From e6a8e8a1bf3248aaf8824b689fd82612bd4a4a62 Mon Sep 17 00:00:00 2001
From: zgzxx <zhangguangzhi3@huawei.com>
Date: Tue, 21 Feb 2023 09:17:17 +0800
Subject: [PATCH] backport some patches

---
 audit.spec                                    |  9 ++-
 backport-Cleanup-gssapi-code.patch            | 67 +++++++++++++++++++
 ...sprintf-can-return-a-negative-number.patch | 26 +++++++
 3 files changed, 101 insertions(+), 1 deletion(-)
 create mode 100644 backport-Cleanup-gssapi-code.patch
 create mode 100644 backport-asprintf-can-return-a-negative-number.patch

diff --git a/audit.spec b/audit.spec
index 438b245..9018baa 100644
--- a/audit.spec
+++ b/audit.spec
@@ -4,7 +4,7 @@ Summary:            User space tools for kernel auditing
 Name:               audit
 Epoch:              1
 Version:            3.0
-Release:            6
+Release:            7
 License:            GPLv2+ and LGPLv2+
 URL:                https://people.redhat.com/sgrubb/audit/
 Source0:            https://people.redhat.com/sgrubb/audit/%{name}-%{version}.tar.gz
@@ -41,6 +41,8 @@ Patch27:            backport-audisp-remote-cleanup-krb5-memory-leaks-on-error-pa
 Patch28:            backport-Final-kerberos-leak-fixups.patch
 Patch29:            backport-time_t-is-not-an-int-anymore.patch
 Patch30:            backport-krb5_cc_store_cred-takes-custody-of-my_creds-so-we-do-not-need-to-keep-it-around.patch
+Patch31:            backport-asprintf-can-return-a-negative-number.patch
+Patch32:            backport-Cleanup-gssapi-code.patch
 
 BuildRequires:      gcc swig libtool systemd kernel-headers >= 2.6.29
 BuildRequires:      openldap-devel krb5-devel libcap-ng-devel
@@ -395,6 +397,11 @@ fi
 %attr(644,root,root) %{_mandir}/man8/*.8.gz
 
 %changelog
+* Tue Feb 14 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 1:3.0-7
+- backport some patches
+  asprintf can return a negative number patch
+  Cleanup gssapi code
+
 * Tue Feb 14 2023 zhangguangzhi <zhangguangzhi3@huawei.com> - 1:3.0-6
 - backport some patches
   In auditd release the async flush lock on stop
diff --git a/backport-Cleanup-gssapi-code.patch b/backport-Cleanup-gssapi-code.patch
new file mode 100644
index 0000000..1c73f15
--- /dev/null
+++ b/backport-Cleanup-gssapi-code.patch
@@ -0,0 +1,67 @@
+From ff0b0a11497fe9360e3aaa448c8744955f8c0fc9 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Fri, 15 Jul 2022 16:09:10 -0400
+Subject: Cleanup gssapi code
+
+---
+ src/auditd-listen.c | 28 ++++++++++++++++++----------
+ 1 file changed, 18 insertions(+), 10 deletions(-)
+
+diff --git a/src/auditd-listen.c b/src/auditd-listen.c
+index 34a142a..61a3480 100644
+--- a/src/auditd-listen.c
++++ b/src/auditd-listen.c
+@@ -414,10 +414,9 @@ static int negotiate_credentials(ev_tcp *io)
+ 					GSS_C_NO_CHANNEL_BINDINGS, &client,
+ 					NULL, &send_tok, &sess_flags,
+ 					NULL, NULL);
+-		if (recv_tok.value) {
+-			free(recv_tok.value);
+-			recv_tok.value = NULL;
+-		}
++		if (recv_tok.value)
++			gss_release_buffer(&min_stat, &recv_tok);
++
+ 		if (maj_stat != GSS_S_COMPLETE
+ 		    && maj_stat != GSS_S_CONTINUE_NEEDED) {
+ 			gss_release_buffer(&min_stat, &send_tok);
+@@ -441,6 +440,7 @@ static int negotiate_credentials(ev_tcp *io)
+ 				if (*context != GSS_C_NO_CONTEXT)
+ 					gss_delete_sec_context(&min_stat,
+ 						context, GSS_C_NO_BUFFER);
++				gss_release_name(&min_stat, &client);
+ 				return -1;
+ 			}
+ 			gss_release_buffer(&min_stat, &send_tok);
+@@ -455,14 +455,22 @@ static int negotiate_credentials(ev_tcp *io)
+ 		return -1;
+ 	}
+ 
+-	audit_msg(LOG_INFO, "GSS-API Accepted connection from: %s",
+-		  (char *)recv_tok.value);
+-	io->remote_name = strdup(recv_tok.value);
+-	io->remote_name_len = strlen(recv_tok.value);
++	if (asprintf(&io->remote_name, "%.*s", (int)recv_tok.length,
++		    (char *)recv_tok.value) < 0) {
++		io->remote_name = strdup("?");
++		io->remote_name_len = 1;
++	} else
++		io->remote_name_len = recv_tok.length;
++
++	audit_msg(LOG_INFO, "GSS-API Accepted connection from: %s", 
++		  io->remote_name);
+ 	gss_release_buffer(&min_stat, &recv_tok);
+ 
+-	slashptr = strchr(io->remote_name, '/');
+-	atptr = strchr(io->remote_name, '@');
++	if (io->remote_name) {
++		slashptr = strchr(io->remote_name, '/');
++		atptr = strchr(io->remote_name, '@');
++	} else
++		slashptr = NULL;
+ 
+ 	if (!slashptr || !atptr) {
+ 		audit_msg(LOG_ERR, "Invalid GSS name from remote client: %s",
+-- 
+2.27.0
+
diff --git a/backport-asprintf-can-return-a-negative-number.patch b/backport-asprintf-can-return-a-negative-number.patch
new file mode 100644
index 0000000..3af7aa9
--- /dev/null
+++ b/backport-asprintf-can-return-a-negative-number.patch
@@ -0,0 +1,26 @@
+From a75e42921997cab4cb9b2a01107441695239f764 Mon Sep 17 00:00:00 2001
+From: Steve Grubb <sgrubb@redhat.com>
+Date: Mon, 11 Jul 2022 17:53:26 -0400
+Subject: asprintf can return a negative number
+
+Conflict:context adaptation
+---
+ audisp/audispd.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/audisp/audispd.c b/audisp/audispd.c
+index f20b38d..77cb7b2 100644
+--- a/audisp/audispd.c
++++ b/audisp/audispd.c
+@@ -476,7 +476,7 @@ static int event_loop(void)
+ 		event_t *e;
+ 		const char *type;
+ 		char *v, *ptr, unknown[32];
+-		unsigned int len;
++		int len;
+ 		lnode *conf;
+ 
+ 		/* This is where we block until we have an event */
+-- 
+2.27.0
+