gentoo auto-resync : 07:08:2024 - 12:37:20

author: V3n3RiX <venerix@koprulu.sector> 2024-08-07 12:37:21 +0100
committer: V3n3RiX <venerix@koprulu.sector> 2024-08-07 12:37:21 +0100
commit: b8c7370a682e4e29cda623222d17a790c01c3642 (patch)
tree: f6caa14689bd00a5760eadaa381ff41e50ef3c1b /sys-process/audit
parent: 8a4997a7e2d1e36c089d4d76935b5a902d98d3d0 (diff)
4 files changed, 797 insertions, 0 deletions
diff --git a/sys-process/audit/Manifest b/sys-process/audit/Manifest
index 28ac1b502a31..70bcf1a6b149 100644
--- a/sys-process/audit/Manifest
+++ b/sys-process/audit/Manifest
@@ -1,6 +1,8 @@
 AUX audit-3.0.8-musl-malloc.patch 1415 BLAKE2B 0b3a9ec80ed8b445e4d5eea0b9f49f4e5a165ac538b7769305b9107be0874ee9b50f30ea13f77d1b9d54a35ada15a0dfd07e5b905f03b4df3834a4904dec4b94 SHA512 152674f0000a14d7e13b31c1b6cfc0bf48f94f56eb2a1d52e5aa2e306264c507dd1410b7a1457195578bce734ae9ac7f9ad3e10006a8451450b6d8bf6592a8d6
 AUX audit-3.1.3-musl-malloc.patch 890 BLAKE2B bfe6bc484ed86af5c9bb03d53d5ba05c47a7e342665be02cb1ec23c00e7c1bdf1876021f3f787584c0685cd6b8a2f733ab9cbf65840fd161898d4a2b74d28412 SHA512 03c84792fa4dd3e4b9310b7e95247d1a8772e202c265b7f3272e57016b2b796b2bf71536a7e31143ad972b203d4470804288b9b973e3239670329ee5ac11cbca
 AUX audit-3.1.4-c99.patch 17997 BLAKE2B 3e44a2f948dfed2f46c453c2e56a9440c56c58326f9e35a466119c3aa67ba56ca0a28e708a1a356400c411068fe09030c337a851ce8690a3645c58a5b406b7ae SHA512 cbf20ba9ffba31af0fa015a211fcb66d1420eff3547e3b7ff1e52e092fdb2a4d1bb790910d65774139b64c9dadcf68f75c56787fb7861a008cfd881bef3f7834
+AUX audit-4.0.1-implicit-builtin-functions.patch 18210 BLAKE2B ea15d2d81ab9eb580e1586c276f0846fa7473176b7eead9e6d47788ec847665f3e670dcc84e78158a040fd5eaba3f946aa786b66b15f34fb216d73e34c90ec99 SHA512 579eca565c0e7f8fe3451ba806298c67a127009e029a91e8d5a33e76a6831c2867bc27c1d63c83334dadd318edc01f7af04c0a2b3cd6072a17a7f406ff06c5a3
+AUX audit-4.0.1-null-deref.patch 1148 BLAKE2B a148aa4d68c04adeed6c02fcd72dc196739bc139ecb3af32bff8c78ddbb6f5206faac560205ebef04703d2750bb0163426d84e8277d38bfe78e42698bede5d98 SHA512 89ba281d94039091f86e42db67c83d4758a89b5cf42b9ef697a87712be011bcea4c52126a3b707cc7a1890d2602515b1b8bb6bbccc333a56abb8f1c23873ac26
 AUX audit.rules-2.1.3 1009 BLAKE2B df40176208bd68cb9021d15ea5803bb0d1c768c9d6400036a69409e1aae3ad55b89983ed94f22a6399a9cec8fc3dc7b20a7b27e75cdea24edda92b95ee19af87 SHA512 bce3ee9aaa0ab48395e6e10ee9b3627d6b7a8083abefdc4009de26649c65a39e000078f799e8c3c9e3341dfa030c6dfbbcad2fb7756fbb3d01b27be078adecec
 AUX audit.rules.stop.post 452 BLAKE2B b10d6d6c0fa475998856e674bd5c8dc0d7ca8f1d676a684223f48d1b22ce90441b2970c02b0eab882b3d3059f2b350d8a34109b03f5457f709624dccb3722e82 SHA512 a7bc52cbbea278a38e2837149524bb21b2c5367c96ed07fe576e08322595c5bee57ff07f8ebecd17391d9c3abe1ba187ac6e39400a153bf0ace4257303d036d3
 AUX audit.rules.stop.pre 427 BLAKE2B ddf4ac16c3e1fd401c266287e792865adf8f4dd0b4bbaea6f991bf8dcee69c8ecd69c93d0cbd8352e280c3c61d24de23ca89f700e383c79036526e59c311c004 SHA512 def5ef378ad554f38754839d1c00c598686645a59896e37a3c7ff07b00aaa05a2b92305e49a750358eaba63a7d48fb647472529b155301069771678eed272463
@@ -9,7 +11,9 @@ AUX auditd-init.d-2.4.3 2054 BLAKE2B 20e68ab676c925b8567a7e9a12d2ac055fd90477cbb
