You signed in with another tab or window. Reload to refresh your session.You signed out in another tab or window. Reload to refresh your session.You switched accounts on another tab or window. Reload to refresh your session.Dismiss alert
safe_exec under-allocated argv by not reserving a slot for execve's terminating NULL, and several call sites omitted the required NULL sentinel, letting the varargs reader run past the provided arguments. The argv array now has a terminator slot and every safe_exec call passes an explicit sentinel.
GSS ACK handling in auditd-listen allocated utok.value and copied into it without checking for allocation failure. The GSS path now logs and drops the ACK on ENOMEM before touching the buffer.
auparse file source setup allocated source_list entries without checking the list or filename strdup allocations, leaving partial lists on failure. The setup now calloc's NULL-terminated lists, frees partial lists through a shared helper, and reuses that helper during destroy and init failure cleanup.
audisp-remote's GSS connection setup left the connected socket open if credential negotiation failed after connect. The failure path now calls stop_sock() before returning the permanent error so the socket and GSS/KRB state are torn down consistently.
The IDS session model treated the account string as transferred to new_session even though new_session could fail before taking ownership, and it could duplicate a NULL interpreted field. The caller now only duplicates non-NULL fields and always frees its local copy, while new_session makes its own stored copy and frees it if insertion fails.
0 commit comments