Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package aide for openSUSE:Factory checked in
at 2022-03-29 18:16:09
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/aide (Old)
and /work/SRC/openSUSE:Factory/.aide.new.1900 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "aide"
Tue Mar 29 18:16:09 2022 rev:35 rq:965618 version:0.17.4
Changes:
--------
--- /work/SRC/openSUSE:Factory/aide/aide.changes 2021-11-04
16:10:44.289087783 +0100
+++ /work/SRC/openSUSE:Factory/.aide.new.1900/aide.changes 2022-03-29
18:16:14.363182398 +0200
@@ -1,0 +2,6 @@
+Tue Mar 29 09:19:54 UTC 2022 - Paolo Stivanin <i...@paolostivanin.com>
+
+- Update to 0.17.4:
+ * fix CVE-2021-45417: precalculate buffer size in base64 functions
(bsc#1194735)
+
+-------------------------------------------------------------------
Old:
----
aide-0.17.3.tar.gz
aide-0.17.3.tar.gz.asc
New:
----
aide-0.17.4.tar.gz
aide-0.17.4.tar.gz.asc
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ aide.spec ++++++
--- /var/tmp/diff_new_pack.y1a7Rv/_old 2022-03-29 18:16:15.223183272 +0200
+++ /var/tmp/diff_new_pack.y1a7Rv/_new 2022-03-29 18:16:15.231183280 +0200
@@ -1,7 +1,7 @@
#
# spec file for package aide
#
-# Copyright (c) 2021 SUSE LLC
+# Copyright (c) 2022 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@
Name: aide
-Version: 0.17.3
+Version: 0.17.4
Release: 0
Summary: Advanced Intrusion Detection Environment
License: GPL-2.0-or-later
++++++ aide-0.17.3.tar.gz -> aide-0.17.4.tar.gz ++++++
++++ 10566 lines of diff (skipped)
++++ retrying with extended exclude list
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/ChangeLog new/aide-0.17.4/ChangeLog
--- old/aide-0.17.3/ChangeLog 2021-02-10 22:21:41.000000000 +0100
+++ new/aide-0.17.4/ChangeLog 2022-01-19 21:11:36.000000000 +0100
@@ -1,3 +1,8 @@
+2022-01-19 Hannes von Haugwitz <han...@vonhaugwitz.com>
+ * Precalculate buffer size in base64 functions (CVE-2021-45417),
+ thanks to David Bouman for reporting this issue
+ * Release aide 0.17.4
+
2021-02-10 Hannes von Haugwitz <han...@vonhaugwitz.com>
* Release aide 0.17.3
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/INSTALL new/aide-0.17.4/INSTALL
--- old/aide-0.17.3/INSTALL 2021-02-10 22:27:43.000000000 +0100
+++ new/aide-0.17.4/INSTALL 2022-01-19 21:13:04.000000000 +0100
@@ -1,8 +1,8 @@
Installation Instructions
*************************
- Copyright (C) 1994-1996, 1999-2002, 2004-2016 Free Software
-Foundation, Inc.
+ Copyright (C) 1994-1996, 1999-2002, 2004-2017, 2020-2021 Free
+Software Foundation, Inc.
Copying and distribution of this file, with or without modification,
are permitted in any medium without royalty provided the copyright
@@ -225,7 +225,7 @@
and if that doesn't work, install pre-built binaries of GCC for HP-UX.
- HP-UX 'make' updates targets which have the same time stamps as their
+ HP-UX 'make' updates targets which have the same timestamps as their
prerequisites, which makes it generally unusable when shipped generated
files such as 'configure' are involved. Use GNU 'make' instead.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/NEWS new/aide-0.17.4/NEWS
--- old/aide-0.17.3/NEWS 2021-02-10 22:21:41.000000000 +0100
+++ new/aide-0.17.4/NEWS 2022-01-19 21:11:36.000000000 +0100
@@ -1,3 +1,7 @@
+Version 0.17.4 (2022-01-19)
+ * SECURITY FIX
+ - Precalculate buffer size in base64 functions (CVE-2021-45417)
+
Version 0.17.3 (2021-02-10)
* Fix group usage in '--after' config line
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/README new/aide-0.17.4/README
--- old/aide-0.17.3/README 2021-02-10 22:21:41.000000000 +0100
+++ new/aide-0.17.4/README 2022-01-19 21:11:36.000000000 +0100
@@ -1,7 +1,7 @@
AIDE - Advanced Intrusion Detection Environment
-------------------------------------------------
- Version 0.17.3
+ Version 0.17.4
This file is free software; as a special exception the author gives
unlimited permission to copy and/or distribute it, with or without
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/compile new/aide-0.17.4/compile
--- old/aide-0.17.3/compile 2021-02-10 22:27:43.000000000 +0100
+++ new/aide-0.17.4/compile 2022-01-19 21:13:04.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
-# Copyright (C) 1999-2020 Free Software Foundation, Inc.
+# Copyright (C) 1999-2021 Free Software Foundation, Inc.