 DIST audit-3.1.2.tar.gz 1219860 BLAKE2B dfdec470bf12cce6c570b3d260e65e2b49e8ac0761e6a6fbf7b4f4a57f92e88367cd74bfcb88e6d718619b88fea27ce963a977c9f4346c95d18a5310e217accb SHA512 a97003a294ed3671df01e2952688e7d5eef59a35f6891feb53e67c4c7eab9ae8c2d18de41a5b5b20e0ad7156fac93aec05f32f6bc5eea706b42b6f27f676446a
 DIST audit-3.1.3.tar.gz 1225761 BLAKE2B 97ee35fc722083d541e164b27fd318ec7be2a4e4e8774767d14c6a2e800092a37b7042a272db5d208c913fb36d295c5343bd6082237caf0fb561ec3c7a2883db SHA512 7d6399ca97b171d5ea3cf7f7566bdabe9d5677a3a54c75411146dc2971106809a90d1a9cd0b1ba9b8af4cc409e6bee5876c7f2a0c54c42400fdcf9cfade58a8c
 DIST audit-3.1.4.tar.gz 1225648 BLAKE2B c6875f7d031e810469511ac8f86f05b2de7f19c044dbf67bc9d66430167fcf0f031e0279ce170a496b672a6fc99ee18b8cc39943e6faf3c19a24a381d2701439 SHA512 d26c498c91e838d97d3f199630650f509bb1e82b44d364306b20db32d4116fa73d775ef56c0fed2ec8d548b19215052691cbc80c74699bc87f2a0ea08cf664f5
+DIST audit-4.0.1.tar.gz 1194961 BLAKE2B 590abf58e672921a432348f48936cfbff0b6ddfa47e77b3b20eaa00e5d1c4ce2fc8d10c1fc1cbc19d44c09a9f7dfbca76778c94d8d340485c2bb1bb3b5a3c95a SHA512 7fbc426d0ddea340a36ceab52ac090e8e3dfb3450ebf50b478324a097f19ab4bb2cf78a2532644acb17e6114b59b8fda718affda9da62fb84181e3abf76039df
 EBUILD audit-3.1.2.ebuild 4808 BLAKE2B 6c0fc3cad44a8fa25428ae771feb649053238bbad4b925eb8ffd8ec5fb7345b092c8679273aa9a803959adf75682fe5b11a2bd020e2f93e815b33a89cab1d5d3 SHA512 11e52292da84178c5366c7e7c4560a2772f19b0566ee0f42b172c2612110a35cc28c718f5d26234f8b6e3c31f7e336c2d84e358b86f4e819709657a90e9e6abc
 EBUILD audit-3.1.3.ebuild 4813 BLAKE2B d97ddf923fbcd980d62b7650f5cf86e3cc90ec5657daeab6f80aa7b622e209a34068abd9602c66ff378bae482f4c9a76f9daeb1431873257f30f3ae2442c5de3 SHA512 3eb96b05b59d5048c799d928a25ddd021f4f0197699086636b3bfe4b85d517c49dd3ef3a2021f587e51f484c6a6fed9d576590fb3eeb695fadb9aee8ba4b50c1
 EBUILD audit-3.1.4-r1.ebuild 4798 BLAKE2B 2e42554299be2bed3a4ea5c7e45573a7c724ee6615ebe71b62176836a5d53e4129acf92bc71da61112dafce354595e69aee2be2e0c436a1ff8fc5cb38937f7c0 SHA512 94b11010c6924d1193068b965cef8d9fb7fd5d54e2e84c8189405020fff0119ff60bf10666b84c595d02f78acdc585b0d9637a35f7cd24247454ff0ff99dc834
+EBUILD audit-4.0.1-r1.ebuild 4888 BLAKE2B e682821cfbcf729ff62062355c1ba3e161aa753665a7c312b99bf36518dae3c0f6e6a6e6b73541e0da6d258505ab39395e8397757ab4a77f340676579b129cdd SHA512 e548e505e577a97a6ba109942407d4b674c5f1f6cfec0e96b7a8e61a2a5095efc5e39f6ef699f1f78d1b98eee81cde63a4fcb7c5578f7ae7f06e91b16a43bb18
 MISC metadata.xml 628 BLAKE2B 1e927808210f4acff077f0c9e1a2d358c823fd5ce405b2ef5f0ed760cfa2ac059665f5a11cf1d87314012025844f21b3b9cb25f38a892f715ab2e7de47bbb86a SHA512 2bcb29cb5748ac22d0902dc616cf236eca7f5440c48a6f4bd2b7f2c65ec35cf63bda79252ea21d3553749146b9c84a6db7af256e01a84d347bfd4d8d60a204f6
diff --git a/sys-process/audit/audit-4.0.1-r1.ebuild b/sys-process/audit/audit-4.0.1-r1.ebuild
new file mode 100644
index 000000000000..0757b5e9644a
--- /dev/null
+++ b/sys-process/audit/audit-4.0.1-r1.ebuild
@@ -0,0 +1,195 @@
+# Copyright 1999-2024 Gentoo Authors
+# Distributed under the terms of the GNU General Public License v2
+
+EAPI=8
+
+# As with sys-libs/libcap-ng, same maintainer in Fedora as upstream, so
+# check Fedora's packaging (https://src.fedoraproject.org/rpms/audit/tree/rawhide)
+# on bumps (or if hitting a bug) to see what they've done there.
