d/freebsd-skq
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity
6f9bba703e
freebsd-skq/contrib/openbsm/bin
History
cem 539f255f0a auditd(8): fix long-standing uninitialized memory use bug 
The bogus use could lead to an infinite loop depending on how fast the
audit_warn script to execute.

By fixing read(2) interruptibility, d060887 (r335899) revealed another bug
in auditd_wait_for_events.  When read is interrupted by SIGCHLD,
auditd_reap_children will always return with errno set to ECHILD.  But
auditd_wait_for_events checks errno after that point, expecting it to be
unchanged since read.  As a result, it calls auditd_handle_trigger with bogus
stack garbage.  The result is the error message "Got unknown trigger 48."  Fix
by simply ignoring errno at that point; there's only one value it could've
possibly had, thanks to the check up above.

The best part is we've had a fix for this for like 18 months and just never
merged it.  Merge it now.

PR:		234209
Reported by:	Marie Helene Kvello-Aune <freebsd AT mhka.no> (2018-12)
Submitted by:	asomers (2018-07)
Reviewed by:	me (in OpenBSM)
Obtained from:	OpenBSM
X-MFC-With:	r335899
Security:	¯\_(ツ)_/¯
Differential Revision:	https://github.com/openbsm/openbsm/pull/45
2019-11-28 00:46:03 +00:00
..
audit Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT: 2017-03-26 21:14:49 +00:00
auditd auditd(8): fix long-standing uninitialized memory use bug 2019-11-28 00:46:03 +00:00
auditdistd Consider the following situation: 2018-12-07 03:13:36 +00:00
auditfilterd Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT: 2017-03-26 21:14:49 +00:00
auditreduce Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT: 2017-03-26 21:14:49 +00:00
praudit praudit(1): return 0 on success 2018-06-17 17:10:35 +00:00
Makefile.am
Makefile.in Merge OpenBSM 1.2-alpha5 from vendor branch to FreeBSD -CURRENT: 2017-03-26 21:14:49 +00:00