];
|
||
|
int rc = 1;
|
||
|
|
||
|
e->host = NULL;
|
||
|
if (*b == 'n')
|
||
|
- tmp = strndupa(b, 340);
|
||
|
+ {
|
||
|
+ strncpy(_tmp, b, 340);
|
||
|
+ _tmp[340] = '\0';
|
||
|
+ tmp = _tmp;
|
||
|
+ }
|
||
|
else
|
||
|
- tmp = strndupa(b, 80);
|
||
|
+ {
|
||
|
+ strncpy(_tmp, b, 80);
|
||
|
+ _tmp[80] = '\0';
|
||
|
+ tmp = _tmp;
|
||
|
+ }
|
||
|
ptr = audit_strsplit(tmp);
|
||
|
if (ptr) {
|
||
|
// Optionally grab the node - may or may not be included
|
||
|
diff -Naur audit-2.8.2.orig/auparse/interpret.c audit-2.8.2/auparse/interpret.c
|
||
|
--- audit-2.8.2.orig/auparse/interpret.c 2018-03-11 17:16:39.359923401 -0700
|
||
|
+++ audit-2.8.2/auparse/interpret.c 2018-03-11 17:19:51.658919957 -0700
|
||
|
@@ -860,7 +860,7 @@
|
||
|
// Proctitle has arguments separated by NUL bytes
|
||
|
// We need to write over the NUL bytes with a space
|
||
|
// so that we can see the arguments
|
||
|
- while ((ptr = rawmemchr(ptr, '\0'))) {
|
||
|
+ while ((ptr = memchr(ptr, '\0', SIZE_MAX))) {
|
||
|
if (ptr >= end)
|
||
|
break;
|
||
|
*ptr = ' ';
|
||
|
diff -Naur audit-2.8.2.orig/lib/libaudit.c audit-2.8.2/lib/libaudit.c
|
||
|
--- audit-2.8.2.orig/lib/libaudit.c 2018-03-11 17:16:39.336923401 -0700
|
||
|
+++ audit-2.8.2/lib/libaudit.c 2018-03-11 17:20:03.037919753 -0700
|
||
|
@@ -33,7 +33,7 @@
|
||
|
#include <pwd.h>
|
||
|
#include <grp.h>
|
||
|
#include <errno.h>
|
||
|
-#include <sys/poll.h>
|
||
|
+#include <poll.h>
|
||
|
#include <sys/utsname.h>
|
||
|
#include <sys/stat.h>
|
||
|
#include <fcntl.h> /* O_NOFOLLOW needs gnu defined */
|
||
|
diff -Naur audit-2.8.2.orig/lib/netlink.c audit-2.8.2/lib/netlink.c
|
||
|
--- audit-2.8.2.orig/lib/netlink.c 2018-03-11 17:16:39.339923401 -0700
|
||
|
+++ audit-2.8.2/lib/netlink.c 2018-03-11 17:20:13.132919573 -0700
|
||
|
@@ -27,7 +27,7 @@
|
||
|
#include <errno.h>
|
||
|
#include <fcntl.h>
|
||
|
#include <time.h>
|
||
|
-#include <sys/poll.h>
|
||
|
+#include <poll.h>
|
||
|
#include "libaudit.h"
|
||
|
#include "private.h"
|
||
|
|
||
|
diff -Naur audit-2.8.2.orig/src/auditctl.c audit-2.8.2/src/auditctl.c
|
||
|
--- audit-2.8.2.orig/src/auditctl.c 2018-03-11 17:16:39.348923401 -0700
|
||
|
+++ audit-2.8.2/src/auditctl.c 2018-03-11 17:20:31.154919250 -0700
|
||
|
@@ -37,6 +37,7 @@
|
||
|
#include <sys/time.h>
|
||
|
#include <fcntl.h>
|
||
|
#include <errno.h>
|
||
|
+#include <sys/select.h>
|
||
|
#include <libgen.h> /* For basename */
|
||
|
#include <limits.h> /* PATH_MAX */
|
||
|
#include "libaudit.h"
|
||
|
diff -Naur audit-2.8.2.orig/src/auditd.c audit-2.8.2/src/auditd.c
|
||
|
--- audit-2.8.2.orig/src/auditd.c 2018-03-11 17:16:39.351923401 -0700
|
||
|
+++ audit-2.8.2/src/auditd.c 2018-03-11 17:22:04.763917574 -0700
|
||
|
@@ -30,6 +30,7 @@
|
||
|
#include <errno.h>
|
||
|
#include <string.h>
|
||
|
#include <time.h>
|
||
|
+#include <alloca.h>
|
||
|
#include <sys/resource.h>
|
||
|
#include <sys/time.h>
|
||
|
#include <sys/stat.h>
|
||
|
@@ -187,7 +188,9 @@
|
||
|
|
||
|
static int extract_type(const char *str)
|
||
|
{
|
||
|
- const char *tptr, *ptr2, *ptr = str;
|
||
|
+ const char *ptr2, *ptr = str;
|
||
|
+ char *tptr;
|
||
|
+
|
||
|
if (*str == 'n') {
|
||
|
ptr = strchr(str+1, ' ');
|
||
|
if (ptr == NULL)
|
||
|
@@ -197,7 +200,9 @@
|
||
|
// ptr should be at 't'
|
||
|
ptr2 = strchr(ptr, ' ');
|
||
|
// get type=xxx in a buffer
|
||
|
- tptr = strndupa(ptr, ptr2 - ptr);
|
||
|
+ tptr = (char *) alloca(ptr2 - ptr + 1);
|
||
|
+ strncpy(tptr, ptr, ptr2 - ptr);
|
||
|
+ tptr[ptr2 - ptr] = '\0';
|
||
|
// find =
|
||
|
str = strchr(tptr, '=');
|
||
|
if (str == NULL)
|
||
|
diff -Naur audit-2.8.2.orig/src/ausearch-lol.c audit-2.8.2/src/ausearch-lol.c
|
||
|
--- audit-2.8.2.orig/src/ausearch-lol.c 2018-03-11 17:16:39.351923401 -0700
|
||
|
+++ audit-2.8.2/src/ausearch-lol.c 2018-03-11 17:23:30.575916037 -0700
|
||
|
@@ -135,12 +135,21 @@
|
||
|
static int extract_timestamp(const char *b, event *e)
|
||
|
{
|
||
|
char *ptr, *tmp, *tnode, *ttype;
|
||
|
+ char _tmp[341];
|
||
|
|
||
|
e->node = NULL;
|
||
|
if (*b == 'n')
|
||
|
- tmp = strndupa(b, 340);
|
||
|
+ {
|
||
|
+ strncpy(_tmp, b, 340);
|
||
|
+ _tmp[340] = '\0';
|
||
|
+ tmp = _tmp;
|
||
|
+ }
|
||
|
else
|
||
|
- tmp = strndupa(b, 80);
|
||
|
+ {
|
||
|
+ strncpy(_tmp, b, 80);
|
||
|
+ _tmp[80] = '\0';
|
||
|
+ tmp = _tmp;
|
||
|
+ }
|
||
|
ptr = audit_strsplit(tmp);
|
||
|
if (ptr) {
|
||
|
// Check to see if this is the node info
|