+
+PYTHON_COMPAT=( python3_{10..13} )
+
+inherit autotools multilib-minimal toolchain-funcs python-r1 linux-info systemd usr-ldscript
+
+DESCRIPTION="Userspace utilities for storing and processing auditing records"
+HOMEPAGE="https://people.redhat.com/sgrubb/audit/"
+SRC_URI="https://people.redhat.com/sgrubb/audit/${P}.tar.gz"
+
+LICENSE="GPL-2+ LGPL-2.1+"
+SLOT="0"
+KEYWORDS="~alpha ~amd64 ~arm ~arm64 ~hppa ~ia64 ~loong ~mips ~ppc ~ppc64 ~riscv ~s390 ~sparc ~x86"
+IUSE="gssapi io-uring ldap python static-libs test"
+
+REQUIRED_USE="python? ( ${PYTHON_REQUIRED_USE} )"
+RESTRICT="!test? ( test )"
+
+RDEPEND="
+	sys-libs/libcap-ng
+	gssapi? ( virtual/krb5 )
+	ldap? ( net-nds/openldap:= )
+	python? ( ${PYTHON_DEPS} )
+"
+DEPEND="
+	${RDEPEND}
+	>=sys-kernel/linux-headers-2.6.34
+	test? ( dev-libs/check )
+"
+BDEPEND="
+	python? (
+		dev-lang/swig
+		$(python_gen_cond_dep '
+			dev-python/setuptools[${PYTHON_USEDEP}]
+		' python3_12)
+	)
+"
+
+CONFIG_CHECK="~AUDIT"
+
+QA_CONFIG_IMPL_DECL_SKIP=(
+	# missing on musl. Uses handrolled AC_LINK_IFELSE but fails at link time
+	# for older compilers regardless. bug #898828
+	strndupa
+)
+
+PATCHES=(
+	"${FILESDIR}/${P}-implicit-builtin-functions.patch"
+	"${FILESDIR}/${P}-null-deref.patch"
+)
+
+src_prepare() {
+	# audisp-remote moved in multilib_src_install_all
+	sed -i \
+		-e "s,/sbin/audisp-remote,${EPREFIX}/usr/sbin/audisp-remote," \
+		audisp/plugins/remote/au-remote.conf || die
+
+	# Disable installing sample rules so they can be installed as docs.
+	echo -e '%:\n\t:' | tee rules/Makefile.{am,in} >/dev/null || die
+
+	default
+	eautoreconf
+}
+
+multilib_src_configure() {
+	local myeconfargs=(
+		--sbindir="${EPREFIX}"/sbin
+		--localstatedir="${EPREFIX}"/var
+		--runstatedir="${EPREFIX}"/run
+		$(use_enable gssapi gssapi-krb5)
+		$(use_enable ldap zos-remote)
+		$(use_enable static-libs static)
+		$(use_with io-uring io_uring)
+		--without-golang
+		--without-libwrap
+		--without-python3
+	)
+
+	ECONF_SOURCE="${S}" econf "${myeconfargs[@]}"
+
+	if multilib_is_native_abi && use python; then
+		python_configure() {
+			mkdir -p "${BUILD_DIR}" || die
+			pushd "${BUILD_DIR}" &>/dev/null || die
+
+			ECONF_SOURCE="${S}" econf "${myeconfargs[@]}" --with-python3
+
+			popd &>/dev/null || die
+		}
+
+		python_foreach_impl python_configure
+	fi
+}
+
+src_configure() {
+	tc-export_build_env BUILD_{CC,CPP}
+
+	local -x CC_FOR_BUILD="${BUILD_CC}"
+	local -x CPP_FOR_BUILD="${BUILD_CPP}"
+
+	multilib-minimal_src_configure
+}
+
+multilib_src_compile() {
+	if multilib_is_native_abi; then
+		default
+
+		local native_build="${BUILD_DIR}"
+
+		python_compile() {
+			emake -C "${BUILD_DIR}"/bindings/swig top_builddir="${native_build}"
+			emake -C "${BUILD_DIR}"/bindings/python/python3 top_builddir="${native_build}"
+		}
+
+		use python && python_foreach_impl python_compile
+	else
+		emake -C common
+		emake -C lib
+		emake -C auparse
+	fi
+}
+
+multilib_src_install() {
+	if multilib_is_native_abi; then
+		emake DESTDIR="${D}" initdir="$(systemd_get_systemunitdir)" install
+
+		local native_build="${BUILD_DIR}"
+
+		python_install() {
+			emake -C "${BUILD_DIR}"/bindings/swig DESTDIR="${D}" top_builddir="${native_build}" install
+			emake -C "${BUILD_DIR}"/bindings/python/python3 DESTDIR="${D}" top_builddir="${native_build}" install
+			python_optimize
+		}
+
+		use python && python_foreach_impl python_install
+
+		# Things like shadow use this so we need to be in /
+		gen_usr_ldscript -a audit auparse
+	else
+		emake -C lib DESTDIR="${D}" install
+		emake -C auparse DESTDIR="${D}" install
+	fi
+}
+
+multilib_src_install_all() {
+	dodoc AUTHORS ChangeLog README* THANKS
+	docinto contrib
+	dodoc contrib/avc_snap
+	docinto contrib/plugin
+	dodoc contrib/plugin/*
+	docinto rules
+	dodoc rules/*rules
+
+	newinitd "${FILESDIR}"/auditd-init.d-2.4.3 auditd
+	newconfd "${FILESDIR}"/auditd-conf.d-2.1.3 auditd
+
+	if [[ -f "${ED}"/sbin/audisp-remote ]] ; then
+		dodir /usr/sbin
+		mv "${ED}"/{sbin,usr/sbin}/audisp-remote || die
+	fi
+
+	# Gentoo rules
+	insinto /etc/audit
+	newins "${FILESDIR}"/audit.rules-2.1.3 audit.rules
+	doins "${FILESDIR}"/audit.rules.stop*
+	keepdir /etc/audit/rules.d
+
+	# audit logs go here
+	keepdir /var/log/audit
+
+	find "${ED}" -type f -name '*.la' -delete || die
+
+	# Security
+	lockdown_perms "${ED}"
+}
+
+pkg_postinst() {
+	lockdown_perms "${EROOT}"
+}
+
+lockdown_perms() {
+	# Upstream wants these to have restrictive perms.
