1 |
commit: 13753ecee96cc81b190ac36776c8dedb2056d4b9 |
2 |
Author: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
3 |
AuthorDate: Sat Aug 31 00:06:21 2019 +0000 |
4 |
Commit: Mike Gilbert <floppym <AT> gentoo <DOT> org> |
5 |
CommitDate: Sat Aug 31 00:06:21 2019 +0000 |
6 |
URL: https://gitweb.gentoo.org/repo/gentoo.git/commit/?id=13753ece |
7 |
|
8 |
sys-apps/systemd: remove obsolete patches |
9 |
|
10 |
Package-Manager: Portage-2.3.73_p4, Repoman-2.3.17_p24 |
11 |
Signed-off-by: Mike Gilbert <floppym <AT> gentoo.org> |
12 |
|
13 |
sys-apps/systemd/files/243-rc1-analyze.patch | 125 -------------- |
14 |
sys-apps/systemd/files/243-rc1-cryptsetup.patch | 148 ---------------- |
15 |
...243-rc1-revert-logind-remove-unused-check.patch | 31 ---- |
16 |
.../systemd/files/243-rc1-udev-properties.patch | 53 ------ |
17 |
...-message-paths-longer-than-BUS_PATH_SIZE_.patch | 48 ------ |
18 |
...mporary-strings-to-hold-dbus-paths-on-the.patch | 188 --------------------- |
19 |
6 files changed, 593 deletions(-) |
20 |
|
21 |
diff --git a/sys-apps/systemd/files/243-rc1-analyze.patch b/sys-apps/systemd/files/243-rc1-analyze.patch |
22 |
deleted file mode 100644 |
23 |
index e38b51eb121..00000000000 |
24 |
--- a/sys-apps/systemd/files/243-rc1-analyze.patch |
25 |
+++ /dev/null |
26 |
@@ -1,125 +0,0 @@ |
27 |
-From 417b82e1c341946d277383471f2972b7227061ff Mon Sep 17 00:00:00 2001 |
28 |
-From: Mike Gilbert <floppym@g.o> |
29 |
-Date: Tue, 30 Jul 2019 14:51:38 -0400 |
30 |
-Subject: [PATCH] analyze: declare dump_exit_status outside of HAVE_SECCOMP |
31 |
- block |
32 |
- |
33 |
-Fixes: 76ed04d936f757763c32db5dbaaebd8b13785d7b |
34 |
-Closes: https://github.com/systemd/systemd/issues/13230 |
35 |
---- |
36 |
- src/analyze/analyze.c | 92 +++++++++++++++++++++---------------------- |
37 |
- 1 file changed, 46 insertions(+), 46 deletions(-) |
38 |
- |
39 |
-diff --git a/src/analyze/analyze.c b/src/analyze/analyze.c |
40 |
-index f62879371d..4d81026084 100644 |
41 |
---- a/src/analyze/analyze.c |
42 |
-+++ b/src/analyze/analyze.c |
43 |
-@@ -1608,6 +1608,52 @@ static int dump_unit_paths(int argc, char *argv[], void *userdata) { |
44 |
- return 0; |
45 |
- } |
46 |
- |
47 |
-+static int dump_exit_status(int argc, char *argv[], void *userdata) { |
48 |
-+ _cleanup_(table_unrefp) Table *table = NULL; |
49 |
-+ int r; |
50 |
-+ |
51 |
-+ table = table_new("name", "status", "class"); |
52 |
-+ if (!table) |
53 |
-+ return log_oom(); |
54 |
-+ |
55 |
-+ r = table_set_align_percent(table, table_get_cell(table, 0, 1), 100); |
56 |
-+ if (r < 0) |
57 |
-+ return log_error_errno(r, "Failed to right-align status: %m"); |
58 |
-+ |
59 |
-+ if (strv_isempty(strv_skip(argv, 1))) |
60 |
-+ for (size_t i = 0; i < ELEMENTSOF(exit_status_mappings); i++) { |
61 |
-+ if (!exit_status_mappings[i].name) |
62 |
-+ continue; |
63 |
-+ |
64 |
-+ r = table_add_many(table, |
65 |
-+ TABLE_STRING, exit_status_mappings[i].name, |
66 |
-+ TABLE_INT, (int) i, |
67 |
-+ TABLE_STRING, exit_status_class(i)); |
68 |
-+ if (r < 0) |
69 |
-+ return r; |
70 |
-+ } |
71 |
-+ else |
72 |
-+ for (int i = 1; i < argc; i++) { |
73 |
-+ int status; |
74 |
-+ |
75 |
