backport upstream patches to strengthen memory allocations

Signed-off-by: yixiangzhike <yixiangzhike007@163.com>

aide.spec

@@ -1,6 +1,6 @@
 Name:       aide
 Version:    0.16.2
-Release:    4
+Release:    5
 Summary:    Advanced Intrusion Detection Environment
 License:    GPLv2+
 URL:        http://sourceforge.net/projects/aide
@@ -16,6 +16,8 @@ Patch1:     add-sm3-crypt-support.patch
 Patch2:     backport-CVE-2021-45417-Precalculate-buffer-size-in-base64-functions.patch
 Patch3:     aide-fix-display-issue.patch
 Patch4:     aide-fix-reporting-to-http-https-ftp.patch
+Patch5:     backport-Refactor-logging-and-config-parsing-code-check-memory-allocations.patch
+Patch6:     backport-Check-return-value-after-dynamic-memory-allocations.patch
 
 %description
 AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker.
@@ -63,6 +65,12 @@ mkdir -p -m0700 %{buildroot}%{_localstatedir}/lib/aide
 %{_mandir}/*/*
 
 %changelog
+* Thu Sep 29 2022 yixiangzhike <yixiangzhike007@163.com> - 0.16.2-5
+- Type:bugfix
+- ID:NA
+- SUG:NA
+- DESC: backport upstream patches to strengthen malloc,calloc,realloc,strdup
+
 * Mon Jun 27 2022 yixiangzhike <yixiangzhike007@163.com> - 0.16.2-4
 - Type:bugfix
 - ID:NA