+	# Should not || die as not all paths may exist.
+	local basedir="${1}"
+	chmod 0750 "${basedir}"/sbin/au{ditctl,ditd,report,search,trace} 2>/dev/null
+	chmod 0750 "${basedir}"/var/log/audit 2>/dev/null
+	chmod 0640 "${basedir}"/etc/audit/{auditd.conf,audit*.rules*} 2>/dev/null
+}
diff --git a/sys-process/audit/files/audit-4.0.1-implicit-builtin-functions.patch b/sys-process/audit/files/audit-4.0.1-implicit-builtin-functions.patch
new file mode 100644
index 000000000000..cd0f0f7e727b
--- /dev/null
+++ b/sys-process/audit/files/audit-4.0.1-implicit-builtin-functions.patch
@@ -0,0 +1,563 @@
+Backport of https://github.com/linux-audit/audit-userspace/commit/8c7eaa7ead6c70486623674c19d649f3831578ad
+
+diff -ur audit-4.0.1.orig/audisp/audispd-llist.c audit-4.0.1/audisp/audispd-llist.c
+--- audit-4.0.1.orig/audisp/audispd-llist.c
++++ audit-4.0.1/audisp/audispd-llist.c
+@@ -69,11 +69,13 @@ unsigned int plist_count_active(const co
+ 	return cnt;
+ }
+ 
+-void plist_append(conf_llist *l, plugin_conf_t *p)
++int plist_append(conf_llist *l, plugin_conf_t *p)
+ {
+ 	lnode* newnode;
+ 
+ 	newnode = malloc(sizeof(lnode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	if (p) {
+ 		void *pp = malloc(sizeof(struct plugin_conf));
+@@ -94,6 +96,8 @@ void plist_append(conf_llist *l, plugin_
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ void plist_clear(conf_llist* l)
+diff -ur audit-4.0.1.orig/audisp/audispd-llist.h audit-4.0.1/audisp/audispd-llist.h
+--- audit-4.0.1.orig/audisp/audispd-llist.h
++++ audit-4.0.1/audisp/audispd-llist.h
+@@ -1,6 +1,6 @@
+ /*
+ * audispd-llist.h - Header file for ausearch-conf_llist.c
+-* Copyright (c) 2007,2013 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2007,2013 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -51,7 +51,7 @@ unsigned int plist_count_active(const co
+ void plist_last(conf_llist *l);
+ lnode *plist_next(conf_llist *l);
+ static inline lnode *plist_get_cur(conf_llist *l) { return l->cur; }
+-void plist_append(conf_llist *l, plugin_conf_t *p);
++int plist_append(conf_llist *l, plugin_conf_t *p);
+ void plist_clear(conf_llist* l);
+ void plist_mark_all_unchecked(conf_llist* l);
+ lnode *plist_find_unchecked(conf_llist* l);
+diff -ur audit-4.0.1.orig/auparse/normalize-llist.c audit-4.0.1/auparse/normalize-llist.c
+--- audit-4.0.1.orig/auparse/normalize-llist.c
++++ audit-4.0.1/auparse/normalize-llist.c
+@@ -1,6 +1,6 @@
+ /*
+  * normalize-llist.c - Minimal linked list library
+- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina.
++ * Copyright (c) 2016-17 Red Hat Inc.
+  * All Rights Reserved. 
+  *
+  * This library is free software; you can redistribute it and/or
+@@ -61,11 +61,14 @@ data_node *cllist_next(cllist *l)
+ 	return l->cur;
+ }
+ 
+-void cllist_append(cllist *l, uint32_t num, void *data)
++// Returns 0 on success and 1 on error
++int cllist_append(cllist *l, uint32_t num, void *data)
+ {
+ 	data_node *newnode;
+ 
+ 	newnode = malloc(sizeof(data_node));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	newnode->num = num;
+ 	newnode->data = data;
+@@ -80,5 +83,6 @@ void cllist_append(cllist *l, uint32_t n
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++	return 0;
+ }
+ 
+diff -ur audit-4.0.1.orig/auparse/normalize-llist.h audit-4.0.1/auparse/normalize-llist.h
+--- audit-4.0.1.orig/auparse/normalize-llist.h
++++ audit-4.0.1/auparse/normalize-llist.h
+@@ -1,6 +1,6 @@
+ /*
+  * normalize-llist.h - Header file for normalize-llist.c
+- * Copyright (c) 2016-17 Red Hat Inc., Durham, North Carolina.
++ * Copyright (c) 2016-17 Red Hat Inc.
+  * All Rights Reserved.
+  *
+  * This library is free software; you can redistribute it and/or
+@@ -53,7 +53,7 @@ AUDIT_HIDDEN_START
+ void cllist_create(cllist *l, void (*cleanup)(void *));
+ void cllist_clear(cllist* l);
+ data_node *cllist_next(cllist *l);
+-void cllist_append(cllist *l, uint32_t num, void *data);
++int cllist_append(cllist *l, uint32_t num, void *data);
+ 
+ AUDIT_HIDDEN_END
+ 
+diff -ur audit-4.0.1.orig/auparse/normalize.c audit-4.0.1/auparse/normalize.c
+--- audit-4.0.1.orig/auparse/normalize.c
++++ audit-4.0.1/auparse/normalize.c
+@@ -179,7 +179,8 @@ static unsigned int add_subj_attr(aupars
+ 	if ((auparse_find_field(au, str))) {
+ 		attr = set_record(0, rnum);
+ 		attr = set_field(attr, auparse_get_field_num(au));
+-		cllist_append(&D.actor.attr, attr, NULL);
++		if (cllist_append(&D.actor.attr, attr, NULL))
++			return 1;
+ 		return 0;
+ 	} else
+ 		auparse_goto_record_num(au, rnum);
+@@ -224,7 +225,8 @@ static unsigned int add_obj_attr(auparse
+ 	if ((auparse_find_field(au, str))) {
+ 		attr = set_record(0, rnum);
+ 		attr = set_field(attr, auparse_get_field_num(au));
+-		cllist_append(&D.thing.attr, attr, NULL);
++		if (cllist_append(&D.thing.attr, attr, NULL))
++			return 1;
+ 		return 0;
+ 	} else
+ 		auparse_goto_record_num(au, rnum);
+@@ -360,21 +362,23 @@ static void collect_id_obj2(auparse_stat
+ 	}
+ }
+ 
+-static void collect_path_attrs(auparse_state_t *au)
++static int collect_path_attrs(auparse_state_t *au)
+ {
+ 	value_t attr;
+ 	unsigned int rnum = auparse_get_record_num(au);
+ 
+ 	auparse_first_field(au);
+ 	if (add_obj_attr(au, "mode", rnum))
+-		return;	// Failed opens don't have anything else
++		return 1;	// Failed opens don't have anything else
+ 
+ 	// All the rest of the fields matter
+ 	while ((auparse_next_field(au))) {
+ 		attr = set_record(0, rnum);
+ 		attr = set_field(attr, auparse_get_field_num(au));
+-		cllist_append(&D.thing.attr, attr, NULL);
++		if (cllist_append(&D.thing.attr, attr, NULL))
++			return 1;
+ 	}
++	return 0;
+ }
+ 
+ static void collect_cwd_attrs(auparse_state_t *au)
+diff -ur audit-4.0.1.orig/src/auditctl-llist.c audit-4.0.1/src/auditctl-llist.c
+--- audit-4.0.1.orig/src/auditctl-llist.c
++++ audit-4.0.1/src/auditctl-llist.c
+@@ -1,7 +1,7 @@
+ /*
+ * ausearch-llist.c - Minimal linked list library
+-* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina.
+-* All Rights Reserved. 
++* Copyright (c) 2005 Red Hat Inc.
++* All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+ * terms of the GNU General Public License as published by the Free
+@@ -15,7 +15,7 @@
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to the
+-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor 
++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+ * Boston, MA 02110-1335, USA.