# Written by Tom Tromey <tro...@cygnus.com>.
#
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/config.h.in new/aide-0.17.4/config.h.in
--- old/aide-0.17.3/config.h.in 2021-02-10 22:27:42.000000000 +0100
+++ new/aide-0.17.4/config.h.in 2022-01-19 21:13:04.000000000 +0100
@@ -71,9 +71,6 @@
than `double'. */
#undef HAVE_LONG_DOUBLE_WIDER
-/* Define to 1 if you have the <memory.h> header file. */
-#undef HAVE_MEMORY_H
-
/* mhash has whirlpool */
#undef HAVE_MHASH_WHIRLPOOL
@@ -95,6 +92,9 @@
/* Define to 1 if you have the <stdint.h> header file. */
#undef HAVE_STDINT_H
+/* Define to 1 if you have the <stdio.h> header file. */
+#undef HAVE_STDIO_H
+
/* Define to 1 if you have the <stdlib.h> header file. */
#undef HAVE_STDLIB_H
@@ -233,7 +233,9 @@
/* The size of `unsigned short', as computed by sizeof. */
#undef SIZEOF_UNSIGNED_SHORT
-/* Define to 1 if you have the ANSI C header files. */
+/* Define to 1 if all of the C90 standard headers exist (not just the ones
+ required in a freestanding environment). This macro is provided for
+ backward compatibility; new code need not use it. */
#undef STDC_HEADERS
/* syslog priority */
@@ -297,11 +299,6 @@
`char[]'. */
#undef YYTEXT_POINTER
-/* Enable large inode numbers on Mac OS X 10.5. */
-#ifndef _DARWIN_USE_64_BIT_INODE
-# define _DARWIN_USE_64_BIT_INODE 1
-#endif
-
/* Number of bits in a file offset, on hosts where this is settable. */
#undef _FILE_OFFSET_BITS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/doc/aide.1 new/aide-0.17.4/doc/aide.1
--- old/aide-0.17.3/doc/aide.1 2021-02-10 22:21:41.000000000 +0100
+++ new/aide-0.17.4/doc/aide.1 2022-01-19 21:11:36.000000000 +0100
@@ -1,4 +1,4 @@
-.TH AIDE 1 "2021-02-10" "aide v0.17.3" "User Commands"
+.TH AIDE 1 "2022-01-19" "aide v0.17.4" "User Commands"
.SH NAME
\fBaide\fP \- Advanced Intrusion Detection Environment
.SH SYNOPSIS
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/doc/aide.conf.5 new/aide-0.17.4/doc/aide.conf.5
--- old/aide-0.17.3/doc/aide.conf.5 2021-02-10 22:21:41.000000000 +0100
+++ new/aide-0.17.4/doc/aide.conf.5 2022-01-19 21:11:36.000000000 +0100
@@ -1,4 +1,4 @@
-.TH AIDE.CONF 5 "2021-02-10" "aide v0.17.3" "AIDE"
+.TH AIDE.CONF 5 "2022-01-19" "aide v0.17.4" "AIDE"
.SH NAME
aide.conf - The configuration file for Advanced Intrusion Detection
Environment
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/include/base64.h new/aide-0.17.4/include/base64.h
--- old/aide-0.17.3/include/base64.h 2021-01-06 09:44:54.000000000 +0100
+++ new/aide-0.17.4/include/base64.h 2022-01-18 22:36:28.000000000 +0100
@@ -35,7 +35,6 @@
#include <assert.h>
#include "types.h"
-#define B64_BUF 16384
#define FAIL -1
#define SKIP -2
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/missing new/aide-0.17.4/missing
--- old/aide-0.17.3/missing 2021-02-10 22:27:43.000000000 +0100
+++ new/aide-0.17.4/missing 2022-01-19 21:13:04.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
-# Copyright (C) 1996-2020 Free Software Foundation, Inc.
