[gentoo-commits] gentoo-x86 commit in sys-apps/dbus/files: dbus-1.2.3-panic-from-dbus_signature_validate.patch - gentoo-commits

From:	"Doug Goldstein (cardoe)" <cardoe@g.o>
To:	gentoo-commits@l.g.o
Subject:	[gentoo-commits] gentoo-x86 commit in sys-apps/dbus/files: dbus-1.2.3-panic-from-dbus_signature_validate.patch
Date:	Mon, 06 Oct 2008 18:28:04
Message-Id:	`E1KmuoM-0007Oc-5v@stork.gentoo.org`

1

cardoe      08/10/06 18:28:02

2

3

  Added:                dbus-1.2.3-panic-from-dbus_signature_validate.patch

4

  Log:

5

  Fix potential DoS issue. fdo bug #17803. Gentoo bug #240308

6

  (Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo-r1 x86_64)

7

8

Revision  Changes    Path

9

1.1                  sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch

10

11

file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&view=markup

12

plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&content-type=text/plain

13

14

Index: dbus-1.2.3-panic-from-dbus_signature_validate.patch

15

===================================================================

16

From: Colin Walters <walters@××××××.org>

17

Date: Wed, 1 Oct 2008 17:49:48 +0000 (-0400)

18

Subject: Bug 17803: Panic from dbus_signature_validate

19

X-Git-Url: http://gitweb.freedesktop.org/?p=dbus/dbus.git;a=commitdiff;h=7b10b46c5c8658449783ce45f1273dd35c353bce

20

21

Bug 17803: Panic from dbus_signature_validate

22

23

	* dbus/dbus-marshal-validate.c: Ensure we validate

24

	a basic type before calling is_basic on it.

25

	* dbus-marshal-validate-util.c: Test.

26

---

27

28

--- a/dbus/dbus-marshal-validate-util.c

29

+++ b/dbus/dbus-marshal-validate-util.c

30

@@ -228,6 +228,7 @@ _dbus_marshal_validate_test (void)

31

     "123",

32

     ".",

33

"("

34

+    "a{(ii)i}" /* https://bugs.freedesktop.org/show_bug.cgi?id=17803 */

35

};

36

37

   /* Signature with reason */

38

--- a/dbus/dbus-marshal-validate.c

39

+++ b/dbus/dbus-marshal-validate.c

40

@@ -247,6 +247,7 @@ _dbus_validate_signature_with_reason (co

41

}

42

43

       if (last == DBUS_DICT_ENTRY_BEGIN_CHAR &&

44

+          _dbus_type_is_valid (*p) &&

45

           !dbus_type_is_basic (*p))

46

{

47

           result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE;

1	cardoe 08/10/06 18:28:02
2
3	Added: dbus-1.2.3-panic-from-dbus_signature_validate.patch
4	Log:
5	Fix potential DoS issue. fdo bug #17803. Gentoo bug #240308
6	(Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo-r1 x86_64)
7
8	Revision Changes Path
9	1.1 sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch
10
11	file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&view=markup
12	plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&content-type=text/plain
13
14	Index: dbus-1.2.3-panic-from-dbus_signature_validate.patch
15	===================================================================
16	From: Colin Walters <walters@××××××.org>
17	Date: Wed, 1 Oct 2008 17:49:48 +0000 (-0400)
18	Subject: Bug 17803: Panic from dbus_signature_validate
19	X-Git-Url: http://gitweb.freedesktop.org/?p=dbus/dbus.git;a=commitdiff;h=7b10b46c5c8658449783ce45f1273dd35c353bce
20
21	Bug 17803: Panic from dbus_signature_validate
22
23	* dbus/dbus-marshal-validate.c: Ensure we validate
24	a basic type before calling is_basic on it.
25	* dbus-marshal-validate-util.c: Test.
26	---
27
28	--- a/dbus/dbus-marshal-validate-util.c
29	+++ b/dbus/dbus-marshal-validate-util.c
30	@@ -228,6 +228,7 @@ _dbus_marshal_validate_test (void)
31	"123",
32	".",
33	"("
34	+ "a{(ii)i}" /* https://bugs.freedesktop.org/show_bug.cgi?id=17803 */
35	};
36
37	/* Signature with reason */
38	--- a/dbus/dbus-marshal-validate.c
39	+++ b/dbus/dbus-marshal-validate.c
40	@@ -247,6 +247,7 @@ _dbus_validate_signature_with_reason (co
41	}
42
43	if (last == DBUS_DICT_ENTRY_BEGIN_CHAR &&
44	+ _dbus_type_is_valid (*p) &&
45	!dbus_type_is_basic (*p))
46	{
47	result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE;

Gentoo Archives: gentoo-commits