audit/More-fuzzer-induced-bug-fixes.patch

From c218a04655b2426b46d303d711863f9038f15917 Mon Sep 17 00:00:00 2001
From: Steve Grubb <sgrubb@redhat.com>
Date: Sat, 15 Dec 2018 14:58:31 -0500
Subject: [PATCH 210/217] More fuzzer induced bug fixes

---
 auparse/normalize.c  | 10 +++++-----
 src/ausearch-parse.c |  4 +++-
 2 files changed, 8 insertions(+), 6 deletions(-)

diff --git a/auparse/normalize.c b/auparse/normalize.c
index 45d8821..5f15712 100644
--- a/auparse/normalize.c
+++ b/auparse/normalize.c
@@ -44,11 +44,11 @@
  * Both record and field are 0 based. Simple records are always 0. Compound
  * records start at 0 and go up.
  */
-#define UNSET 0xFFFF
-#define get_record(y) ((y >> 16) & 0x0000FFFF)
-#define set_record(y, x) (((x & 0x0000FFFF) << 16) | (y & 0x0000FFFF))
-#define get_field(y) (y & 0x0000FFFF)
-#define set_field(y, x) ((y & 0xFFFF0000) | (x & 0x0000FFFF))
+#define UNSET 0xFFFFU
+#define get_record(y) ((y >> 16) & 0x0000FFFFU)
+#define set_record(y, x) (((x & 0x0000FFFFU) << 16) | (y & 0x0000FFFFU))
+#define get_field(y) (y & 0x0000FFFFU)
+#define set_field(y, x) ((y & 0xFFFF0000U) | (x & 0x0000FFFFU))
 #define is_unset(y) (get_record(y) == UNSET)
 #define D au->norm_data
 
diff --git a/src/ausearch-parse.c b/src/ausearch-parse.c
index 311f699..cc2a06c 100644
--- a/src/ausearch-parse.c
+++ b/src/ausearch-parse.c
@@ -40,7 +40,7 @@
 #include "ausearch-parse.h"
 #include "auparse-idata.h"
 
-#define NAME_OFFSET 36
+#define NAME_OFFSET 28
 static const char key_sep[2] = { AUDIT_KEY_SEPARATOR, 0 };
 
 static int parse_task_info(lnode *n, search_items *s);
@@ -714,6 +714,8 @@ static int common_path_parser(search_items *s, char *path)
 				sn.str = unescape(path);
 				*term = ' ';
 			}
+			if (sn.str == NULL)
+				return 7;
 			// Attempt to rebuild path if relative
 			if ((sn.str[0] == '.') && ((sn.str[1] == '.') ||
 				(sn.str[1] == '/')) && s->cwd) {
-- 
1.8.3.1