File _service:tar_scm_kernel_repo:backport-Another-h... of Package audit

File _service:tar_scm_kernel_repo:backport-Another-hardening-measure-for-corrupted-logs.patch of Package audit

From ab8f522953a56c860cac2cca2a7d7874419111d5 Mon Sep 17 00:00:00 2001
From: Steve Grubb <sgrubb@redhat.com>
Date: Sat, 7 Aug 2021 13:13:19 -0400
Subject: [PATCH 2198/2246] Another hardening measure for corrupted logs

---
 src/ausearch-lookup.c |  3 +++
 src/ausearch-parse.c  | 25 +++++++++++++++----------
 2 files changed, 18 insertions(+), 10 deletions(-)

diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c
index e27c784..dd58c36 100644
--- a/src/ausearch-lookup.c
+++ b/src/ausearch-lookup.c
@@ -300,6 +300,9 @@ char *unescape(const char *buf)
 		while (isxdigit(*ptr))
 			ptr++;
 	}
+	if ((ptr - buf) == 0)
+		return NULL;
+
 	str = strndup(buf, ptr - buf);
 
 	if (*buf == '(')
diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c
index d051137..78dc44c 100644
--- a/src/ausearch-parse.c
+++ b/src/ausearch-parse.c
@@ -1658,12 +1658,21 @@ static int parse_sockaddr(const lnode *n, search_items *s)
 	if (event_hostname || event_filename) {
 		str = strstr(n->message, "saddr=");
 		if (str) {
-			int len;
+			unsigned int len = 0;
 			struct sockaddr *saddr;
 			char name[NI_MAXHOST];
 
 			str += 6;
-			len = strlen(str)/2;
+			const char *ptr = str;
+			if (*ptr == '(') {
+				const char *ptr2 = strchr(ptr, ')');
+				if (ptr2)
+					len = (ptr2 - ptr) + 1;
+			} else {
+				while (isxdigit(ptr[len]))
+					len++;
+				len /= 2;
+			}
 			s->hostname = unescape(str);
 			if (s->hostname == NULL)
 				return 4;
@@ -1683,17 +1692,13 @@ static int parse_sockaddr(const lnode *n, search_items *s)
 				}
 				len = sizeof(struct sockaddr_in6);
 			} else if (saddr->sa_family == AF_UNIX) {
-				struct sockaddr_un *un =
-					(struct sockaddr_un *)saddr;
-				if (un->sun_path[0])
-					len = strlen(un->sun_path);
-				else // abstract name
-					len = strlen(&un->sun_path[1]);
-				if (len == 0) {
+				if (len < 4) {
 					fprintf(stderr,
 						"sun_path len too short\n");
 					return 3;
 				}
+				struct sockaddr_un *un =
+					(struct sockaddr_un *)saddr;
 				if (event_filename) {
 					if (!s->filename) {
 						//create
@@ -1736,7 +1741,7 @@ static int parse_sockaddr(const lnode *n, search_items *s)
 				s->hostname = NULL;
 				return 0;
 			}
-			if (getnameinfo(saddr, len, name, NI_MAXHOST, 
+			if (getnameinfo(saddr, len, name, NI_MAXHOST,
 					NULL, 0, NI_NUMERICHOST) ) {
 				free(s->hostname);
 				s->hostname = NULL;
-- 
1.8.3.1