+ *
+ * Authors:
+@@ -59,11 +59,13 @@ lnode *list_next(llist *l)
+ 	return l->cur;
+ }
+ 
+-void list_append(llist *l, const struct audit_rule_data *r, size_t sz)
++int list_append(llist *l, const struct audit_rule_data *r, size_t sz)
+ {
+ 	lnode* newnode;
+ 
+ 	newnode = malloc(sizeof(lnode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	if (r) {
+ 		void *rr = malloc(sz);
+@@ -85,6 +87,8 @@ void list_append(llist *l, const struct
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ void list_clear(llist* l)
+diff -ur audit-4.0.1.orig/src/auditctl-llist.h audit-4.0.1/src/auditctl-llist.h
+--- audit-4.0.1.orig/src/auditctl-llist.h
++++ audit-4.0.1/src/auditctl-llist.h
+@@ -1,6 +1,6 @@
+ /*
+ * auditctl-llist.h - Header file for ausearch-llist.c
+-* Copyright (c) 2005 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2005 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -50,7 +50,7 @@ void list_first(llist *l);
+ void list_last(llist *l);
+ lnode *list_next(llist *l);
+ static inline lnode *list_get_cur(const llist *l) { return l->cur; }
+-void list_append(llist *l, const struct audit_rule_data *r, size_t sz);
++int list_append(llist *l, const struct audit_rule_data *r, size_t sz);
+ void list_clear(llist* l);
+ 
+ #endif
+diff -ur audit-4.0.1.orig/src/ausearch-avc.c audit-4.0.1/src/ausearch-avc.c
+--- audit-4.0.1.orig/src/ausearch-avc.c
++++ audit-4.0.1/src/ausearch-avc.c
+@@ -1,7 +1,7 @@
+ /*
+ * ausearch-avc.c - Minimal linked list library for avcs
+-* Copyright (c) 2006,2008,2014 Red Hat Inc., Durham, North Carolina.
+-* All Rights Reserved. 
++* Copyright (c) 2006,2008,2014 Red Hat Inc.
++* All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+ * terms of the GNU General Public License as published by the Free
+@@ -15,7 +15,7 @@
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to the
+-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor 
++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+ * Boston, MA 02110-1335, USA.
+ *
+ * Authors:
+@@ -62,11 +62,13 @@ static void alist_last(alist *l)
+ 	l->cur = cur;
+ }
+ 
+-void alist_append(alist *l, anode *node)
++int alist_append(alist *l, anode *node)
+ {
+ 	anode* newnode;
+ 
+ 	newnode = malloc(sizeof(anode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	if (node->scontext)
+ 		newnode->scontext = node->scontext;
+@@ -104,6 +106,8 @@ void alist_append(alist *l, anode *node)
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ int alist_find_subj(alist *l)
+diff -ur audit-4.0.1.orig/src/ausearch-avc.h audit-4.0.1/src/ausearch-avc.h
+--- audit-4.0.1.orig/src/ausearch-avc.h
++++ audit-4.0.1/src/ausearch-avc.h
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-avc.h - Header file for ausearch-string.c
+-* Copyright (c) 2006,2008 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2006,2008 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -54,7 +54,7 @@ void alist_create(alist *l);
+ static inline void alist_first(alist *l) { l->cur = l->head; }
+ anode *alist_next(alist *l);
+ static inline anode *alist_get_cur(const alist *l) { return l->cur; }
+-void alist_append(alist *l, anode *node);
++int alist_append(alist *l, anode *node);
+ void anode_init(anode *an);
+ void anode_clear(anode *an);
+ void alist_clear(alist* l);
+diff -ur audit-4.0.1.orig/src/ausearch-int.c audit-4.0.1/src/ausearch-int.c
+--- audit-4.0.1.orig/src/ausearch-int.c
++++ audit-4.0.1/src/ausearch-int.c
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-int.c - Minimal linked list library for integers
+-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2005,2008 Red Hat Inc.
+ * All Rights Reserved. 
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -41,11 +41,13 @@ int_node *ilist_next(ilist *l)
+ 	return l->cur;
+ }
+ 
+-void ilist_append(ilist *l, int num, unsigned int hits, int aux)
++int ilist_append(ilist *l, int num, unsigned int hits, int aux)
+ {
+ 	int_node* newnode;
+ 
+ 	newnode = malloc(sizeof(int_node));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	newnode->num = num;
+ 	newnode->hits = hits;
+@@ -61,6 +63,8 @@ void ilist_append(ilist *l, int num, uns
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ void ilist_clear(ilist* l)
+diff -ur audit-4.0.1.orig/src/ausearch-int.h audit-4.0.1/src/ausearch-int.h
+--- audit-4.0.1.orig/src/ausearch-int.h
++++ audit-4.0.1/src/ausearch-int.h
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-int.h - Header file for ausearch-int.c
+-* Copyright (c) 2005,2008 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2005,2008 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -48,7 +48,7 @@ void ilist_create(ilist *l);
+ static inline void ilist_first(ilist *l) { l->cur = l->head; }
+ int_node *ilist_next(ilist *l);
+ static inline int_node *ilist_get_cur(const ilist *l) { return l->cur; }
+-void ilist_append(ilist *l, int num, unsigned int hits, int aux);
++int ilist_append(ilist *l, int num, unsigned int hits, int aux);
+ void ilist_clear(ilist* l);
+ 
+ /* append a number if its not already on the list */
+diff -ur audit-4.0.1.orig/src/ausearch-llist.c audit-4.0.1/src/ausearch-llist.c
+--- audit-4.0.1.orig/src/ausearch-llist.c
++++ audit-4.0.1/src/ausearch-llist.c
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-llist.c - Minimal linked list library
+-* Copyright (c) 2005-2008,2011,2016 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2005-2008,2011,2016 Red Hat Inc.
+ * Copyright (c) 2011 IBM Corp.
+ * All Rights Reserved. 
+ *
+@@ -102,11 +102,13 @@ lnode *list_prev(llist *l)
+ 	return l->cur;
+ }
+ 
+-void list_append(llist *l, lnode *node)
++int list_append(llist *l, lnode *node)
+ {
+ 	lnode* newnode;
+ 
+ 	newnode = malloc(sizeof(lnode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	if (node->message)
+ 		newnode->message = node->message;
+@@ -119,7 +121,7 @@ void list_append(llist *l, lnode *node)
+ 	newnode->type = node->type;
+ 	newnode->a0 = node->a0;
+ 	newnode->a1 = node->a1;
+-	newnode->item = l->cnt; 
++	newnode->item = l->cnt;
+ 	newnode->next = NULL;
+ 
+ 	// if we are at top, fix this up
+@@ -131,6 +133,8 @@ void list_append(llist *l, lnode *node)
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ int list_find_item(llist *l, unsigned int i)
+diff -ur audit-4.0.1.orig/src/ausearch-llist.h audit-4.0.1/src/ausearch-llist.h
+--- audit-4.0.1.orig/src/ausearch-llist.h
++++ audit-4.0.1/src/ausearch-llist.h
+@@ -107,7 +107,7 @@ void list_last(llist *l);
+ lnode *list_next(llist *l);
+ lnode *list_prev(llist *l);
+ static inline lnode *list_get_cur(llist *l) { return l->cur; }
+-void list_append(llist *l, lnode *node);
++int list_append(llist *l, lnode *node);
+ void list_clear(llist* l);
+ int list_get_event(llist* l, event *e);
+ 
+diff -ur audit-4.0.1.orig/src/ausearch-nvpair.c audit-4.0.1/src/ausearch-nvpair.c
+--- audit-4.0.1.orig/src/ausearch-nvpair.c
++++ audit-4.0.1/src/ausearch-nvpair.c
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-nvpair.c - Minimal linked list library for name-value pairs
+-* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2006-08 Red Hat Inc.
+ * All Rights Reserved. 
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -34,9 +34,11 @@ void search_list_create(nvlist *l)
+ 	l->cnt = 0;
+ }
+ 
+-void search_list_append(nvlist *l, nvnode *node)
++int search_list_append(nvlist *l, nvnode *node)
+ {
+ 	nvnode* newnode = malloc(sizeof(nvnode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	newnode->name = node->name;
+ 	newnode->val = node->val;
+@@ -54,6 +56,8 @@ void search_list_append(nvlist *l, nvnod
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ int search_list_find_val(nvlist *l, long val)
+diff -ur audit-4.0.1.orig/src/ausearch-nvpair.h audit-4.0.1/src/ausearch-nvpair.h
+--- audit-4.0.1.orig/src/ausearch-nvpair.h
++++ audit-4.0.1/src/ausearch-nvpair.h
+@@ -1,6 +1,6 @@
+ /*
+ * ausearch-nvpair.h - Header file for ausearch-nvpair.c
+-* Copyright (c) 2006-08 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2006-08 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -46,7 +46,7 @@ typedef struct {
+ 
+ void search_list_create(nvlist *l);
+ static inline nvnode *search_list_get_cur(nvlist *l) { return l->cur; }
+-void search_list_append(nvlist *l, nvnode *node);
++int search_list_append(nvlist *l, nvnode *node);
+ void search_list_clear(nvlist* l);
+ 
+ /* Given a numeric index, find that record. */
+diff -ur audit-4.0.1.orig/src/ausearch-string.c audit-4.0.1/src/ausearch-string.c
+--- audit-4.0.1.orig/src/ausearch-string.c
++++ audit-4.0.1/src/ausearch-string.c
+@@ -44,11 +44,13 @@ snode *slist_next(slist *l)
+ 	return l->cur;
+ }
+ 
+-void slist_append(slist *l, const snode *node)
++int slist_append(slist *l, const snode *node)
+ {
+ 	snode* newnode;
+ 
+ 	newnode = malloc(sizeof(snode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	if (node->str)
+ 		newnode->str = node->str;
+@@ -75,6 +77,8 @@ void slist_append(slist *l, const snode
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ void slist_clear(slist* l)
+diff -ur audit-4.0.1.orig/src/ausearch-string.h audit-4.0.1/src/ausearch-string.h
+--- audit-4.0.1.orig/src/ausearch-string.h
++++ audit-4.0.1/src/ausearch-string.h
+@@ -49,7 +49,7 @@ void slist_create(slist *l);
+ static inline void slist_first(slist *l) { l->cur = l->head; }
+ snode *slist_next(slist *l);
+ static inline snode *slist_get_cur(const slist *l) { return l->cur; }
+-void slist_append(slist *l, const snode *node);
++int slist_append(slist *l, const snode *node);
+ void slist_clear(slist* l);
+ 
+ /* append a string if its not already on the list */
+diff -ur audit-4.0.1.orig/tools/aulastlog/aulastlog-llist.c audit-4.0.1/tools/aulastlog/aulastlog-llist.c
+--- audit-4.0.1.orig/tools/aulastlog/aulastlog-llist.c
++++ audit-4.0.1/tools/aulastlog/aulastlog-llist.c
+@@ -1,7 +1,7 @@
+ /*
+ * aulastlog-llist.c - Minimal linked list library
+-* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina.