-+ status = exit_status_from_string(argv[i]); |
76 |
-+ if (status < 0) |
77 |
-+ return log_error_errno(r, "Invalid exit status \"%s\": %m", argv[i]); |
78 |
-+ |
79 |
-+ assert(status >= 0 && (size_t) status < ELEMENTSOF(exit_status_mappings)); |
80 |
-+ r = table_add_many(table, |
81 |
-+ TABLE_STRING, exit_status_mappings[status].name ?: "-", |
82 |
-+ TABLE_INT, status, |
83 |
-+ TABLE_STRING, exit_status_class(status) ?: "-"); |
84 |
-+ if (r < 0) |
85 |
-+ return r; |
86 |
-+ } |
87 |
-+ |
88 |
-+ (void) pager_open(arg_pager_flags); |
89 |
-+ |
90 |
-+ return table_print(table, NULL); |
91 |
-+} |
92 |
-+ |
93 |
- #if HAVE_SECCOMP |
94 |
- |
95 |
- static int load_kernel_syscalls(Set **ret) { |
96 |
-@@ -1685,52 +1731,6 @@ static void dump_syscall_filter(const SyscallFilterSet *set) { |
97 |
- printf(" %s%s%s\n", syscall[0] == '@' ? ansi_underline() : "", syscall, ansi_normal()); |
98 |
- } |
99 |
- |
100 |
--static int dump_exit_status(int argc, char *argv[], void *userdata) { |
101 |
-- _cleanup_(table_unrefp) Table *table = NULL; |
102 |
-- int r; |
103 |
-- |
104 |
-- table = table_new("name", "status", "class"); |
105 |
-- if (!table) |
106 |
-- return log_oom(); |
107 |
-- |
108 |
-- r = table_set_align_percent(table, table_get_cell(table, 0, 1), 100); |
109 |
-- if (r < 0) |
110 |
-- return log_error_errno(r, "Failed to right-align status: %m"); |
111 |
-- |
112 |
-- if (strv_isempty(strv_skip(argv, 1))) |
113 |
-- for (size_t i = 0; i < ELEMENTSOF(exit_status_mappings); i++) { |
114 |
-- if (!exit_status_mappings[i].name) |
115 |
-- continue; |
116 |
-- |
117 |
-- r = table_add_many(table, |
118 |
-- TABLE_STRING, exit_status_mappings[i].name, |
119 |
-- TABLE_INT, (int) i, |
120 |
-- TABLE_STRING, exit_status_class(i)); |
121 |
-- if (r < 0) |
122 |
-- return r; |
123 |
-- } |
124 |
-- else |
125 |
-- for (int i = 1; i < argc; i++) { |
126 |
-- int status; |
127 |
-- |
128 |
-- status = exit_status_from_string(argv[i]); |
129 |
-- if (status < 0) |
130 |
-- return log_error_errno(r, "Invalid exit status \"%s\": %m", argv[i]); |
131 |
-- |
132 |
-- assert(status >= 0 && (size_t) status < ELEMENTSOF(exit_status_mappings)); |
133 |
-- r = table_add_many(table, |
134 |
-- TABLE_STRING, exit_status_mappings[status].name ?: "-", |
135 |
-- TABLE_INT, status, |
136 |
-- TABLE_STRING, exit_status_class(status) ?: "-"); |
137 |
-- if (r < 0) |
138 |
-- return r; |
139 |
-- } |
140 |
-- |
141 |
-- (void) pager_open(arg_pager_flags); |
142 |
-- |
143 |
-- return table_print(table, NULL); |
144 |
--} |
145 |
-- |
146 |
- static int dump_syscall_filters(int argc, char *argv[], void *userdata) { |
147 |
- bool first = true; |
148 |
- |
149 |
--- |
150 |
-2.22.0 |
151 |
- |
152 |
|
153 |
diff --git a/sys-apps/systemd/files/243-rc1-cryptsetup.patch b/sys-apps/systemd/files/243-rc1-cryptsetup.patch |
154 |
deleted file mode 100644 |
155 |
index e922d4d29cb..00000000000 |
156 |
--- a/sys-apps/systemd/files/243-rc1-cryptsetup.patch |
157 |
+++ /dev/null |
158 |
@@ -1,148 +0,0 @@ |
159 |
-From f4ea8432e67110b73b07dd0e47a5339d83b350fb Mon Sep 17 00:00:00 2001 |
160 |
-From: Lennart Poettering <lennart@××××××××××.net> |
