From mboxrd@z Thu Jan  1 00:00:00 1970
From: Burn Alting <burn@swtf.dyndns.org>
Subject: Re: audit 2.4.5 released
Date: Fri, 01 Jan 2016 16:41:01 +1100
Message-ID: <1451626861.3232.149.camel@swtf.swtf.dyndns.org>
References: <1929164.Q9DeV9IFDj@x2>
Reply-To: burn@swtf.dyndns.org
Mime-Version: 1.0
Content-Type: multipart/mixed; boundary="=-vYObYYuPh8Je2MKro8UX"
Return-path: <linux-audit-bounces@redhat.com>
In-Reply-To: <1929164.Q9DeV9IFDj@x2>
List-Unsubscribe: <https://www.redhat.com/mailman/options/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=unsubscribe>
List-Archive: <https://www.redhat.com/archives/linux-audit>
List-Post: <mailto:linux-audit@redhat.com>
List-Help: <mailto:linux-audit-request@redhat.com?subject=help>
List-Subscribe: <https://www.redhat.com/mailman/listinfo/linux-audit>,
	<mailto:linux-audit-request@redhat.com?subject=subscribe>
Sender: linux-audit-bounces@redhat.com
Errors-To: linux-audit-bounces@redhat.com
To: Steve Grubb <sgrubb@redhat.com>
Cc: linux-audit@redhat.com
List-Id: linux-audit@redhat.com


--=-vYObYYuPh8Je2MKro8UX
Content-Type: text/plain; charset="UTF-8"
Content-Transfer-Encoding: 7bit

On Fri, 2015-12-18 at 14:49 -0500, Steve Grubb wrote:
> Hello,
> 
> I've just released a new version of the audit daemon. It can be downloaded 
> from http://people.redhat.com/sgrubb/audit. It will also be in rawhide
> soon. The ChangeLog is:
> 
> - Fix auditd disk flushing for data and sync modes
> - Fix auditctl to not show options not supported on older OS
> - Add audit.m4 file to aid adding support to other projects
> - Fix C99 inline function build issue
> - Add account lock and unlock event types
> - Change logging loophole check to geteuid()
> - Fix ausearch to not consider AUDIT_PROCTITLE events malformed (Burn Alting)
> - Fix ausearch to parse FEATURE_CHANGE events
> 
> Please let me know if you run across any problems with this release.

Minor bug fix ... the various auparse/interpret.c:*_escape() routines
did not terminate the strings they generated.

Regards
Burn

--=-vYObYYuPh8Je2MKro8UX
Content-Disposition: attachment; filename="audit-2.4.5_escape_bug.patch"
Content-Type: text/x-patch; name="audit-2.4.5_escape_bug.patch";
	charset="UTF-8"
Content-Transfer-Encoding: 7bit

diff -Npru audit-2.4.5/auparse/interpret.c audit-2.4.5_escape_bug/auparse/interpret.c
--- audit-2.4.5/auparse/interpret.c	2015-12-19 06:20:59.000000000 +1100
+++ audit-2.4.5_escape_bug/auparse/interpret.c	2016-01-01 16:33:26.567241361 +1100
@@ -163,6 +163,7 @@ static void tty_escape(const char *s, ch
 			dest[j++] = s[i];
 		i++;
 	}
+	dest[j] = '\0';	/* terminate string */
 }
 
 static const char sh_set[] = "\"'`$\\";
@@ -195,6 +196,7 @@ static void shell_escape(const char *s,
 			dest[j++] = s[i];
 		i++;
 	}
+	dest[j] = '\0';	/* terminate string */
 }
 
 static const char quote_set[] = ";'\"`#$&*?[]<>{}\\";
@@ -227,6 +229,7 @@ static void shell_quote_escape(const cha
 			dest[j++] = s[i];
 		i++;
 	}
+	dest[j] = '\0';	/* terminate string */
 }
 
 /* This should return the count of what needs escaping */

--=-vYObYYuPh8Je2MKro8UX
Content-Type: text/plain; charset="us-ascii"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
Content-Disposition: inline


--=-vYObYYuPh8Je2MKro8UX--