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
# Originally written by Fran,cois Pinard <pin...@iro.umontreal.ca>, 1996.
# This program is free software; you can redistribute it and/or modify
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/src/base64.c new/aide-0.17.4/src/base64.c
--- old/aide-0.17.3/src/base64.c 2021-02-10 22:01:14.000000000 +0100
+++ new/aide-0.17.4/src/base64.c 2022-01-19 21:02:55.000000000 +0100
@@ -85,11 +85,9 @@
};
/* Returns NULL on error */
-/* FIXME Possible buffer overflow on outputs larger than B64_BUF */
char* encode_base64(byte* src,size_t ssize)
{
char* outbuf;
- char* retbuf;
int pos;
int i, l, left;
unsigned long triple;
@@ -100,7 +98,10 @@
log_msg(LOG_LEVEL_DEBUG,"encode base64: empty string");
return NULL;
}
- outbuf = (char *)checked_malloc(sizeof(char)*B64_BUF);
+
+ /* length of encoded base64 string (padded) */
+ size_t length = sizeof(char)* ((ssize + 2) / 3) * 4;
+ outbuf = (char *)checked_malloc(length + 1);
/* Initialize working pointers */
inb = src;
@@ -161,20 +162,14 @@
inb++;
}
- /* outbuf is not completely used so we use retbuf */
- retbuf=(char*)checked_malloc(sizeof(char)*(pos+1));
- memcpy(retbuf,outbuf,pos);
- retbuf[pos]='\0';
- free(outbuf);
+ outbuf[pos]='\0';
- return retbuf;
+ return outbuf;
}
-/* FIXME Possible buffer overflow on outputs larger than B64_BUF */
byte* decode_base64(char* src,size_t ssize, size_t *ret_len)
{
byte* outbuf;
- byte* retbuf;
char* inb;
int i;
int l;
@@ -188,10 +183,18 @@
return NULL;
}
+ /* exit on unpadded input */
+ if (ssize % 4) {
+ log_msg(LOG_LEVEL_WARNING, "decode_base64: '%s' has invalid length
(missing padding characters?)", src);
+ return NULL;
+ }
+
+ /* calculate length of decoded string, substract padding chars if any (ssize
is >= 4) */
+ size_t length = sizeof(byte) * ((ssize / 4) * 3)- (src[ssize-1] == '=') -
(src[ssize-2] == '=');
/* Initialize working pointers */
inb = src;
- outbuf = (byte *)checked_malloc(sizeof(byte)*B64_BUF);
+ outbuf = (byte *)checked_malloc(length + 1);
l = 0;
triple = 0;
@@ -242,15 +245,11 @@
inb++;
}
- retbuf=(byte*)checked_malloc(sizeof(byte)*(pos+1));
- memcpy(retbuf,outbuf,pos);
- retbuf[pos]='\0';
-
- free(outbuf);
+ outbuf[pos]='\0';
if (ret_len) *ret_len = pos;
- return retbuf;
+ return outbuf;
}
size_t length_base64(char* src,size_t ssize)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/src/conf_yacc.c new/aide-0.17.4/src/conf_yacc.c
--- old/aide-0.17.3/src/conf_yacc.c 2021-02-10 22:27:46.000000000 +0100
+++ new/aide-0.17.4/src/conf_yacc.c 2022-01-19 21:13:12.000000000 +0100
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.7.2. */
+/* A Bison parser, made by GNU Bison 3.8.2. */
/* Bison implementation for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2020 Free Software
Foundation,
+ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software
Foundation,
Inc.
This program is free software: you can redistribute it and/or modify
@@ -16,7 +16,7 @@
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. */
+ along with this program. If not, see <https://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
@@ -45,11 +45,11 @@
define necessary library symbols; they are noted "INFRINGES ON
USER NAME SPACE" below. */
-/* Identify Bison output. */
-#define YYBISON 1
+/* Identify Bison output, and Bison version. */
+#define YYBISON 30802
-/* Bison version. */
-#define YYBISON_VERSION "3.7.2"
+/* Bison version string. */
+#define YYBISON_VERSION "3.8.2"
/* Skeleton name. */
#define YYSKELETON_NAME "yacc.c"
@@ -239,6 +239,18 @@
typedef short yytype_int16;
#endif
+/* Work around bug in HP-UX 11.23, which defines these macros
+ incorrectly for preprocessor constants. This workaround can likely
+ be removed in 2023, as HPE has promised support for HP-UX 11.23
+ (aka HP-UX 11i v2) only through the end of 2022; see Table 2 of
+ <https://h20195.www2.hpe.com/V2/getpdf.aspx/4AA4-7673ENW.pdf>. */
+#ifdef __hpux
+# undef UINT_LEAST8_MAX
+# undef UINT_LEAST16_MAX
+# define UINT_LEAST8_MAX 255
+# define UINT_LEAST16_MAX 65535
+#endif
+
#if defined __UINT_LEAST8_MAX__ && __UINT_LEAST8_MAX__ <= __INT_MAX__
typedef __UINT_LEAST8_TYPE__ yytype_uint8;
#elif (!defined __UINT_LEAST8_MAX__ && defined YY_STDINT_H \
@@ -336,17 +348,23 @@
/* Suppress unused-variable warnings by "using" E. */
#if ! defined lint || defined __GNUC__
-# define YYUSE(E) ((void) (E))
+# define YY_USE(E) ((void) (E))
#else
-# define YYUSE(E) /* empty */
+# define YY_USE(E) /* empty */
#endif
-#if defined __GNUC__ && ! defined __ICC && 407 <= __GNUC__ * 100 +
__GNUC_MINOR__
/* Suppress an incorrect diagnostic about yylval being uninitialized. */
-# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \
+#if defined __GNUC__ && ! defined __ICC && 406 <= __GNUC__ * 100 +
__GNUC_MINOR__
+# if __GNUC__ * 100 + __GNUC_MINOR__ < 407
+# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \
+ _Pragma ("GCC diagnostic push") \
+ _Pragma ("GCC diagnostic ignored \"-Wuninitialized\"")
+# else
+# define YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN \
_Pragma ("GCC diagnostic push") \
_Pragma ("GCC diagnostic ignored \"-Wuninitialized\"") \
_Pragma ("GCC diagnostic ignored \"-Wmaybe-uninitialized\"")
+# endif
# define YY_IGNORE_MAYBE_UNINITIALIZED_END \
_Pragma ("GCC diagnostic pop")
#else
@@ -562,7 +580,7 @@
};
#if YYDEBUG
- /* YYRLINE[YYN] -- Source line where rule number YYN was defined. */
+/* YYRLINE[YYN] -- Source line where rule number YYN was defined. */
static const yytype_uint8 yyrline[] =
{
0, 105, 105, 106, 108, 112, 113, 118, 119, 120,
@@ -604,17 +622,6 @@
}
#endif
-#ifdef YYPRINT
-/* YYTOKNUM[NUM] -- (External) token number corresponding to the
- (internal) symbol number NUM (which must be that of a token). */
-static const yytype_int16 yytoknum[] =
-{
- 0, 256, 257, 258, 259, 260, 261, 262, 263, 264,
- 265, 266, 267, 268, 269, 270, 271, 272, 273, 274,
- 275, 276, 277, 278, 43, 45, 44, 61
-};
-#endif
-
#define YYPACT_NINF (-43)
#define yypact_value_is_default(Yyn) \
@@ -625,8 +632,8 @@
#define yytable_value_is_error(Yyn) \
0
- /* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
- STATE-NUM. */
+/* YYPACT[STATE-NUM] -- Index in YYTABLE of the portion describing
+ STATE-NUM. */
static const yytype_int8 yypact[] =
{
37, -7, 4, 5, 5, 5, 5, -5, 8, 29,
@@ -640,9 +647,9 @@
58, -43
};
- /* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM.
