From 2aad8e88910b930ce85e04e4a983c044ab56a5ee Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 24 2022 07:54:44 +0000 Subject: import audit-3.0.7-3.el8 --- diff --git a/SOURCES/audit-3.0.8-auparse-path-norm.patch b/SOURCES/audit-3.0.8-auparse-path-norm.patch new file mode 100644 index 0000000..2fb20fb --- /dev/null +++ b/SOURCES/audit-3.0.8-auparse-path-norm.patch @@ -0,0 +1,31 @@ +From becc1c297279f757835943e2cad63992134511f9 Mon Sep 17 00:00:00 2001 +From: Sergio Correia +Date: Mon, 7 Mar 2022 13:11:09 -0300 +Subject: [PATCH] auparse: fix off-by-one issue in path_norm() (#242) + +When defining dest = rpath + 1, we end up having the first char of +`dest' as NULL -- since `rpath' points to `working', which is a static +buffer. + +With the first char as NULL, path_norm() ends up producing an empty string. + +This commit fixes the issue reported in this [1] mailing list post. + +[1] https://listman.redhat.com/archives/linux-audit/2022-February/018844.html +--- + auparse/interpret.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/auparse/interpret.c b/auparse/interpret.c +index c8a0d96dd..df593c44c 100644 +--- a/auparse/interpret.c ++++ b/auparse/interpret.c +@@ -895,7 +895,7 @@ static char *path_norm(const char *name) + return strdup(name); + + rpath = working; +- dest = rpath + 1; ++ dest = rpath; + rpath_limit = rpath + PATH_MAX; + + for (start = name; *start; start = end) { diff --git a/SPECS/audit.spec b/SPECS/audit.spec index e8c8853..7a5b286 100644 --- a/SPECS/audit.spec +++ b/SPECS/audit.spec @@ -3,12 +3,14 @@ Summary: User space tools for kernel auditing Name: audit Version: 3.0.7 -Release: 2%{?dist} +Release: 3%{?dist} License: GPLv2+ URL: http://people.redhat.com/sgrubb/audit/ Source0: http://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz Source1: https://www.gnu.org/licenses/lgpl-2.1.txt +Patch1: audit-3.0.8-auparse-path-norm.patch + BuildRequires: gcc swig make BuildRequires: openldap-devel BuildRequires: krb5-devel libcap-ng-devel @@ -83,6 +85,7 @@ Management Facility) database, through an IBM Tivoli Directory Server %prep %setup -q cp %{SOURCE1} . +%patch1 -p1 %build %configure --with-python=no \ @@ -235,6 +238,10 @@ fi %attr(750,root,root) %{_sbindir}/audispd-zos-remote %changelog +* Mon Mar 14 2022 Sergio Correia - 3.0.7-3 +- Fix path normalization in auparse + Resolves: rhbz#2062612 - auparse missing information when used with --format-text + * Tue Feb 22 2022 Sergio Correia - 3.0.7-2 - Adjust sample-rules dir permissions Resolves: rhbz#2054727 - /usr/share/audit/sample-rules is no longer readable by non-root users