packages/aide
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!67 Fix concurrent reading of extended attributes

Browse Source 
From: @yixiangzhike 
Reviewed-by: @dillon_chen 
Signed-off-by: @dillon_chen
This commit is contained in:
openeuler-ci-bot 2025-03-25 09:34:40 +00:00 committed by Gitee
commit c82962b64d
No known key found for this signature in database
GPG Key ID: 173E9B9CA92EEF8F
2 changed files with 65 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

9
aide.spec
View File

@ -2,7 +2,7 @@
Name: aide Name: aide
Version: 0.18.6 Version: 0.18.6
Release: 3 Release: 4
Summary: Advanced Intrusion Detection Environment Summary: Advanced Intrusion Detection Environment
License: GPLv2+ License: GPLv2+
URL: https://sourceforge.net/projects/aide URL: https://sourceforge.net/projects/aide
@ -23,6 +23,7 @@ Requires: libgcrypt-sm3
Patch0: Add-sm3-algorithm-for-aide.patch Patch0: Add-sm3-algorithm-for-aide.patch
Patch1: backport-Fix-condition-for-error-message-of-failing-to-open-g.patch Patch1: backport-Fix-condition-for-error-message-of-failing-to-open-g.patch
Patch2: backport-Fix-parsing-of-lowercase-group-names.patch Patch2: backport-Fix-parsing-of-lowercase-group-names.patch
Patch3: backport-Fix-concurrent-reading-of-extended-attributes-xattrs.patch
%description %description
AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker. AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker.
@ -75,6 +76,12 @@ make check
%{_mandir}/*/* %{_mandir}/*/*
%changelog %changelog
* Tue Mar 25 2025 yixiangzhike <yixiangzhike007@163.com> - 0.18.6-4
- Type: bugfix
- ID: NA
- SUG: NA
- DESC: backport upstream patch to fix concurrent reading of extended attributes
* Wed Sep 4 2024 yixiangzhike <yixiangzhike007@163.com> - 0.18.6-3 * Wed Sep 4 2024 yixiangzhike <yixiangzhike007@163.com> - 0.18.6-3
- Type: bugfix - Type: bugfix
- ID: NA - ID: NA

57
backport-Fix-concurrent-reading-of-extended-attributes-xattrs.patch Normal file
View File

@ -0,0 +1,57 @@
From 93831c717eaaa19d58da12ebeb28607cc6d43116 Mon Sep 17 00:00:00 2001
From: Hannes von Haugwitz <hannes@vonhaugwitz.com>
Date: Wed, 8 May 2024 23:20:41 +0200
Subject: [PATCH] Fix concurrent reading of extended attributes (xattrs)
---
src/do_md.c | 14 ++++++--------
1 file changed, 6 insertions(+), 8 deletions(-)
diff --git a/src/do_md.c b/src/do_md.c
index 20e62f9..4ff2a86 100644
--- a/src/do_md.c
+++ b/src/do_md.c
@@ -482,14 +482,13 @@ static void xattr_add(xattrs_type *xattrs, const char *key, const char
void xattrs2line(db_line *line) {
/* get all generic user xattrs. */
xattrs_type *xattrs = NULL;
- static ssize_t xsz = 1024;
- static char *xatrs = NULL;
ssize_t xret = -1;
if (!(ATTR(attr_xattrs)&line->attr))
return;
- if (!xatrs) xatrs = checked_malloc(xsz);
+ ssize_t xsz = 1024;
+ char *xatrs = xatrs = checked_malloc(xsz);
while (((xret = llistxattr(line->fullpath, xatrs, xsz)) == -1) && (errno == ERANGE)) {
xsz <<= 1;
@@ -502,10 +501,8 @@ void xattrs2line(db_line *line) {
log_msg(LOG_LEVEL_WARNING, "listxattrs failed for %s:%s", line->fullpath, strerror(errno));
} else if (xret) {
const char *attr = xatrs;
- static ssize_t asz = 1024;
- static char *val = NULL;
-
- if (!val) val = checked_malloc(asz);
+ ssize_t asz = 1024;
+ char *val = checked_malloc(asz);
xattrs = xattr_new();
@@ -533,8 +530,9 @@ next_attr:
attr += len + 1;
xret -= len + 1;
}
+ free(val);
}
-
+ free(xatrs);
line->xattrs = xattrs;
}
#endif
--
2.33.0