- Performed when YYTABLE does not specify something else to do. Zero
- means the default is an error. */
+/* YYDEFACT[STATE-NUM] -- Default reduction number in state STATE-NUM.
+ Performed when YYTABLE does not specify something else to do. Zero
+ means the default is an error. */
static const yytype_int8 yydefact[] =
{
2, 0, 0, 0, 0, 0, 0, 0, 0, 0,
@@ -656,23 +663,23 @@
0, 36
};
- /* YYPGOTO[NTERM-NUM]. */
+/* YYPGOTO[NTERM-NUM]. */
static const yytype_int8 yypgoto[] =
{
-43, -43, -42, -43, -29, -6, -43, -4, -43, -43,
-43, -43, -43, -43, -43, -43, -43
};
- /* YYDEFGOTO[NTERM-NUM]. */
+/* YYDEFGOTO[NTERM-NUM]. */
static const yytype_int8 yydefgoto[] =
{
- -1, 15, 16, 17, 53, 56, 18, 31, 32, 19,
+ 0, 15, 16, 17, 53, 56, 18, 31, 32, 19,
20, 21, 22, 23, 24, 25, 26
};
- /* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If
- positive, shift that token. If negative, reduce the rule whose
- number is the opposite. If YYTABLE_NINF, syntax error. */
+/* YYTABLE[YYPACT[STATE-NUM]] -- What to do in state STATE-NUM. If
+ positive, shift that token. If negative, reduce the rule whose
+ number is the opposite. If YYTABLE_NINF, syntax error. */
static const yytype_int8 yytable[] =
{
33, 34, 35, 63, 64, -19, 52, 40, 41, 42,
@@ -697,8 +704,8 @@
16, -1, -1, -1, 19
};
- /* YYSTOS[STATE-NUM] -- The (internal number of the) accessing
- symbol of state STATE-NUM. */
+/* YYSTOS[STATE-NUM] -- The symbol kind of the accessing symbol of
+ state STATE-NUM. */
static const yytype_int8 yystos[] =
{
0, 3, 4, 5, 6, 7, 8, 11, 12, 13,
@@ -712,7 +719,7 @@
30, 10
};
- /* YYR1[YYN] -- Symbol number of symbol that rule YYN derives. */
+/* YYR1[RULE-NUM] -- Symbol kind of the left-hand side of rule RULE-NUM. */
static const yytype_int8 yyr1[] =
{
0, 28, 29, 29, 30, 30, 30, 31, 31, 31,
@@ -722,7 +729,7 @@
43, 44, 44, 44, 44, 44, 44
};
- /* YYR2[YYN] -- Number of symbols on the right hand side of rule YYN. */
+/* YYR2[RULE-NUM] -- Number of symbols on the right-hand side of rule
RULE-NUM. */
static const yytype_int8 yyr2[] =
{
0, 2, 0, 1, 3, 2, 1, 1, 1, 1,
@@ -741,6 +748,7 @@
#define YYACCEPT goto yyacceptlab
#define YYABORT goto yyabortlab
#define YYERROR goto yyerrorlab
+#define YYNOMEM goto yyexhaustedlab
#define YYRECOVERING() (!!yyerrstatus)
@@ -781,10 +789,7 @@
YYFPRINTF Args; \
} while (0)
-/* This macro is provided for backward compatibility. */
-# ifndef YY_LOCATION_PRINT
-# define YY_LOCATION_PRINT(File, Loc) ((void) 0)
-# endif
+
# define YY_SYMBOL_PRINT(Title, Kind, Value, Location) \
@@ -808,16 +813,12 @@
yysymbol_kind_t yykind, YYSTYPE const * const yyvaluep,
ast** config_ast)
{
FILE *yyoutput = yyo;
- YYUSE (yyoutput);
- YYUSE (config_ast);
+ YY_USE (yyoutput);
+ YY_USE (config_ast);
if (!yyvaluep)
return;
-# ifdef YYPRINT
- if (yykind < YYNTOKENS)
- YYPRINT (yyo, yytoknum[yykind], *yyvaluep);
-# endif
YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
- YYUSE (yykind);
+ YY_USE (yykind);
YY_IGNORE_MAYBE_UNINITIALIZED_END
}
@@ -931,14 +932,14 @@
yydestruct (const char *yymsg,
yysymbol_kind_t yykind, YYSTYPE *yyvaluep, ast** config_ast)
{
- YYUSE (yyvaluep);
- YYUSE (config_ast);
+ YY_USE (yyvaluep);
+ YY_USE (config_ast);
if (!yymsg)
yymsg = "Deleting";
YY_SYMBOL_PRINT (yymsg, yykind, yyvaluep, yylocationp);
YY_IGNORE_MAYBE_UNINITIALIZED_BEGIN
- YYUSE (yykind);
+ YY_USE (yykind);
YY_IGNORE_MAYBE_UNINITIALIZED_END
}
@@ -1001,6 +1002,7 @@
YYDPRINTF ((stderr, "Starting parse\n"));
yychar = YYEMPTY; /* Cause a token to be read. */