161 |
-Date: Wed, 31 Jul 2019 09:38:15 +0200 |
162 |
-Subject: [PATCH] cryptsetup-generator: fix coverity issue |
163 |
- |
164 |
-Fixes coverity issue 1403772 |
165 |
---- |
166 |
- src/cryptsetup/cryptsetup-generator.c | 16 ++++++++-------- |
167 |
- 1 file changed, 8 insertions(+), 8 deletions(-) |
168 |
- |
169 |
-diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c |
170 |
-index c51bb9ae189..960f4762b7d 100644 |
171 |
---- a/src/cryptsetup/cryptsetup-generator.c |
172 |
-+++ b/src/cryptsetup/cryptsetup-generator.c |
173 |
-@@ -46,30 +46,30 @@ STATIC_DESTRUCTOR_REGISTER(arg_disks, hashmap_freep); |
174 |
- STATIC_DESTRUCTOR_REGISTER(arg_default_options, freep); |
175 |
- STATIC_DESTRUCTOR_REGISTER(arg_default_keyfile, freep); |
176 |
- |
177 |
--static int split_keyspec(const char *keyspec, char **keyfile, char **keydev) { |
178 |
-+static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_keydev) { |
179 |
- _cleanup_free_ char *kfile = NULL, *kdev = NULL; |
180 |
-- char *c; |
181 |
-+ const char *c; |
182 |
- |
183 |
- assert(keyspec); |
184 |
-- assert(keyfile); |
185 |
-- assert(keydev); |
186 |
-+ assert(ret_keyfile); |
187 |
-+ assert(ret_keydev); |
188 |
- |
189 |
- c = strrchr(keyspec, ':'); |
190 |
- if (c) { |
191 |
- kfile = strndup(keyspec, c-keyspec); |
192 |
- kdev = strdup(c + 1); |
193 |
-- if (!*kfile || !*kdev) |
194 |
-+ if (!kfile || !kdev) |
195 |
- return log_oom(); |
196 |
- } else { |
197 |
- /* No keydev specified */ |
198 |
- kfile = strdup(keyspec); |
199 |
- kdev = NULL; |
200 |
-- if (!*kfile) |
201 |
-+ if (!kfile) |
202 |
- return log_oom(); |
203 |
- } |
204 |
- |
205 |
-- *keyfile = TAKE_PTR(kfile); |
206 |
-- *keydev = TAKE_PTR(kdev); |
207 |
-+ *ret_keyfile = TAKE_PTR(kfile); |
208 |
-+ *ret_keydev = TAKE_PTR(kdev); |
209 |
- |
210 |
- return 0; |
211 |
- } |
212 |
-From 5d2100dc4c32abbce4109e75cbfbbef6e1b2b7b1 Mon Sep 17 00:00:00 2001 |
213 |
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@××××××.pl> |
214 |
-Date: Thu, 1 Aug 2019 08:13:13 +0200 |
215 |
-Subject: [PATCH] cryptsetup: use unabbrieviated variable names |
216 |
- |
217 |
-Now that "ret_" has been added to the output variables, we can name |
218 |
-the internal variables without artificial abbrevs. |
219 |
---- |
220 |
- src/cryptsetup/cryptsetup-generator.c | 18 +++++++++--------- |
221 |
- 1 file changed, 9 insertions(+), 9 deletions(-) |
222 |
- |
223 |
-diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c |
224 |
-index 960f4762b7d..84483143945 100644 |
225 |
---- a/src/cryptsetup/cryptsetup-generator.c |
226 |
-+++ b/src/cryptsetup/cryptsetup-generator.c |
227 |
-@@ -47,7 +47,7 @@ STATIC_DESTRUCTOR_REGISTER(arg_default_options, freep); |
228 |
- STATIC_DESTRUCTOR_REGISTER(arg_default_keyfile, freep); |
229 |
- |
230 |
- static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_keydev) { |
231 |
-- _cleanup_free_ char *kfile = NULL, *kdev = NULL; |
232 |
-+ _cleanup_free_ char *keyfile = NULL, *keydev = NULL; |
233 |
- const char *c; |
234 |
- |
235 |
- assert(keyspec); |
236 |
-@@ -56,20 +56,20 @@ static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_key |
237 |
- |
