From dc149af6486e023e5a87051ec1cac504d670c777 Mon Sep 17 00:00:00 2001 From: CentOS Sources Date: Mar 28 2023 13:16:41 +0000 Subject: import sysstat-11.7.3-9.el8 --- diff --git a/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch b/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch new file mode 100644 index 0000000..55a5bfa --- /dev/null +++ b/SOURCES/0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch @@ -0,0 +1,101 @@ +From 560d88cb5a16636acb0e350d6997fe915cc4253e Mon Sep 17 00:00:00 2001 +From: Kyle Walker +Date: Wed, 30 Jan 2019 07:50:55 -0500 +Subject: [PATCH] sadc: Add a -f flag to force fdatasync() use + +For quite some time, the sadc utility has not used fdatasync() when writing +stat information to disk. This resulted in instances where data files could +be corrupted or entries lost if a system encountered a sudden reset +condition. This change adds a "-f" flag which can be used to bring back the +previous behaviour if end users require it. + +Note, the fdatasync() lowers the likelihood of lost data, but does so at +the expense of performance within the write operation. +--- + man/sadc.in | 8 +++++++- + sa.h | 2 ++ + sadc.c | 13 ++++++++++++- + 3 files changed, 21 insertions(+), 2 deletions(-) + +diff --git a/man/sadc.in b/man/sadc.in +index 2d754b71..ce8ee230 100644 +--- a/man/sadc.in ++++ b/man/sadc.in +@@ -4,7 +4,7 @@ sadc \- System activity data collector. + .SH SYNOPSIS + .B @SA_LIB_DIR@/sadc [ -C + .I comment +-.B ] [ -D ] [ -F ] [ -L ] [ -V ] [ -S { DISK | INT | IPV6 | POWER | SNMP | XDISK | ALL | XALL [,...] } ] [ ++.B ] [ -D ] [ -F ] [ -L ] [ -V ] [ -f ] [ -S { DISK | INT | IPV6 | POWER | SNMP | XDISK | ALL | XALL [,...] } ] [ + .I interval + .B [ + .I count +@@ -106,6 +106,12 @@ then it will be truncated. This may be useful for daily data files + created by an older version of + .B sadc + and whose format is no longer compatible with current one. ++.IP -f ++fdatasync() will be used to ensure data is written to disk. This differs ++from the normal operation in that a sudden system reset is less likely to ++result in the saDD datafiles being corrupted. However, this is at the ++expense of performance within the sadc process as forward progress will be ++blocked while data is written to underlying disk instead of just to cache. + .IP -L + .B sadc + will try to get an exclusive lock on the +diff --git a/sa.h b/sa.h +index 1cd0c3d9..d3236f7c 100644 +--- a/sa.h ++++ b/sa.h +@@ -110,5 +110,6 @@ + #define S_F_HUMAN_READ 0x01000000 + #define S_F_ZERO_OMIT 0x02000000 ++#define S_F_FDATASYNC 0x08000000 + + #define WANT_SINCE_BOOT(m) (((m) & S_F_SINCE_BOOT) == S_F_SINCE_BOOT) + #define WANT_SA_ROTAT(m) (((m) & S_F_SA_ROTAT) == S_F_SA_ROTAT) +@@ -138,5 +139,6 @@ + #define PACK_VIEWS(m) (((m) & S_F_SVG_PACKED) == S_F_SVG_PACKED) + #define DISPLAY_HUMAN_READ(m) (((m) & S_F_HUMAN_READ) == S_F_HUMAN_READ) ++#define FDATASYNC(m) (((m) & S_F_FDATASYNC) == S_F_FDATASYNC) + + #define AO_F_NULL 0x00000000 + +diff --git a/sadc.c b/sadc.c +index 826f4aed..139d490a 100644 +--- a/sadc.c ++++ b/sadc.c +@@ -92,7 +92,7 @@ void usage(char *progname) + progname); + + fprintf(stderr, _("Options are:\n" +- "[ -C ] [ -D ] [ -F ] [ -L ] [ -V ]\n" ++ "[ -C ] [ -D ] [ -F ] [ -L ] [ -V ] [ -f ]\n" + "[ -S { INT | DISK | IPV6 | POWER | SNMP | XDISK | ALL | XALL } ]\n")); + exit(1); + } +@@ -1109,6 +1109,13 @@ void rw_sa_stat_loop(long count, int stdfd, int ofd, char ofile[], + + /* Flush data */ + fflush(stdout); ++ if (FDATASYNC(flags)) { ++ /* If indicated, sync the data to media */ ++ if (fdatasync(ofd) < 0) { ++ perror("fdatasync"); ++ exit(4); ++ } ++ } + + if (count > 0) { + count--; +@@ -1206,6 +1213,10 @@ int main(int argc, char **argv) + optz = 1; + } + ++ else if (!strcmp(argv[opt], "-f")) { ++ flags |= S_F_FDATASYNC; ++ } ++ + else if (!strcmp(argv[opt], "-C")) { + if (!argv[++opt]) { + usage(argv[0]); diff --git a/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch b/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch new file mode 100644 index 0000000..8338a9b --- /dev/null +++ b/SOURCES/CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch @@ -0,0 +1,85 @@ +From 9c4eaf150662ad40607923389d4519bc83b93540 Mon Sep 17 00:00:00 2001 +From: Sebastien +Date: Sat, 15 Oct 2022 14:24:22 +0200 +Subject: [PATCH] Fix size_t overflow in sa_common.c (GHSL-2022-074) + +allocate_structures function located in sa_common.c insufficiently +checks bounds before arithmetic multiplication allowing for an +overflow in the size allocated for the buffer representing system +activities. + +This patch checks that the post-multiplied value is not greater than +UINT_MAX. + +Signed-off-by: Sebastien +--- + common.c | 25 +++++++++++++++++++++++++ + common.h | 2 ++ + sa_common.c | 6 ++++++ + 3 files changed, 33 insertions(+) + +diff --git a/common.c b/common.c +index 81c77624..1a84b052 100644 +--- a/common.c ++++ b/common.c +@@ -1655,4 +1655,29 @@ int parse_values(char *strargv, unsigned char bitmap[], int max_val, const char + + return 0; + } ++ ++/* ++ *************************************************************************** ++ * Check if the multiplication of the 3 values may be greater than UINT_MAX. ++ * ++ * IN: ++ * @val1 First value. ++ * @val2 Second value. ++ * @val3 Third value. ++ *************************************************************************** ++ */ ++void check_overflow(size_t val1, size_t val2, size_t val3) ++{ ++ if ((unsigned long long) val1 * ++ (unsigned long long) val2 * ++ (unsigned long long) val3 > UINT_MAX) { ++#ifdef DEBUG ++ fprintf(stderr, "%s: Overflow detected (%llu). Aborting...\n", ++ __FUNCTION__, ++ (unsigned long long) val1 * (unsigned long long) val2 * (unsigned long long) val3); ++#endif ++ exit(4); ++ } ++} ++ + #endif /* SOURCE_SADC undefined */ +diff --git a/common.h b/common.h +index 55b6657d..e8ab98ab 100644 +--- a/common.h ++++ b/common.h +@@ -260,6 +260,8 @@ int check_dir + (const char *, int); + + #ifndef SOURCE_SADC ++void check_overflow ++ (size_t, size_t, size_t); + int count_bits + (void *, int); + int count_csvalues +diff --git a/sa_common.c b/sa_common.c +index 3699a840..b2cec4ad 100644 +--- a/sa_common.c ++++ b/sa_common.c +@@ -459,7 +459,13 @@ void allocate_structures(struct activity *act[]) + int i, j; + + for (i = 0; i < NR_ACT; i++) { ++ + if (act[i]->nr_ini > 0) { ++ ++ /* Look for a possible overflow */ ++ check_overflow((size_t) act[i]->msize, (size_t) act[i]->nr_ini, ++ (size_t) act[i]->nr2); ++ + for (j = 0; j < 3; j++) { + SREALLOC(act[i]->buf[j], void, + (size_t) act[i]->msize * (size_t) act[i]->nr_ini * (size_t) act[i]->nr2); diff --git a/SPECS/sysstat.spec b/SPECS/sysstat.spec index 58d1f57..c77aeeb 100644 --- a/SPECS/sysstat.spec +++ b/SPECS/sysstat.spec @@ -1,7 +1,7 @@ Summary: Collection of performance monitoring tools for Linux Name: sysstat Version: 11.7.3 -Release: 7%{?dist} +Release: 9%{?dist} License: GPLv2+ Group: Applications/System URL: http://sebastien.godard.pagesperso-orange.fr/ @@ -17,6 +17,8 @@ Patch02: 0001-ignoring-autofs-as-real-filesystem-by-counting-numbe.patch Patch03: 0001-sar-Add-missing-gnice-CPU-value-for-tickless-CPU.patch Patch04: 0001-sadf-Fix-seg-fault-on-empty-data-files.patch Patch05: 0001-sar-Fix-typo-in-manual-page.patch +Patch06: CVE-2022-39377-arithmetic-overflow-in-allocate-structures-on-32-bit-systems.patch +Patch07: 0001-sadc-Add-a-f-flag-to-force-fdatasync-use.patch BuildRequires: gettext, lm_sensors-devel, systemd @@ -50,6 +52,8 @@ The cifsiostat command reports I/O statistics for CIFS file systems. %patch03 -p1 %patch04 -p1 %patch05 -p1 +%patch06 -p1 +%patch07 -p1 %build export CFLAGS="$RPM_OPT_FLAGS -Wl,-z,now -specs=/usr/lib/rpm/redhat/redhat-hardened-ld" @@ -98,6 +102,12 @@ fi %{_localstatedir}/log/sa %changelog +* Wed Dec 14 2022 Lukáš Zaoral - 11.7.3-9 +- add -f flag to force fdatasync() after sa file update (#2153192) + +* Thu Nov 10 2022 Lukáš Zaoral - 11.7.3-8 +- arithmetic overflow in allocate_structures() on 32 bit systems (CVE-2022-39377) + * Mon Nov 29 2021 - 11.7.3-7 - Don't trigger autofs mounts when running sadc (#2000910) - sar: Add missing %gnice CPU value for tickless CPU (#2000916)