+
goto yysetstate;
@@ -1026,7 +1028,7 @@
if (yyss + yystacksize - 1 <= yyssp)
#if !defined yyoverflow && !defined YYSTACK_RELOCATE
- goto yyexhaustedlab;
+ YYNOMEM;
#else
{
/* Get the current used size of the three stacks, in elements. */
@@ -1054,7 +1056,7 @@
# else /* defined YYSTACK_RELOCATE */
/* Extend the stack our own way. */
if (YYMAXDEPTH <= yystacksize)
- goto yyexhaustedlab;
+ YYNOMEM;
yystacksize *= 2;
if (YYMAXDEPTH < yystacksize)
yystacksize = YYMAXDEPTH;
@@ -1065,7 +1067,7 @@
YY_CAST (union yyalloc *,
YYSTACK_ALLOC (YY_CAST (YYSIZE_T, YYSTACK_BYTES
(yystacksize))));
if (! yyptr)
- goto yyexhaustedlab;
+ YYNOMEM;
YYSTACK_RELOCATE (yyss_alloc, yyss);
YYSTACK_RELOCATE (yyvs_alloc, yyvs);
# undef YYSTACK_RELOCATE
@@ -1087,6 +1089,7 @@
}
#endif /* !defined yyoverflow && !defined YYSTACK_RELOCATE */
+
if (yystate == YYFINAL)
YYACCEPT;
@@ -1201,7 +1204,7 @@
case 3: /* config: statements */
#line 106 "src/conf_yacc.y"
{ *config_ast = (yyvsp[0].ast); }
-#line 1205 "src/conf_yacc.c"
+#line 1208 "src/conf_yacc.c"
break;
case 4: /* statements: statement TNEWLINE statements */
@@ -1210,13 +1213,13 @@
ast *temp = (yyvsp[-2].ast);
temp->next = (yyvsp[0].ast);
(yyval.ast) = (yyvsp[-2].ast); }
-#line 1214 "src/conf_yacc.c"
+#line 1217 "src/conf_yacc.c"
break;
case 5: /* statements: statement TNEWLINE */
#line 112 "src/conf_yacc.y"
{ (yyval.ast) = (yyvsp[-1].ast); }
-#line 1220 "src/conf_yacc.c"
+#line 1223 "src/conf_yacc.c"
break;
case 6: /* statements: statement */
@@ -1225,203 +1228,203 @@
log_msg(LOG_LEVEL_ERROR, "%s:%d: syntax error: unexpected
token or end of file, expected newline (line: '%s')", conf_filename,
conf_linenumber, conf_linebuf);
YYABORT;
}
-#line 1229 "src/conf_yacc.c"
+#line 1232 "src/conf_yacc.c"
break;
case 15: /* attribute_expression: attribute_expression '+' TEXPR */
#line 126 "src/conf_yacc.y"
{ (yyval.attr_expr) =
new_attribute_expression(ATTR_OP_PLUS, (yyvsp[-2].attr_expr), (yyvsp[0].s)); }
-#line 1235 "src/conf_yacc.c"
+#line 1238 "src/conf_yacc.c"
break;
case 16: /* attribute_expression: attribute_expression '-' TEXPR */
#line 127 "src/conf_yacc.y"
{ (yyval.attr_expr) =
new_attribute_expression(ATTR_OP_MINUS, (yyvsp[-2].attr_expr), (yyvsp[0].s)); }
-#line 1241 "src/conf_yacc.c"
+#line 1244 "src/conf_yacc.c"
break;
case 17: /* attribute_expression: TEXPR */
#line 128 "src/conf_yacc.y"
{ (yyval.attr_expr) =
new_attribute_expression(ATTR_OP_GROUP, NULL, (yyvsp[0].s)); }
-#line 1247 "src/conf_yacc.c"
+#line 1250 "src/conf_yacc.c"
break;
case 18: /* restriction_expression: restriction_expression ',' TEXPR */
#line 130 "src/conf_yacc.y"
{ (yyval.rs_expr) =
new_restriction_expression((yyvsp[-2].rs_expr), (yyvsp[0].s)); }
-#line 1253 "src/conf_yacc.c"
+#line 1256 "src/conf_yacc.c"
break;
case 19: /* restriction_expression: TEXPR */
#line 131 "src/conf_yacc.y"
{ (yyval.rs_expr) =
new_restriction_expression(NULL, (yyvsp[0].s)); }
-#line 1259 "src/conf_yacc.c"
+#line 1262 "src/conf_yacc.c"
break;
case 20: /* define_statement: TDEFINE TVARIABLE */
#line 133 "src/conf_yacc.y"
{ (yyval.ast) =
new_define_statement((yyvsp[0].s), NULL); }
-#line 1265 "src/conf_yacc.c"
+#line 1268 "src/conf_yacc.c"
break;
case 21: /* define_statement: TDEFINE TVARIABLE string_expression */
#line 134 "src/conf_yacc.y"
{ (yyval.ast) =
new_define_statement((yyvsp[-1].s), (yyvsp[0].string_expr)); }
-#line 1271 "src/conf_yacc.c"
+#line 1274 "src/conf_yacc.c"
break;