backport-Check-return-value-after-dynamic-memory-allocations.patch

@@ -0,0 +1,160 @@
+From 714a8c87f5e061b715175dc156cd261e0acc61fc Mon Sep 17 00:00:00 2001
+From: Hannes von Haugwitz <hannes@vonhaugwitz.com>
+Date: Sat, 16 Jan 2021 09:11:56 +0100
+Subject: [PATCH] Check return value after dynamic memory allocations
+
+---
+ include/util.h |  2 ++
+ src/aide.c     |  2 +-
+ src/db.c       |  2 +-
+ src/db_file.c  |  6 +-----
+ src/do_md.c    |  6 +++---
+ src/gen_list.c |  5 +----
+ src/util.c     | 18 ++++++++++++++++++
+ 7 files changed, 27 insertions(+), 14 deletions(-)
+
+diff --git a/include/util.h b/include/util.h
+index 4b41665..0c21162 100644
+--- a/include/util.h
++++ b/include/util.h
+@@ -39,7 +39,9 @@
+ #endif
+ 
+ void* checked_malloc(size_t);
++void* checked_calloc(size_t, size_t);
+ void* checked_strdup(const char *);
++void* checked_realloc(void *, size_t);
+ 
+ int cmpurl(url_t*, url_t*);
+ 
+diff --git a/src/aide.c b/src/aide.c
+index 1f1ff10..3298735 100644
+--- a/src/aide.c
++++ b/src/aide.c
+@@ -278,7 +278,7 @@ static void setdefaults_before_config()
+     error(0,_("Couldn't get hostname"));
+     free(s);
+   } else {
+-    s=(char*)realloc((void*)s,strlen(s)+1);
++    s=(char*)checked_realloc((void*)s,strlen(s)+1);
+     do_define("HOSTNAME",s);
+   }
+   
+diff --git a/src/db.c b/src/db.c
+index 7db2efc..920476c 100644
+--- a/src/db.c
++++ b/src/db.c
+@@ -603,7 +603,7 @@ db_line* db_char2line(char** ss,int db){
+         if (num)
+         {
+           line->xattrs = checked_malloc(sizeof(xattrs_type));
+-          line->xattrs->ents = calloc(sizeof(xattr_node), num);
++          line->xattrs->ents = checked_calloc(sizeof(xattr_node), num);
+           line->xattrs->sz  = num;
+           line->xattrs->num = num;
+           num = 0;
+diff --git a/src/db_file.c b/src/db_file.c
+index 4863458..837c86d 100644
+--- a/src/db_file.c
++++ b/src/db_file.c
+@@ -198,13 +198,9 @@ int db_file_read_spec(int db){
+       /* Yes... we do not check if realloc returns nonnull */
+ 
+       *db_order=(DB_FIELD*)
+-	realloc((void*)*db_order,
++	checked_realloc((void*)*db_order,
+ 		((*db_osize)+1)*sizeof(DB_FIELD));
+       
+-      if(*db_order==NULL){
+-	return RETFAIL;
+-      }
+-      
+       (*db_order)[*db_osize]=db_unknown;
+       
+       for (l=0;l<db_unknown;l++){
+diff --git a/src/do_md.c b/src/do_md.c
+index 44493f3..e45ecb8 100644
+--- a/src/do_md.c
++++ b/src/do_md.c
+@@ -565,7 +565,7 @@ static void xattr_add(xattrs_type *xattrs, const char *key, const char
+         *val, size_t vsz) {
+     if (xattrs->num >= xattrs->sz) {
+         xattrs->sz <<= 1;
+-        xattrs->ents = realloc(xattrs->ents, sizeof(xattr_node) * xattrs->sz);
++        xattrs->ents = checked_realloc(xattrs->ents, sizeof(xattr_node) * xattrs->sz);
+     }
+ 
+     xattrs->ents[xattrs->num].key = checked_strdup(key);
+@@ -590,7 +590,7 @@ void xattrs2line(db_line *line) {
+ 
+     while (((xret = llistxattr(line->fullpath, xatrs, xsz)) == -1) && (errno == ERANGE)) {
+         xsz <<= 1;
+-        xatrs = realloc(xatrs, xsz);
++        xatrs = checked_realloc(xatrs, xsz);
+     }
+ 
+     if ((xret == -1) && ((errno == ENOSYS) || (errno == ENOTSUP))) {
+@@ -618,7 +618,7 @@ void xattrs2line(db_line *line) {
+             while (((aret = getxattr(line->fullpath, attr, val, asz)) ==
+                         -1) && (errno == ERANGE)) {
+                 asz <<= 1;
+-                val = realloc (val, asz);
++                val = checked_realloc (val, asz);
+             }
+ 
+             if (aret != -1)
+diff --git a/src/gen_list.c b/src/gen_list.c
+index c5726fb..8374aed 100644
+--- a/src/gen_list.c
++++ b/src/gen_list.c
+@@ -1272,10 +1272,7 @@ void hsymlnk(db_line* line) {
+     
+     len=readlink(line->fullpath,line->linkname,_POSIX_PATH_MAX+1);
+     
+-    /*
+-     * We use realloc :)
+-     */
+-    line->linkname=realloc(line->linkname,len+1);
++    line->linkname=checked_realloc(line->linkname,len+1);
+   } else {
+       line->attr&=(~DB_LINKNAME);
+   }
+diff --git a/src/util.c b/src/util.c
+index 8bebb0d..14167ee 100644
+--- a/src/util.c
++++ b/src/util.c
+@@ -60,6 +60,15 @@ void* checked_malloc(size_t size) {
+     return p;
+ }
+ 
++void* checked_calloc(size_t nmemb, size_t size) {
++    void * p = calloc(nmemb, size);
++    if (p == NULL) {
++        error(0, "calloc: failed to allocate %d bytes of memory\n", size);
++        exit(EXIT_FAILURE);
++    }
++    return p;
++}
++
+ void* checked_strdup(const char *s) {
+     void * p = strdup(s);
+     if (p == NULL) {
+@@ -69,6 +78,15 @@ void* checked_strdup(const char *s) {
+     return p;
+ }
+ 
++void* checked_realloc(void *ptr, size_t size) {
++    void * p = realloc(ptr,size);
++    if (p == NULL) {
++        error(0, "realloc: failed to allocate memory\n");
++        exit(EXIT_FAILURE);
++    }
++    return p;
++}
++
+ int cmpurl(url_t* u1,url_t* u2)
+ {
+   if(u1->type!= u2->type){
+-- 
+2.27.0
+