From b2676f898254f023c93baea44e3f8a91b1213e14 Mon Sep 17 00:00:00 2001
From: yixiangzhike <yixiangzhike007@163.com>
Date: Wed, 16 Apr 2025 19:08:04 +0800
Subject: [PATCH] Fix double free for SIGUSR1

(cherry picked from commit df487148fa8ee8defbc4f5f20b0dae5d31a527b2)
---
 aide.spec                                     |  9 +++-
 ...le-SIGUSR1-only-after-config-parsing.patch | 53 +++++++++++++++++++
 2 files changed, 61 insertions(+), 1 deletion(-)
 create mode 100644 backport-Handle-SIGUSR1-only-after-config-parsing.patch

diff --git a/aide.spec b/aide.spec
index e27ca83..8ac1bc8 100644
--- a/aide.spec
+++ b/aide.spec
@@ -2,7 +2,7 @@
 
 Name:       aide
 Version:    0.18.6
-Release:    4
+Release:    5
 Summary:    Advanced Intrusion Detection Environment
 License:    GPLv2+
 URL:        https://sourceforge.net/projects/aide
@@ -24,6 +24,7 @@ Patch0:    Add-sm3-algorithm-for-aide.patch
 Patch1:    backport-Fix-condition-for-error-message-of-failing-to-open-g.patch
 Patch2:    backport-Fix-parsing-of-lowercase-group-names.patch
 Patch3:    backport-Fix-concurrent-reading-of-extended-attributes-xattrs.patch
+Patch4:    backport-Handle-SIGUSR1-only-after-config-parsing.patch
 
 %description
 AIDE (Advanced Intrusion Detection Environment, [eyd]) is a file and directory integrity checker.
@@ -76,6 +77,12 @@ make check
 %{_mandir}/*/*
 
 %changelog
+* Wed Apr 16 2025 yixiangzhike <yixiangzhike007@163.com> - 0.18.6-5
+- Type: bugfix
+- ID: NA
+- SUG: NA
+- DESC: backport upstream patch to fix double free for SIGUSR1
+
 * Tue Mar 25 2025 yixiangzhike <yixiangzhike007@163.com> - 0.18.6-4
 - Type: bugfix
 - ID: NA
diff --git a/backport-Handle-SIGUSR1-only-after-config-parsing.patch b/backport-Handle-SIGUSR1-only-after-config-parsing.patch
new file mode 100644
index 0000000..c328f4e
--- /dev/null
+++ b/backport-Handle-SIGUSR1-only-after-config-parsing.patch
@@ -0,0 +1,53 @@
+From 04b51aa49461a2e762a7d363cabcd73718023250 Mon Sep 17 00:00:00 2001
+From: Hannes von Haugwitz <hannes@vonhaugwitz.com>
+Date: Tue, 25 Mar 2025 19:19:37 +0100
+Subject: [PATCH] Handle SIGUSR1 only after config parsing
+
+* closes: #181
+---
+ src/aide.c | 12 ++++++------
+ 1 file changed, 6 insertions(+), 6 deletions(-)
+
+diff --git a/src/aide.c b/src/aide.c
+index ff41f96..ac76f77 100644
+--- a/src/aide.c
++++ b/src/aide.c
+@@ -98,14 +98,11 @@ static void usage(int exitvalue)
+ 
+ static void sig_handler(int);
+ 
+-static void init_sighandler()
++static void init_db_sighandler()
+ {
+-  log_msg(LOG_LEVEL_DEBUG, "initialize signal handler for SIGTERM, SIGUSR1 and SIGHUP");
++  log_msg(LOG_LEVEL_DEBUG, "initialize signal handler for SIGTERM and SIGHUP");
+   signal(SIGTERM,sig_handler);
+-  signal(SIGUSR1,sig_handler);
+   signal(SIGHUP,sig_handler);
+-
+-  return;
+ }
+ 
+ static void init_crypto_lib() {
+@@ -598,7 +595,7 @@ int main(int argc,char**argv)
+   textdomain(PACKAGE);
+ #endif
+   umask(0177);
+-  init_sighandler();
++  init_db_sighandler();
+   init_crypto_lib();
+ 
+   setdefaults_before_config();
+@@ -626,6 +623,9 @@ int main(int argc,char**argv)
+ 
+   setdefaults_after_config();
+ 
++  log_msg(LOG_LEVEL_DEBUG, "initialize signal handler for SIGUSR1");
++  signal(SIGUSR1,sig_handler);
++
+   log_msg(LOG_LEVEL_CONFIG, "report_urls:");
+   log_report_urls(LOG_LEVEL_CONFIG);
+ 
+-- 
+2.33.0
+
-- 
Gitee