case 22: /* string_expression: string_fragment string_expression */
#line 136 "src/conf_yacc.y"
{ (yyval.string_expr) =
new_string_concat((yyvsp[-1].string_expr), (yyvsp[0].string_expr)); }
-#line 1277 "src/conf_yacc.c"
+#line 1280 "src/conf_yacc.c"
break;
case 23: /* string_expression: string_fragment */
#line 137 "src/conf_yacc.y"
{ (yyval.string_expr) =
(yyvsp[0].string_expr); }
-#line 1283 "src/conf_yacc.c"
+#line 1286 "src/conf_yacc.c"
break;
case 24: /* string_fragment: TSTRING */
#line 138 "src/conf_yacc.y"
{ (yyval.string_expr) = new_string((yyvsp[0].s)); }
-#line 1289 "src/conf_yacc.c"
+#line 1292 "src/conf_yacc.c"
break;
case 25: /* string_fragment: TVARIABLE */
#line 139 "src/conf_yacc.y"
{ (yyval.string_expr) = new_variable((yyvsp[0].s));
}
-#line 1295 "src/conf_yacc.c"
+#line 1298 "src/conf_yacc.c"
break;
case 26: /* undefine_statement: TUNDEFINE TVARIABLE */
#line 141 "src/conf_yacc.y"
{ (yyval.ast) =
new_undefine_statement((yyvsp[0].s)); }
-#line 1301 "src/conf_yacc.c"
+#line 1304 "src/conf_yacc.c"
break;
case 27: /* config_statement: CONFIGOPTION '=' string_expression */
#line 143 "src/conf_yacc.y"
{ (yyval.ast) =
new_string_option_statement((yyvsp[-2].option), (yyvsp[0].string_expr)); }
-#line 1307 "src/conf_yacc.c"
+#line 1310 "src/conf_yacc.c"
break;
case 28: /* config_statement: CONFIGOPTION '=' attribute_expression */
#line 144 "src/conf_yacc.y"
{ (yyval.ast) =
new_attribute_option_statement((yyvsp[-2].option), (yyvsp[0].attr_expr)); }
-#line 1313 "src/conf_yacc.c"
+#line 1316 "src/conf_yacc.c"
break;
case 29: /* group_statement: TGROUP '=' attribute_expression */
#line 146 "src/conf_yacc.y"
{ (yyval.ast) =
new_group_statement((yyvsp[-2].s), (yyvsp[0].attr_expr)); }
-#line 1319 "src/conf_yacc.c"
+#line 1322 "src/conf_yacc.c"
break;
case 30: /* include_statement: TINCLUDE TSPACE string_expression */
#line 148 "src/conf_yacc.y"
{ (yyval.ast) =
new_include_statement((yyvsp[0].string_expr), NULL, false); }
-#line 1325 "src/conf_yacc.c"
+#line 1328 "src/conf_yacc.c"
break;
case 31: /* include_statement: TINCLUDE TSPACE string_expression TSPACE
string_expression */
#line 149 "src/conf_yacc.y"
{ (yyval.ast) = new_include_statement((yyvsp[-2].string_expr),
(yyvsp[0].string_expr), false); }
-#line 1331 "src/conf_yacc.c"
+#line 1334 "src/conf_yacc.c"
break;
case 32: /* include_statement: TXINCLUDE TSPACE string_expression */
#line 150 "src/conf_yacc.y"
{ (yyval.ast) =
new_include_statement((yyvsp[0].string_expr), NULL, true); }
-#line 1337 "src/conf_yacc.c"
+#line 1340 "src/conf_yacc.c"
break;
case 33: /* include_statement: TXINCLUDE TSPACE string_expression TSPACE
string_expression */
#line 151 "src/conf_yacc.y"
{ (yyval.ast) = new_include_statement((yyvsp[-2].string_expr),
(yyvsp[0].string_expr), true); }
-#line 1343 "src/conf_yacc.c"
+#line 1346 "src/conf_yacc.c"
break;
case 34: /* x_include_setenv_statement: TSETENV TVARIABLE string_expression
*/
#line 153 "src/conf_yacc.y"
{ (yyval.ast)
= new_x_include_setenv_statement((yyvsp[-1].s), (yyvsp[0].string_expr)); }
-#line 1349 "src/conf_yacc.c"
+#line 1352 "src/conf_yacc.c"
break;
case 35: /* if_statement: if_condition TNEWLINE statements TENDIF */
#line 155 "src/conf_yacc.y"
{ (yyval.ast) =
new_if_statement((yyvsp[-3].if_cond), (yyvsp[-1].ast), NULL); }
-#line 1355 "src/conf_yacc.c"
+#line 1358 "src/conf_yacc.c"
break;
case 36: /* if_statement: if_condition TNEWLINE statements TELSE TNEWLINE
statements TENDIF */
#line 156 "src/conf_yacc.y"
{ (yyval.ast) = new_if_statement((yyvsp[-6].if_cond), (yyvsp[-4].ast),
(yyvsp[-1].ast)); }
-#line 1361 "src/conf_yacc.c"
+#line 1364 "src/conf_yacc.c"
break;
case 37: /* if_condition: TIFDEF string_expression */
#line 158 "src/conf_yacc.y"
{
(yyval.if_cond)=new_if_condition(new_string_bool_expression(BOOL_OP_DEFINED,
(yyvsp[0].string_expr))); }
-#line 1367 "src/conf_yacc.c"
+#line 1370 "src/conf_yacc.c"
break;
case 38: /* if_condition: TIFNDEF string_expression */
#line 159 "src/conf_yacc.y"
{
(yyval.if_cond)=new_if_condition(new_bool_expression(BOOL_OP_NOT,
new_string_bool_expression(BOOL_OP_DEFINED, (yyvsp[0].string_expr)), NULL)); }
-#line 1373 "src/conf_yacc.c"
+#line 1376 "src/conf_yacc.c"
break;
case 39: /* if_condition: TIFHOST string_expression */
#line 160 "src/conf_yacc.y"
{
(yyval.if_cond)=new_if_condition(new_string_bool_expression(BOOL_OP_HOSTNAME,
(yyvsp[0].string_expr))); }
-#line 1379 "src/conf_yacc.c"
+#line 1382 "src/conf_yacc.c"
break;
case 40: /* if_condition: TIFNHOST string_expression */
#line 161 "src/conf_yacc.y"
{
(yyval.if_cond)=new_if_condition(new_bool_expression(BOOL_OP_NOT,
new_string_bool_expression(BOOL_OP_HOSTNAME, (yyvsp[0].string_expr)), NULL)); }
-#line 1385 "src/conf_yacc.c"
+#line 1388 "src/conf_yacc.c"
break;
case 41: /* rule_statement: TSELRXRULE string_expression
attribute_expression */
#line 163 "src/conf_yacc.y"
{
(yyval.ast) = new_rule_statement(AIDE_SELECTIVE_RULE, (yyvsp[-1].string_expr),
NULL, (yyvsp[0].attr_expr)); }
-#line 1391 "src/conf_yacc.c"
+#line 1394 "src/conf_yacc.c"
break;
case 42: /* rule_statement: TEQURXRULE string_expression
attribute_expression */
#line 164 "src/conf_yacc.y"
{
(yyval.ast) = new_rule_statement(AIDE_EQUAL_RULE, (yyvsp[-1].string_expr),
NULL, (yyvsp[0].attr_expr)); }
-#line 1397 "src/conf_yacc.c"
+#line 1400 "src/conf_yacc.c"
break;
case 43: /* rule_statement: TNEGRXRULE string_expression */
#line 165 "src/conf_yacc.y"
{ (yyval.ast) =
new_rule_statement(AIDE_NEGATIVE_RULE, (yyvsp[0].string_expr), NULL, NULL); }
-#line 1403 "src/conf_yacc.c"
+#line 1406 "src/conf_yacc.c"
break;
case 44: /* rule_statement: TSELRXRULE string_expression
restriction_expression attribute_expression */
#line 166 "src/conf_yacc.y"
{ (yyval.ast) = new_rule_statement(AIDE_SELECTIVE_RULE,
(yyvsp[-2].string_expr), (yyvsp[-1].rs_expr), (yyvsp[0].attr_expr)); }
-#line 1409 "src/conf_yacc.c"
+#line 1412 "src/conf_yacc.c"
break;
case 45: /* rule_statement: TEQURXRULE string_expression
restriction_expression attribute_expression */
#line 167 "src/conf_yacc.y"
{ (yyval.ast) = new_rule_statement(AIDE_EQUAL_RULE,
(yyvsp[-2].string_expr), (yyvsp[-1].rs_expr), (yyvsp[0].attr_expr)); }
-#line 1415 "src/conf_yacc.c"
+#line 1418 "src/conf_yacc.c"
break;
case 46: /* rule_statement: TNEGRXRULE string_expression
restriction_expression */
#line 168 "src/conf_yacc.y"
{
(yyval.ast) = new_rule_statement(AIDE_NEGATIVE_RULE, (yyvsp[-1].string_expr),
(yyvsp[0].rs_expr), NULL); }
-#line 1421 "src/conf_yacc.c"
+#line 1424 "src/conf_yacc.c"
break;
-#line 1425 "src/conf_yacc.c"
+#line 1428 "src/conf_yacc.c"
default: break;
}
@@ -1503,6 +1506,7 @@
label yyerrorlab therefore never appears in user code. */
if (0)
YYERROR;
+ ++yynerrs;
/* Do not reclaim the symbols of the rule whose action triggered
this YYERROR. */
@@ -1563,7 +1567,7 @@
`-------------------------------------*/
yyacceptlab:
yyresult = 0;
- goto yyreturn;
+ goto yyreturnlab;
/*-----------------------------------.
