From b7d62ec0fff232f1c4492d3963382f5e8acce02e Mon Sep 17 00:00:00 2001 From: Michael Schwendt Date: Oct 23 2006 21:52:39 +0000 Subject: - Add "memory leaks and performance updates" patch as posted to aide-devel by Steve Grubb. --- diff --git a/aide-0.12-rh-bugfixes.patch b/aide-0.12-rh-bugfixes.patch new file mode 100644 index 0000000..6ce4bc0 --- /dev/null +++ b/aide-0.12-rh-bugfixes.patch @@ -0,0 +1,160 @@ +Hi, + +This patch removes a couple unnecessary memsets, fixes some memory leaks +associated with strlastslash usage, fixes some memory leaks in populate_tree, +and moves a couple assignments closer to where they are used in case they are +not needed. + +-Steve + + +diff -ur aide-0.12_rc1.orig/src/base64.c aide-0.12_rc1/src/base64.c +--- aide-0.12_rc1.orig/src/base64.c 2006-10-16 13:31:43.000000000 -0400 ++++ aide-0.12_rc1/src/base64.c 2006-10-16 13:43:08.000000000 -0400 +@@ -103,8 +103,6 @@ + } + outbuf = (char *)malloc(sizeof(char)*B64_BUF); + +- memset((void*)outbuf,0,B64_BUF); +- + /* Initialize working pointers */ + inb = src; + i = 0; +@@ -191,11 +189,9 @@ + return NULL; + + +- + /* Initialize working pointers */ + inb = src; + outbuf = (byte *)malloc(sizeof(byte)*B64_BUF); +- memset(outbuf,0,sizeof(byte)*B64_BUF); + + l = 0; + triple = 0; +diff -ur aide-0.12_rc1.orig/src/commandconf.c aide-0.12_rc1/src/commandconf.c +--- aide-0.12_rc1.orig/src/commandconf.c 2006-10-16 13:31:43.000000000 -0400 ++++ aide-0.12_rc1/src/commandconf.c 2006-10-16 13:43:08.000000000 -0400 +@@ -240,11 +240,11 @@ + { + int retval=0; + int c=0; +- char* tmp=NULL; + int err=0; +- int* domd=0; ++ int* domd=NULL; + url_t* db_url=NULL; + #ifdef WITH_MHASH ++ char* tmp=NULL; + MHASH* md=NULL; + void* key=NULL; + int keylen; +@@ -401,7 +401,7 @@ + + int check_db_order(DB_FIELD* d,int size, DB_FIELD a) + { +- int i=0; ++ int i; + for(i=0;iconf_lineno = r->conf_lineno; +- node->rx=(char*)malloc(strlen(r->rx)+1); +- strcpy(node->rx,r->rx); ++ node->rx=strdup(r->rx); + } else { + node->conf_lineno = -1; + node->rx=NULL; +@@ -265,13 +264,17 @@ + if(isrx){ + parent=get_seltree_node(tree,tmprxtok); + }else { +- parent=get_seltree_node(tree,strlastslash(path)); ++ char* dirn=strlastslash(path); ++ parent=get_seltree_node(tree,dirn); ++ free(dirn); + } + if(parent==NULL){ + if(isrx){ + parent=new_seltree_node(tree,tmprxtok,isrx,r); + }else { +- parent=new_seltree_node(tree,strlastslash(path),isrx,r); ++ char* dirn=strlastslash(path); ++ parent=new_seltree_node(tree,dirn,isrx,r); ++ free(dirn); + } + } + free(tmprxtok); +@@ -306,8 +309,7 @@ + error(240,"Handling %s with %c \"%s\" with node \"%s\"\n",rxtok,type,curr_rule->rx,curnode->path); + + +- /* We have to add '^' to the first charaster of string... +- * ++ /* We have to add '^' to the first character of string... + */ + + data=(char*)malloc(strlen(curr_rule->rx)+1+1); +@@ -1518,9 +1520,14 @@ + if((add=check_rxtree(old->filename,tree,&attr))>0){ + add_file_to_tree(tree,old,DB_OLD,0,attr); + i++; +- }else if(!initdbwarningprinted){ +- error(3,_("WARNING: Old db contains a file that shouldn\'t be there, run --init or --update\n")); +- initdbwarningprinted=1; ++ }else{ ++ free_db_line(old); ++ free(old); ++ old=NULL; ++ if(!initdbwarningprinted){ ++ error(3,_("WARNING: Old db contains a file that shouldn\'t be there, run --init or --update\n")); ++ initdbwarningprinted=1; ++ } + } + if(i<100){ + old=db_readline(DB_OLD); +@@ -1543,6 +1550,10 @@ + if((add=check_rxtree(new->filename,tree,&attr))>0){ + add_file_to_tree(tree,new,DB_NEW,0,attr); + i++; ++ } else { ++ free_db_line(new); ++ free(new); ++ new=NULL; + } + if(i<100){ + new=db_readline(DB_NEW); +@@ -1568,6 +1579,8 @@ + } + if((conf->action&DO_INIT)&&!(conf->action&DO_COMPARE)){ + free_db_line(new); ++ free(new); ++ new=NULL; + } + if(i<100){ + new=db_readline(DB_DISK); +diff -ur aide-0.12_rc1.orig/src/symboltable.c aide-0.12_rc1/src/symboltable.c +--- aide-0.12_rc1.orig/src/symboltable.c 2006-10-16 13:31:43.000000000 -0400 ++++ aide-0.12_rc1/src/symboltable.c 2006-10-16 13:43:08.000000000 -0400 +@@ -34,13 +34,13 @@ + return NULL; + } + +- l=item->prev; + p=item; + while(p!=NULL){ + if (strcmp(s,((symba*)p->data)->name)==0) return p; + p=p->next; + } + ++ l=item->prev; + while(l!=NULL){ + /* Insert bug to here return l-> return p */ + if (strcmp(s,((symba*)l->data)->name)==0) return l; + diff --git a/aide.spec b/aide.spec index 46a5a53..b4cda4b 100644 --- a/aide.spec +++ b/aide.spec @@ -7,7 +7,7 @@ Summary: Intrusion detection environment Name: aide Version: 0.12 -Release: 1%{?dist} +Release: 2%{?dist} URL: http://sourceforge.net/projects/aide License: GPL Group: Applications/System @@ -15,6 +15,7 @@ Source0: http://download.sourceforge.net/aide/aide-%{version}.tar.gz Source1: aide.conf Source2: README.quickstart Patch0: aide-0.12-getopt.patch +Patch1: aide-0.12-rh-bugfixes.patch Buildroot: %{_tmppath}/%{name}-%{version}-%{release}-buildroot-%(%{__id_u} -n) Buildrequires: mhash-devel zlib-devel Buildrequires: flex bison @@ -32,6 +33,7 @@ checker and intrusion detection program. %prep %setup -q %patch0 -p1 -b .getopt +%patch1 -p1 -b .rh-bugfixes %build @@ -75,6 +77,10 @@ rm -rf $RPM_BUILD_ROOT %changelog +* Mon Oct 23 2006 Michael Schwendt - 0.12-2 +- Add "memory leaks and performance updates" patch as posted + to aide-devel by Steve Grubb. + * Sat Oct 07 2006 Michael Schwendt - 0.12-1 - Update to 0.12 release. - now offers --disable-static, so -no-static patch is obsolete