+-* All Rights Reserved. 
++* Copyright (c) 2008 Red Hat Inc..
++* All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+ * terms of the GNU General Public License as published by the Free
+@@ -15,7 +15,7 @@
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; see the file COPYING. If not, write to the
+-* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor 
++* Free Software Foundation, Inc., 51 Franklin Street, Fifth Floor
+ * Boston, MA 02110-1335, USA.
+ *
+ * Authors:
+@@ -41,11 +41,13 @@ lnode *list_next(llist *l)
+ 	return l->cur;
+ }
+ 
+-void list_append(llist *l, lnode *node)
++int list_append(llist *l, lnode *node)
+ {
+ 	lnode* newnode;
+ 
+ 	newnode = malloc(sizeof(lnode));
++	if (newnode == NULL)
++		return 1;
+ 
+ 	newnode->sec = node->sec;
+ 	newnode->uid = node->uid;
+@@ -58,7 +60,7 @@ void list_append(llist *l, lnode *node)
+ 		newnode->term = strdup(node->term);
+ 	else
+ 		newnode->term = NULL;
+-	newnode->item = l->cnt; 
++	newnode->item = l->cnt;
+ 	newnode->next = NULL;
+ 
+ 	// if we are at top, fix this up
+@@ -70,6 +72,8 @@ void list_append(llist *l, lnode *node)
+ 	// make newnode current
+ 	l->cur = newnode;
+ 	l->cnt++;
++
++	return 0;
+ }
+ 
+ void list_clear(llist* l)
+diff -ur audit-4.0.1.orig/tools/aulastlog/aulastlog-llist.h audit-4.0.1/tools/aulastlog/aulastlog-llist.h
+--- audit-4.0.1.orig/tools/aulastlog/aulastlog-llist.h
++++ audit-4.0.1/tools/aulastlog/aulastlog-llist.h
+@@ -1,6 +1,6 @@
+ /*
+ * aulastlog-llist.h - Header file for aulastlog-llist.c
+-* Copyright (c) 2008 Red Hat Inc., Durham, North Carolina.
++* Copyright (c) 2008 Red Hat Inc.
+ * All Rights Reserved.
+ *
+ * This software may be freely redistributed and/or modified under the
+@@ -53,7 +53,7 @@ static inline void list_first(llist *l)
+ lnode *list_next(llist *l);
+ static inline lnode *list_get_cur(llist *l) { return l->cur; }
+ static inline unsigned int list_get_cnt(llist *l) { return l->cnt; }
+-void list_append(llist *l, lnode *node);
++int list_append(llist *l, lnode *node);
+ void list_clear(llist* l);
+ int list_update_login(llist* l, time_t t);
+ int list_update_host(llist* l, const char *h);
diff --git a/sys-process/audit/files/audit-4.0.1-null-deref.patch b/sys-process/audit/files/audit-4.0.1-null-deref.patch
new file mode 100644
index 000000000000..c18322ad2797
--- /dev/null
+++ b/sys-process/audit/files/audit-4.0.1-null-deref.patch
@@ -0,0 +1,35 @@
+From 4780cd1a790286213dda646f782fa7128fb092a9 Mon Sep 17 00:00:00 2001
+From: Yugend <77495782+Yugend@users.noreply.github.com>
+Date: Sat, 4 May 2024 00:39:36 +0300
+Subject: [PATCH] avoiding of NULL pointers dereference (#366)
+
+---
+ src/ausearch-parse.c | 8 ++++++++
+ 1 file changed, 8 insertions(+)
+
+diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c
+index 1a5b047f3..be57606bd 100644
+--- a/src/ausearch-parse.c
++++ b/src/ausearch-parse.c
+@@ -719,6 +719,10 @@ static int common_path_parser(search_items *s, char *path)
+ 			// append
+ 			snode sn;
+ 			sn.str = strdup(path);
++			if (sn.str == NULL) {
++				fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__);
++				return 8;
++			}
+ 			sn.key = NULL;
+ 			sn.hits = 1;
+ 			// Attempt to rebuild path if relative
+@@ -1217,6 +1221,10 @@ static int parse_user(const lnode *n, search_items *s, anode *avc)
+ 			saved = *term;
+ 			*term = 0;
+ 			s->hostname = strdup(str);
++			if (s->hostname == NULL) {
++				fprintf(stderr, "Out of memory. Check %s file, %d line\n", __FILE__, __LINE__);
++				return 33;
++			}
+ 			*term = saved;
+ 
+ 			// Lets see if there is something more
author	V3n3RiX <venerix@koprulu.sector>	2024-08-07 12:37:21 +0100
committer	V3n3RiX <venerix@koprulu.sector>	2024-08-07 12:37:21 +0100
commit	b8c7370a682e4e29cda623222d17a790c01c3642 (patch)
tree	f6caa14689bd00a5760eadaa381ff41e50ef3c1b /sys-process/audit
parent	8a4997a7e2d1e36c089d4d76935b5a902d98d3d0 (diff)