@@ -1571,24 +1575,22 @@
`-----------------------------------*/
yyabortlab:
yyresult = 1;
- goto yyreturn;
+ goto yyreturnlab;
-#if !defined yyoverflow
-/*-------------------------------------------------.
-| yyexhaustedlab -- memory exhaustion comes here. |
-`-------------------------------------------------*/
+/*-----------------------------------------------------------.
+| yyexhaustedlab -- YYNOMEM (memory exhaustion) comes here. |
+`-----------------------------------------------------------*/
yyexhaustedlab:
yyerror (config_ast, YY_("memory exhausted"));
yyresult = 2;
- goto yyreturn;
-#endif
+ goto yyreturnlab;
-/*-------------------------------------------------------.
-| yyreturn -- parsing is finished, clean up and return. |
-`-------------------------------------------------------*/
-yyreturn:
+/*----------------------------------------------------------.
+| yyreturnlab -- parsing is finished, clean up and return. |
+`----------------------------------------------------------*/
+yyreturnlab:
if (yychar != YYEMPTY)
{
/* Make sure we have latest lookahead translation. See comments at
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/src/conf_yacc.h new/aide-0.17.4/src/conf_yacc.h
--- old/aide-0.17.3/src/conf_yacc.h 2021-02-10 22:27:46.000000000 +0100
+++ new/aide-0.17.4/src/conf_yacc.h 2022-01-19 21:13:12.000000000 +0100
@@ -1,8 +1,8 @@
-/* A Bison parser, made by GNU Bison 3.7.2. */
+/* A Bison parser, made by GNU Bison 3.8.2. */
/* Bison interface for Yacc-like parsers in C
- Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2020 Free Software
Foundation,
+ Copyright (C) 1984, 1989-1990, 2000-2015, 2018-2021 Free Software
Foundation,
Inc.
This program is free software: you can redistribute it and/or modify
@@ -16,7 +16,7 @@
GNU General Public License for more details.
You should have received a copy of the GNU General Public License
- along with this program. If not, see <http://www.gnu.org/licenses/>. */
+ along with this program. If not, see <https://www.gnu.org/licenses/>. */
/* As a special exception, you may create a larger work that contains
part or all of the Bison parser skeleton and distribute that work
@@ -85,6 +85,7 @@
typedef enum yytokentype yytoken_kind_t;
#endif
/* Token kinds. */
+#define YYEMPTY -2
#define YYEOF 0
#define YYerror 256
#define YYUNDEF 257
@@ -127,7 +128,7 @@
restriction_expression* rs_expr;
string_expression* string_expr;
-#line 131 "src/conf_yacc.h"
+#line 132 "src/conf_yacc.h"
};
typedef union YYSTYPE YYSTYPE;
@@ -138,6 +139,8 @@
extern YYSTYPE conflval;
+
int confparse (ast** config_ast);
+
#endif /* !YY_CONF_SRC_CONF_YACC_H_INCLUDED */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/src/db.c new/aide-0.17.4/src/db.c
--- old/aide-0.17.3/src/db.c 2021-02-10 22:01:14.000000000 +0100
+++ new/aide-0.17.4/src/db.c 2022-01-19 21:02:55.000000000 +0100
@@ -428,13 +428,15 @@
time_t base64totime_t(char* s, database* db, const char* field_name){
+ if(strcmp(s,"0")==0){
+ return 0;
+ }
byte* b=decode_base64(s,strlen(s),NULL);
char* endp;
- if (b==NULL||strcmp(s,"0")==0) {
+ if (b==NULL) {
/* Should we print error here? */
- free(b);
return 0;
} else {
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/version.m4 new/aide-0.17.4/version.m4
--- old/aide-0.17.3/version.m4 2021-02-10 22:27:40.000000000 +0100
+++ new/aide-0.17.4/version.m4 2022-01-19 21:13:00.000000000 +0100
@@ -1 +1 @@
-m4_define([AIDE_VERSION], [0.17.3])
+m4_define([AIDE_VERSION], [0.17.4])
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn'
'--exclude=.svnignore' --exclude Makefile.in --exclude configure --exclude
config.guess --exclude '*.pot' --exclude mkinstalldirs --exclude aclocal.m4
--exclude config.sub --exclude depcomp --exclude install-sh --exclude ltmain.sh
old/aide-0.17.3/ylwrap new/aide-0.17.4/ylwrap
--- old/aide-0.17.3/ylwrap 2021-02-10 22:27:43.000000000 +0100
+++ new/aide-0.17.4/ylwrap 2022-01-19 21:13:04.000000000 +0100
@@ -3,7 +3,7 @@
scriptversion=2018-03-07.03; # UTC
-# Copyright (C) 1996-2020 Free Software Foundation, Inc.
+# Copyright (C) 1996-2021 Free Software Foundation, Inc.
#
# Written by Tom Tromey <tro...@cygnus.com>.
#
