Projects
openEuler:20.03:LTS:SP3
audit
_service:tar_scm_kernel_repo:backport-Another-h...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm_kernel_repo:backport-Another-hardening-measure-for-corrupted-logs.patch of Package audit
From ab8f522953a56c860cac2cca2a7d7874419111d5 Mon Sep 17 00:00:00 2001 From: Steve Grubb <sgrubb@redhat.com> Date: Sat, 7 Aug 2021 13:13:19 -0400 Subject: [PATCH 2198/2246] Another hardening measure for corrupted logs --- src/ausearch-lookup.c | 3 +++ src/ausearch-parse.c | 25 +++++++++++++++---------- 2 files changed, 18 insertions(+), 10 deletions(-) diff --git a/src/ausearch-lookup.c b/src/ausearch-lookup.c index e27c784..dd58c36 100644 --- a/src/ausearch-lookup.c +++ b/src/ausearch-lookup.c @@ -300,6 +300,9 @@ char *unescape(const char *buf) while (isxdigit(*ptr)) ptr++; } + if ((ptr - buf) == 0) + return NULL; + str = strndup(buf, ptr - buf); if (*buf == '(') diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c index d051137..78dc44c 100644 --- a/src/ausearch-parse.c +++ b/src/ausearch-parse.c @@ -1658,12 +1658,21 @@ static int parse_sockaddr(const lnode *n, search_items *s) if (event_hostname || event_filename) { str = strstr(n->message, "saddr="); if (str) { - int len; + unsigned int len = 0; struct sockaddr *saddr; char name[NI_MAXHOST]; str += 6; - len = strlen(str)/2; + const char *ptr = str; + if (*ptr == '(') { + const char *ptr2 = strchr(ptr, ')'); + if (ptr2) + len = (ptr2 - ptr) + 1; + } else { + while (isxdigit(ptr[len])) + len++; + len /= 2; + } s->hostname = unescape(str); if (s->hostname == NULL) return 4; @@ -1683,17 +1692,13 @@ static int parse_sockaddr(const lnode *n, search_items *s) } len = sizeof(struct sockaddr_in6); } else if (saddr->sa_family == AF_UNIX) { - struct sockaddr_un *un = - (struct sockaddr_un *)saddr; - if (un->sun_path[0]) - len = strlen(un->sun_path); - else // abstract name - len = strlen(&un->sun_path[1]); - if (len == 0) { + if (len < 4) { fprintf(stderr, "sun_path len too short\n"); return 3; } + struct sockaddr_un *un = + (struct sockaddr_un *)saddr; if (event_filename) { if (!s->filename) { //create @@ -1736,7 +1741,7 @@ static int parse_sockaddr(const lnode *n, search_items *s) s->hostname = NULL; return 0; } - if (getnameinfo(saddr, len, name, NI_MAXHOST, + if (getnameinfo(saddr, len, name, NI_MAXHOST, NULL, 0, NI_NUMERICHOST) ) { free(s->hostname); s->hostname = NULL; -- 1.8.3.1
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.