Accepting request 964336 from home:dirkmueller:Factory

- add audit-userspace-517-compat.patch OBS-URL: https://build.opensuse.org/request/show/964336 OBS-URL: https://build.opensuse.org/package/show/security/audit?expand=0&rev=135
2022-03-25 14:41:23 +00:00 · 2022-03-25 14:41:23 +00:00 · 8c6f875550
commit 8c6f875550
parent c309536630
4 changed files with 46 additions and 2 deletions
--- a/audit-secondary.changes
+++ b/audit-secondary.changes
@ -1,3 +1,8 @@
 -------------------------------------------------------------------
 Wed Mar 23 16:37:06 UTC 2022 - Dirk Müller <dmueller@suse.com>
 - add audit-userspace-517-compat.patch 
 -------------------------------------------------------------------
 Mon Nov 29 13:13:56 UTC 2021 - Fabian Vogt <fvogt@suse.com>
--- a/audit-secondary.spec
+++ b/audit-secondary.spec
@ -1,7 +1,7 @@
 #
 # spec file for package audit-secondary
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -41,6 +41,7 @@ Patch8:         change-default-log_format.patch
 Patch9:         fix-hardened-service.patch
 Patch10:        enable-stop-rules.patch
 Patch11:        create-augenrules-service.patch
 Patch12:        audit-userspace-517-compat.patch
 BuildRequires:  audit-devel = %{version}
 BuildRequires:  autoconf >= 2.12
 BuildRequires:  gcc-c++
--- a/audit-userspace-517-compat.patch
+++ b/audit-userspace-517-compat.patch
@ -0,0 +1,38 @@
 From: Sergei Trofimovich <slyich@gmail.com>
 Date: Wed, 23 Mar 2022 07:27:05 +0000
 Subject: [PATCH] auditswig.i: avoid setter generation for audit_rule_data::buf
 References: https://github.com/linux-audit/audit-userspace/issues/252
 Git-commit: https://github.com/linux-audit/audit-userspace/pull/253/commits/beed138222421a2eb4212d83cb889404bd7efc49
 Git-repo: [if different from https://github.com/linux-audit/audit-userspace.git]
 Patch-mainline: submitted for review upstream
 As it's a flexible array generated code was never safe to use.
 With kernel's https://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git/commit/?id=ed98ea2128b6fd83bce13716edf8f5fe6c47f574
 change it's a build failure now:
    audit> audit_wrap.c:5010:15: error: invalid use of flexible array member
    audit>  5010 |     arg1->buf = (char [])(char *)memcpy(malloc((size)*sizeof(char)), (const char *)(arg2), sizeof(char)*(size));
    audit>       |               ^
 Let's avoid setter generation entirely.
 Closes: https://github.com/linux-audit/audit-userspace/issues/252
 ---
 bindings/swig/src/auditswig.i | 4 ++++
 1 file changed, 4 insertions(+)
 diff --git a/bindings/swig/src/auditswig.i b/bindings/swig/src/auditswig.i
 index 21aafca31..9a2c5661d 100644
 --- a/bindings/swig/src/auditswig.i
 +++ b/bindings/swig/src/auditswig.i
@@ -39,6 +39,10 @@ signed
 #define __attribute(X) /*nothing*/
 typedef unsigned __u32;
 typedef unsigned uid_t;
 +/* Sidestep SWIG's limitation of handling c99 Flexible arrays by not:
 + * generating setters against them: https://github.com/swig/swig/issues/1699
 + */
 +%ignore audit_rule_data::buf;
 %include "/usr/include/linux/audit.h"
 #define __extension__ /*nothing*/
 %include <stdint.i>
--- a/audit.spec
+++ b/audit.spec
@ -1,7 +1,7 @@
 #
 # spec file for package audit
 #
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed