Gentoo Archives: gentoo-commits

From: Mike Gilbert <floppym@g.o>
To: gentoo-commits@l.g.o
Subject: [gentoo-commits] repo/gentoo:master commit in: sys-apps/systemd/files/CVE-2019-6454/, sys-apps/systemd/files/
Date: Sat, 31 Aug 2019 00:06:47
Message-Id: 1567209981.13753ecee96cc81b190ac36776c8dedb2056d4b9.floppym@gentoo
1 commit: 13753ecee96cc81b190ac36776c8dedb2056d4b9
2 Author: Mike Gilbert <floppym <AT> gentoo <DOT> org>
3 AuthorDate: Sat Aug 31 00:06:21 2019 +0000
4 Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org>
5 CommitDate: Sat Aug 31 00:06:21 2019 +0000
6 URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13753ece
7
8 sys-apps/systemd: remove obsolete patches
9
10 Package-Manager: Portage-2.3.73_p4, Repoman-2.3.17_p24
11 Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org>
12
13 sys-apps/systemd/files/243-rc1-analyze.patch | 125 --------------
14 sys-apps/systemd/files/243-rc1-cryptsetup.patch | 148 ----------------
15 ...243-rc1-revert-logind-remove-unused-check.patch | 31 ----
16 .../systemd/files/243-rc1-udev-properties.patch | 53 ------
17 ...-message-paths-longer-than-BUS_PATH_SIZE_.patch | 48 ------
18 ...mporary-strings-to-hold-dbus-paths-on-the.patch | 188 ---------------------
19 6 files changed, 593 deletions(-)
20
21 diff --git a/sys-apps/systemd/files/243-rc1-analyze.patch b/sys-apps/systemd/files/243-rc1-analyze.patch
22 deleted file mode 100644
23 index e38b51eb121..00000000000
24 --- a/sys-apps/systemd/files/243-rc1-analyze.patch
25 +++ /dev/null
26 @@ -1,125 +0,0 @@
27 -From 417b82e1c341946d277383471f2972b7227061ff Mon Sep 17 00:00:00 2001
28 -From: Mike Gilbert <floppym@g.o>
29 -Date: Tue, 30 Jul 2019 14:51:38 -0400
30 -Subject: [PATCH] analyze: declare dump_exit_status outside of HAVE_SECCOMP
31 - block
32 -
33 -Fixes: 76ed04d936f757763c32db5dbaaebd8b13785d7b
34 -Closes: https://github.com/systemd/systemd/issues/13230
35 ----
36 - src/analyze/analyze.c | 92 +++++++++++++++++++++----------------------
37 - 1 file changed, 46 insertions(+), 46 deletions(-)
38 -
39 -diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c
40 -index f62879371d..4d81026084 100644
41 ---- a/src/analyze/analyze.c
42 -+++ b/src/analyze/analyze.c
43 -@@ -1608,6 +1608,52 @@ static int dump_unit_paths(int argc, char *argv[], void *userdata) {
44 - return 0;
45 - }
46 -
47 -+static int dump_exit_status(int argc, char *argv[], void *userdata) {
48 -+ _cleanup_(table_unrefp) Table *table = NULL;
49 -+ int r;
50 -+
51 -+ table = table_new("name", "status", "class");
52 -+ if (!table)
53 -+ return log_oom();
54 -+
55 -+ r = table_set_align_percent(table, table_get_cell(table, 0, 1), 100);
56 -+ if (r < 0)
57 -+ return log_error_errno(r, "Failed to right-align status: %m");
58 -+
59 -+ if (strv_isempty(strv_skip(argv, 1)))
60 -+ for (size_t i = 0; i < ELEMENTSOF(exit_status_mappings); i++) {
61 -+ if (!exit_status_mappings[i].name)
62 -+ continue;
63 -+
64 -+ r = table_add_many(table,
65 -+ TABLE_STRING, exit_status_mappings[i].name,
66 -+ TABLE_INT, (int) i,
67 -+ TABLE_STRING, exit_status_class(i));
68 -+ if (r < 0)
69 -+ return r;
70 -+ }
71 -+ else
72 -+ for (int i = 1; i < argc; i++) {
73 -+ int status;
74 -+
75 -+ status = exit_status_from_string(argv[i]);
76 -+ if (status < 0)
77 -+ return log_error_errno(r, "Invalid exit status \"%s\": %m", argv[i]);
78 -+
79 -+ assert(status >= 0 && (size_t) status < ELEMENTSOF(exit_status_mappings));
80 -+ r = table_add_many(table,
81 -+ TABLE_STRING, exit_status_mappings[status].name ?: "-",
82 -+ TABLE_INT, status,
83 -+ TABLE_STRING, exit_status_class(status) ?: "-");
84 -+ if (r < 0)
85 -+ return r;
86 -+ }
87 -+
88 -+ (void) pager_open(arg_pager_flags);
89 -+
90 -+ return table_print(table, NULL);
91 -+}
92 -+
93 - #if HAVE_SECCOMP
94 -
95 - static int load_kernel_syscalls(Set **ret) {
96 -@@ -1685,52 +1731,6 @@ static void dump_syscall_filter(const SyscallFilterSet *set) {
97 - printf(" %s%s%s\n", syscall[0] == '@' ? ansi_underline() : "", syscall, ansi_normal());
98 - }
99 -
100 --static int dump_exit_status(int argc, char *argv[], void *userdata) {
101 -- _cleanup_(table_unrefp) Table *table = NULL;
102 -- int r;
103 --
104 -- table = table_new("name", "status", "class");
105 -- if (!table)
106 -- return log_oom();
107 --
108 -- r = table_set_align_percent(table, table_get_cell(table, 0, 1), 100);
109 -- if (r < 0)
110 -- return log_error_errno(r, "Failed to right-align status: %m");
111 --
112 -- if (strv_isempty(strv_skip(argv, 1)))
113 -- for (size_t i = 0; i < ELEMENTSOF(exit_status_mappings); i++) {
114 -- if (!exit_status_mappings[i].name)
115 -- continue;
116 --
117 -- r = table_add_many(table,
118 -- TABLE_STRING, exit_status_mappings[i].name,
119 -- TABLE_INT, (int) i,
120 -- TABLE_STRING, exit_status_class(i));
121 -- if (r < 0)
122 -- return r;
123 -- }
124 -- else
125 -- for (int i = 1; i < argc; i++) {
126 -- int status;
127 --
128 -- status = exit_status_from_string(argv[i]);
129 -- if (status < 0)
130 -- return log_error_errno(r, "Invalid exit status \"%s\": %m", argv[i]);
131 --
132 -- assert(status >= 0 && (size_t) status < ELEMENTSOF(exit_status_mappings));
133 -- r = table_add_many(table,
134 -- TABLE_STRING, exit_status_mappings[status].name ?: "-",
135 -- TABLE_INT, status,
136 -- TABLE_STRING, exit_status_class(status) ?: "-");
137 -- if (r < 0)
138 -- return r;
139 -- }
140 --
141 -- (void) pager_open(arg_pager_flags);
142 --
143 -- return table_print(table, NULL);
144 --}
145 --
146 - static int dump_syscall_filters(int argc, char *argv[], void *userdata) {
147 - bool first = true;
148 -
149 ---
150 -2.22.0
151 -
152
153 diff --git a/sys-apps/systemd/files/243-rc1-cryptsetup.patch b/sys-apps/systemd/files/243-rc1-cryptsetup.patch
154 deleted file mode 100644
155 index e922d4d29cb..00000000000
156 --- a/sys-apps/systemd/files/243-rc1-cryptsetup.patch
157 +++ /dev/null
158 @@ -1,148 +0,0 @@
159 -From f4ea8432e67110b73b07dd0e47a5339d83b350fb Mon Sep 17 00:00:00 2001
160 -From: Lennart Poettering <lennart@××××××××××.net>
161 -Date: Wed, 31 Jul 2019 09:38:15 +0200
162 -Subject: [PATCH] cryptsetup-generator: fix coverity issue
163 -
164 -Fixes coverity issue 1403772
165 ----
166 - src/cryptsetup/cryptsetup-generator.c | 16 ++++++++--------
167 - 1 file changed, 8 insertions(+), 8 deletions(-)
168 -
169 -diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
170 -index c51bb9ae189..960f4762b7d 100644
171 ---- a/src/cryptsetup/cryptsetup-generator.c
172 -+++ b/src/cryptsetup/cryptsetup-generator.c
173 -@@ -46,30 +46,30 @@ STATIC_DESTRUCTOR_REGISTER(arg_disks, hashmap_freep);
174 - STATIC_DESTRUCTOR_REGISTER(arg_default_options, freep);
175 - STATIC_DESTRUCTOR_REGISTER(arg_default_keyfile, freep);
176 -
177 --static int split_keyspec(const char *keyspec, char **keyfile, char **keydev) {
178 -+static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_keydev) {
179 - _cleanup_free_ char *kfile = NULL, *kdev = NULL;
180 -- char *c;
181 -+ const char *c;
182 -
183 - assert(keyspec);
184 -- assert(keyfile);
185 -- assert(keydev);
186 -+ assert(ret_keyfile);
187 -+ assert(ret_keydev);
188 -
189 - c = strrchr(keyspec, ':');
190 - if (c) {
191 - kfile = strndup(keyspec, c-keyspec);
192 - kdev = strdup(c + 1);
193 -- if (!*kfile || !*kdev)
194 -+ if (!kfile || !kdev)
195 - return log_oom();
196 - } else {
197 - /* No keydev specified */
198 - kfile = strdup(keyspec);
199 - kdev = NULL;
200 -- if (!*kfile)
201 -+ if (!kfile)
202 - return log_oom();
203 - }
204 -
205 -- *keyfile = TAKE_PTR(kfile);
206 -- *keydev = TAKE_PTR(kdev);
207 -+ *ret_keyfile = TAKE_PTR(kfile);
208 -+ *ret_keydev = TAKE_PTR(kdev);
209 -
210 - return 0;
211 - }
212 -From 5d2100dc4c32abbce4109e75cbfbbef6e1b2b7b1 Mon Sep 17 00:00:00 2001
213 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@××××××.pl>
214 -Date: Thu, 1 Aug 2019 08:13:13 +0200
215 -Subject: [PATCH] cryptsetup: use unabbrieviated variable names
216 -
217 -Now that "ret_" has been added to the output variables, we can name
218 -the internal variables without artificial abbrevs.
219 ----
220 - src/cryptsetup/cryptsetup-generator.c | 18 +++++++++---------
221 - 1 file changed, 9 insertions(+), 9 deletions(-)
222 -
223 -diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
224 -index 960f4762b7d..84483143945 100644
225 ---- a/src/cryptsetup/cryptsetup-generator.c
226 -+++ b/src/cryptsetup/cryptsetup-generator.c
227 -@@ -47,7 +47,7 @@ STATIC_DESTRUCTOR_REGISTER(arg_default_options, freep);
228 - STATIC_DESTRUCTOR_REGISTER(arg_default_keyfile, freep);
229 -
230 - static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_keydev) {
231 -- _cleanup_free_ char *kfile = NULL, *kdev = NULL;
232 -+ _cleanup_free_ char *keyfile = NULL, *keydev = NULL;
233 - const char *c;
234 -
235 - assert(keyspec);
236 -@@ -56,20 +56,20 @@ static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_key
237 -
238 - c = strrchr(keyspec, ':');
239 - if (c) {
240 -- kfile = strndup(keyspec, c-keyspec);
241 -- kdev = strdup(c + 1);
242 -- if (!kfile || !kdev)
243 -+ keyfile = strndup(keyspec, c-keyspec);
244 -+ keydev = strdup(c + 1);
245 -+ if (!keyfile || !keydev)
246 - return log_oom();
247 - } else {
248 - /* No keydev specified */
249 -- kfile = strdup(keyspec);
250 -- kdev = NULL;
251 -- if (!kfile)
252 -+ keyfile = strdup(keyspec);
253 -+ keydev = NULL;
254 -+ if (!keyfile)
255 - return log_oom();
256 - }
257 -
258 -- *ret_keyfile = TAKE_PTR(kfile);
259 -- *ret_keydev = TAKE_PTR(kdev);
260 -+ *ret_keyfile = TAKE_PTR(keyfile);
261 -+ *ret_keydev = TAKE_PTR(keydev);
262 -
263 - return 0;
264 - }
265 -From fef716b28be6e866b8afe995805d5ebe2af6bbfa Mon Sep 17 00:00:00 2001
266 -From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@××××××.pl>
267 -Date: Thu, 1 Aug 2019 08:15:43 +0200
268 -Subject: [PATCH] cryptsetup: don't assert on variable which is optional
269 -
270 -https://github.com/systemd/systemd/commit/50d2eba27b9bfc77ef6b40e5721713846815418b#commitcomment-34519739
271 -
272 -In add_crypttab_devices() split_keyspec is called on the keyfile argument,
273 -which may be NULL.
274 ----
275 - src/cryptsetup/cryptsetup-generator.c | 8 ++++++--
276 - 1 file changed, 6 insertions(+), 2 deletions(-)
277 -
278 -diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c
279 -index 84483143945..4815ded753f 100644
280 ---- a/src/cryptsetup/cryptsetup-generator.c
281 -+++ b/src/cryptsetup/cryptsetup-generator.c
282 -@@ -50,10 +50,14 @@ static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_key
283 - _cleanup_free_ char *keyfile = NULL, *keydev = NULL;
284 - const char *c;
285 -
286 -- assert(keyspec);
287 - assert(ret_keyfile);
288 - assert(ret_keydev);
289 -
290 -+ if (!keyspec) {
291 -+ *ret_keyfile = *ret_keydev = NULL;
292 -+ return 0;
293 -+ }
294 -+
295 - c = strrchr(keyspec, ':');
296 - if (c) {
297 - keyfile = strndup(keyspec, c-keyspec);
298 -@@ -567,7 +571,7 @@ static int add_crypttab_devices(void) {
299 - }
300 -
301 - for (;;) {
302 -- _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keydev = NULL, *keyfile = NULL, *keyspec = NULL, *options = NULL;
303 -+ _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keyspec = NULL, *options = NULL, *keyfile = NULL, *keydev = NULL;
304 - crypto_device *d = NULL;
305 - char *l, *uuid;
306 - int k;
307
308 diff --git a/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch b/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch
309 deleted file mode 100644
310 index 30a20c17661..00000000000
311 --- a/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch
312 +++ /dev/null
313 @@ -1,31 +0,0 @@
314 -From 18f689b1fa35c53580da62bfce875fb15d20d448 Mon Sep 17 00:00:00 2001
315 -From: Yu Watanabe <watanabe.yu+github@×××××.com>
316 -Date: Sun, 4 Aug 2019 05:43:34 +0900
317 -Subject: [PATCH] Revert "logind: remove unused check"
318 -
319 -This reverts commit f2330acda408a34451d5e15380fcdd225a672473.
320 -
321 -Fixes #13255.
322 ----
323 - src/login/logind-action.c | 8 ++++++--
324 - 1 file changed, 6 insertions(+), 2 deletions(-)
325 -
326 -diff --git a/src/login/logind-action.c b/src/login/logind-action.c
327 -index fa92f4870a2..140953eec10 100644
328 ---- a/src/login/logind-action.c
329 -+++ b/src/login/logind-action.c
330 -@@ -61,8 +61,12 @@ int manager_handle_action(
331 - int r;
332 -
333 - assert(m);
334 -- /* We should be called only with valid actions different than HANDLE_IGNORE. */
335 -- assert(handle > HANDLE_IGNORE && handle < _HANDLE_ACTION_MAX);
336 -+
337 -+ /* If the key handling is turned off, don't do anything */
338 -+ if (handle == HANDLE_IGNORE) {
339 -+ log_debug("Refusing operation, as it is turned off.");
340 -+ return 0;
341 -+ }
342 -
343 - if (inhibit_key == INHIBIT_HANDLE_LID_SWITCH) {
344 - /* If the last system suspend or startup is too close,
345
346 diff --git a/sys-apps/systemd/files/243-rc1-udev-properties.patch b/sys-apps/systemd/files/243-rc1-udev-properties.patch
347 deleted file mode 100644
348 index 5e2ffa1868a..00000000000
349 --- a/sys-apps/systemd/files/243-rc1-udev-properties.patch
350 +++ /dev/null
351 @@ -1,53 +0,0 @@
352 -From 41c81c4a626fda0969fc09ddeb8addb7aae6e4d9 Mon Sep 17 00:00:00 2001
353 -From: Yu Watanabe <watanabe.yu+github@×××××.com>
354 -Date: Sun, 4 Aug 2019 06:08:06 +0900
355 -Subject: [PATCH] udev: do not try to import properties on commented out lines
356 -
357 -Fixes #13257.
358 ----
359 - src/udev/udev-rules.c | 10 ++++++++--
360 - 1 file changed, 8 insertions(+), 2 deletions(-)
361 -
362 -diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c
363 -index 3473a7eb7e5..1642f105354 100644
364 ---- a/src/udev/udev-rules.c
365 -+++ b/src/udev/udev-rules.c
366 -@@ -1401,8 +1401,10 @@ static int get_property_from_string(char *line, char **ret_key, char **ret_value
367 - key = skip_leading_chars(line, NULL);
368 -
369 - /* comment or empty line */
370 -- if (IN_SET(key[0], '#', '\0'))
371 -+ if (IN_SET(key[0], '#', '\0')) {
372 -+ *ret_key = *ret_value = NULL;
373 - return 0;
374 -+ }
375 -
376 - /* split key/value */
377 - val = strchr(key, '=');
378 -@@ -1429,7 +1431,7 @@ static int get_property_from_string(char *line, char **ret_key, char **ret_value
379 -
380 - *ret_key = key;
381 - *ret_value = val;
382 -- return 0;
383 -+ return 1;
384 - }
385 -
386 - static int import_parent_into_properties(sd_device *dev, const char *filter) {
387 -@@ -1681,6 +1683,8 @@ static int udev_rule_apply_token_to_event(
388 - line);
389 - continue;
390 - }
391 -+ if (r == 0)
392 -+ continue;
393 -
394 - r = device_add_property(dev, key, value);
395 - if (r < 0)
396 -@@ -1719,6 +1723,8 @@ static int udev_rule_apply_token_to_event(
397 - line);
398 - continue;
399 - }
400 -+ if (r == 0)
401 -+ continue;
402 -
403 - r = device_add_property(dev, key, value);
404 - if (r < 0)
405
406 diff --git a/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch b/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch
407 deleted file mode 100644
408 index 6a0c8d1b0c5..00000000000
409 --- a/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch
410 +++ /dev/null
411 @@ -1,48 +0,0 @@
412 -From 29de632674473729d1e9497b6fe47e7c88682ed9 Mon Sep 17 00:00:00 2001
413 -From: Riccardo Schirone <rschiron@××××××.com>
414 -Date: Mon, 4 Feb 2019 14:29:09 +0100
415 -Subject: [PATCH 1/3] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX
416 - limit.
417 -
418 -Even though the dbus specification does not enforce any length limit on the
419 -path of a dbus message, having to analyze too long strings in PID1 may be
420 -time-consuming and it may have security impacts.
421 -
422 -In any case, the limit is set so high that real-life applications should not
423 -have a problem with it.
424 ----
425 - src/libsystemd/sd-bus/bus-internal.c | 2 +-
426 - src/libsystemd/sd-bus/bus-internal.h | 4 ++++
427 - 2 files changed, 5 insertions(+), 1 deletion(-)
428 -
429 -diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c
430 -index 40acae2133..598b7f110c 100644
431 ---- a/src/libsystemd/sd-bus/bus-internal.c
432 -+++ b/src/libsystemd/sd-bus/bus-internal.c
433 -@@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) {
434 - if (slash)
435 - return false;
436 -
437 -- return true;
438 -+ return (q - p) <= BUS_PATH_SIZE_MAX;
439 - }
440 -
441 - char* object_path_startswith(const char *a, const char *b) {
442 -diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h
443 -index f208b294d8..a8d61bf72a 100644
444 ---- a/src/libsystemd/sd-bus/bus-internal.h
445 -+++ b/src/libsystemd/sd-bus/bus-internal.h
446 -@@ -332,6 +332,10 @@ struct sd_bus {
447 -
448 - #define BUS_MESSAGE_SIZE_MAX (128*1024*1024)
449 - #define BUS_AUTH_SIZE_MAX (64*1024)
450 -+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one
451 -+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however,
452 -+ * to not clash unnecessarily with real-life applications. */
453 -+#define BUS_PATH_SIZE_MAX (64*1024)
454 -
455 - #define BUS_CONTAINER_DEPTH 128
456 -
457 ---
458 -2.20.1
459 -
460
461 diff --git a/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch b/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch
462 deleted file mode 100644
463 index bbc6db974d4..00000000000
464 --- a/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch
465 +++ /dev/null
466 @@ -1,188 +0,0 @@
467 -From 1ffe59592c5cbf924eb81a3662b4252ba6de7132 Mon Sep 17 00:00:00 2001
468 -From: Riccardo Schirone <rschiron@××××××.com>
469 -Date: Mon, 4 Feb 2019 14:29:28 +0100
470 -Subject: [PATCH 2/3] Allocate temporary strings to hold dbus paths on the heap
471 -
472 -Paths are limited to BUS_PATH_SIZE_MAX but the maximum size is anyway too big
473 -to be allocated on the stack, so let's switch to the heap where there is a
474 -clear way to understand if the allocation fails.
475 ----
476 - src/libsystemd/sd-bus/bus-objects.c | 68 +++++++++++++++++++++++------
477 - 1 file changed, 54 insertions(+), 14 deletions(-)
478 -
479 -diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c
480 -index 58329f3fe7..54b977418e 100644
481 ---- a/src/libsystemd/sd-bus/bus-objects.c
482 -+++ b/src/libsystemd/sd-bus/bus-objects.c
483 -@@ -1133,7 +1133,8 @@ static int object_manager_serialize_path_and_fallbacks(
484 - const char *path,
485 - sd_bus_error *error) {
486 -
487 -- char *prefix;
488 -+ _cleanup_free_ char *prefix = NULL;
489 -+ size_t pl;
490 - int r;
491 -
492 - assert(bus);
493 -@@ -1149,7 +1150,12 @@ static int object_manager_serialize_path_and_fallbacks(
494 - return 0;
495 -
496 - /* Second, add fallback vtables registered for any of the prefixes */
497 -- prefix = newa(char, strlen(path) + 1);
498 -+ pl = strlen(path);
499 -+ assert(pl <= BUS_PATH_SIZE_MAX);
500 -+ prefix = new(char, pl + 1);
501 -+ if (!prefix)
502 -+ return -ENOMEM;
503 -+
504 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
505 - r = object_manager_serialize_path(bus, reply, prefix, path, true, error);
506 - if (r < 0)
507 -@@ -1345,6 +1351,7 @@ static int object_find_and_run(
508 - }
509 -
510 - int bus_process_object(sd_bus *bus, sd_bus_message *m) {
511 -+ _cleanup_free_ char *prefix = NULL;
512 - int r;
513 - size_t pl;
514 - bool found_object = false;
515 -@@ -1369,9 +1376,12 @@ int bus_process_object(sd_bus *bus, sd_bus_message *m) {
516 - assert(m->member);
517 -
518 - pl = strlen(m->path);
519 -- do {
520 -- char prefix[pl+1];
521 -+ assert(pl <= BUS_PATH_SIZE_MAX);
522 -+ prefix = new(char, pl + 1);
523 -+ if (!prefix)
524 -+ return -ENOMEM;
525 -
526 -+ do {
527 - bus->nodes_modified = false;
528 -
529 - r = object_find_and_run(bus, m, m->path, false, &found_object);
530 -@@ -1498,9 +1508,15 @@ static int bus_find_parent_object_manager(sd_bus *bus, struct node **out, const
531 -
532 - n = hashmap_get(bus->nodes, path);
533 - if (!n) {
534 -- char *prefix;
535 -+ _cleanup_free_ char *prefix = NULL;
536 -+ size_t pl;
537 -+
538 -+ pl = strlen(path);
539 -+ assert(pl <= BUS_PATH_SIZE_MAX);
540 -+ prefix = new(char, pl + 1);
541 -+ if (!prefix)
542 -+ return -ENOMEM;
543 -
544 -- prefix = newa(char, strlen(path) + 1);
545 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
546 - n = hashmap_get(bus->nodes, prefix);
547 - if (n)
548 -@@ -2083,8 +2099,9 @@ _public_ int sd_bus_emit_properties_changed_strv(
549 - const char *interface,
550 - char **names) {
551 -
552 -+ _cleanup_free_ char *prefix = NULL;
553 - bool found_interface = false;
554 -- char *prefix;
555 -+ size_t pl;
556 - int r;
557 -
558 - assert_return(bus, -EINVAL);
559 -@@ -2105,6 +2122,12 @@ _public_ int sd_bus_emit_properties_changed_strv(
560 -
561 - BUS_DONT_DESTROY(bus);
562 -
563 -+ pl = strlen(path);
564 -+ assert(pl <= BUS_PATH_SIZE_MAX);
565 -+ prefix = new(char, pl + 1);
566 -+ if (!prefix)
567 -+ return -ENOMEM;
568 -+
569 - do {
570 - bus->nodes_modified = false;
571 -
572 -@@ -2114,7 +2137,6 @@ _public_ int sd_bus_emit_properties_changed_strv(
573 - if (bus->nodes_modified)
574 - continue;
575 -
576 -- prefix = newa(char, strlen(path) + 1);
577 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
578 - r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names);
579 - if (r != 0)
580 -@@ -2246,7 +2268,8 @@ static int object_added_append_all_prefix(
581 -
582 - static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
583 - _cleanup_set_free_ Set *s = NULL;
584 -- char *prefix;
585 -+ _cleanup_free_ char *prefix = NULL;
586 -+ size_t pl;
587 - int r;
588 -
589 - assert(bus);
590 -@@ -2291,7 +2314,12 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p
591 - if (bus->nodes_modified)
592 - return 0;
593 -
594 -- prefix = newa(char, strlen(path) + 1);
595 -+ pl = strlen(path);
596 -+ assert(pl <= BUS_PATH_SIZE_MAX);
597 -+ prefix = new(char, pl + 1);
598 -+ if (!prefix)
599 -+ return -ENOMEM;
600 -+
601 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
602 - r = object_added_append_all_prefix(bus, m, s, prefix, path, true);
603 - if (r < 0)
604 -@@ -2430,7 +2458,8 @@ static int object_removed_append_all_prefix(
605 -
606 - static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) {
607 - _cleanup_set_free_ Set *s = NULL;
608 -- char *prefix;
609 -+ _cleanup_free_ char *prefix = NULL;
610 -+ size_t pl;
611 - int r;
612 -
613 - assert(bus);
614 -@@ -2462,7 +2491,12 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char
615 - if (bus->nodes_modified)
616 - return 0;
617 -
618 -- prefix = newa(char, strlen(path) + 1);
619 -+ pl = strlen(path);
620 -+ assert(pl <= BUS_PATH_SIZE_MAX);
621 -+ prefix = new(char, pl + 1);
622 -+ if (!prefix)
623 -+ return -ENOMEM;
624 -+
625 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
626 - r = object_removed_append_all_prefix(bus, m, s, prefix, path, true);
627 - if (r < 0)
628 -@@ -2612,7 +2646,8 @@ static int interfaces_added_append_one(
629 - const char *path,
630 - const char *interface) {
631 -
632 -- char *prefix;
633 -+ _cleanup_free_ char *prefix = NULL;
634 -+ size_t pl;
635 - int r;
636 -
637 - assert(bus);
638 -@@ -2626,7 +2661,12 @@ static int interfaces_added_append_one(
639 - if (bus->nodes_modified)
640 - return 0;
641 -
642 -- prefix = newa(char, strlen(path) + 1);
643 -+ pl = strlen(path);
644 -+ assert(pl <= BUS_PATH_SIZE_MAX);
645 -+ prefix = new(char, pl + 1);
646 -+ if (!prefix)
647 -+ return -ENOMEM;
648 -+
649 - OBJECT_PATH_FOREACH_PREFIX(prefix, path) {
650 - r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true);
651 - if (r != 0)
652 ---
653 -2.20.1
654 -