238 |
- c = strrchr(keyspec, ':'); |
239 |
- if (c) { |
240 |
-- kfile = strndup(keyspec, c-keyspec); |
241 |
-- kdev = strdup(c + 1); |
242 |
-- if (!kfile || !kdev) |
243 |
-+ keyfile = strndup(keyspec, c-keyspec); |
244 |
-+ keydev = strdup(c + 1); |
245 |
-+ if (!keyfile || !keydev) |
246 |
- return log_oom(); |
247 |
- } else { |
248 |
- /* No keydev specified */ |
249 |
-- kfile = strdup(keyspec); |
250 |
-- kdev = NULL; |
251 |
-- if (!kfile) |
252 |
-+ keyfile = strdup(keyspec); |
253 |
-+ keydev = NULL; |
254 |
-+ if (!keyfile) |
255 |
- return log_oom(); |
256 |
- } |
257 |
- |
258 |
-- *ret_keyfile = TAKE_PTR(kfile); |
259 |
-- *ret_keydev = TAKE_PTR(kdev); |
260 |
-+ *ret_keyfile = TAKE_PTR(keyfile); |
261 |
-+ *ret_keydev = TAKE_PTR(keydev); |
262 |
- |
263 |
- return 0; |
264 |
- } |
265 |
-From fef716b28be6e866b8afe995805d5ebe2af6bbfa Mon Sep 17 00:00:00 2001 |
266 |
-From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@××××××.pl> |
267 |
-Date: Thu, 1 Aug 2019 08:15:43 +0200 |
268 |
-Subject: [PATCH] cryptsetup: don't assert on variable which is optional |
269 |
- |
270 |
-https://github.com/systemd/systemd/commit/50d2eba27b9bfc77ef6b40e5721713846815418b#commitcomment-34519739 |
271 |
- |
272 |
-In add_crypttab_devices() split_keyspec is called on the keyfile argument, |
273 |
-which may be NULL. |
274 |
---- |
275 |
- src/cryptsetup/cryptsetup-generator.c | 8 ++++++-- |
276 |
- 1 file changed, 6 insertions(+), 2 deletions(-) |
277 |
- |
278 |
-diff --git a/src/cryptsetup/cryptsetup-generator.c b/src/cryptsetup/cryptsetup-generator.c |
279 |
-index 84483143945..4815ded753f 100644 |
280 |
---- a/src/cryptsetup/cryptsetup-generator.c |
281 |
-+++ b/src/cryptsetup/cryptsetup-generator.c |
282 |
-@@ -50,10 +50,14 @@ static int split_keyspec(const char *keyspec, char **ret_keyfile, char **ret_key |
283 |
- _cleanup_free_ char *keyfile = NULL, *keydev = NULL; |
284 |
- const char *c; |
285 |
- |
286 |
-- assert(keyspec); |
287 |
- assert(ret_keyfile); |
288 |
- assert(ret_keydev); |
289 |
- |
290 |
-+ if (!keyspec) { |
291 |
-+ *ret_keyfile = *ret_keydev = NULL; |
292 |
-+ return 0; |
293 |
-+ } |
294 |
-+ |
295 |
- c = strrchr(keyspec, ':'); |
296 |
- if (c) { |
297 |
- keyfile = strndup(keyspec, c-keyspec); |
298 |
-@@ -567,7 +571,7 @@ static int add_crypttab_devices(void) { |
299 |
- } |
300 |
- |
301 |
- for (;;) { |
302 |
-- _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keydev = NULL, *keyfile = NULL, *keyspec = NULL, *options = NULL; |
303 |
-+ _cleanup_free_ char *line = NULL, *name = NULL, *device = NULL, *keyspec = NULL, *options = NULL, *keyfile = NULL, *keydev = NULL; |
304 |
- crypto_device *d = NULL; |
305 |
- char *l, *uuid; |
306 |
- int k; |
307 |
|
308 |
diff --git a/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch b/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch |
309 |
deleted file mode 100644 |
310 |
index 30a20c17661..00000000000 |
311 |
--- a/sys-apps/systemd/files/243-rc1-revert-logind-remove-unused-check.patch |
312 |
+++ /dev/null |
313 |
@@ -1,31 +0,0 @@ |
314 |
-From 18f689b1fa35c53580da62bfce875fb15d20d448 Mon Sep 17 00:00:00 2001 |
315 |
-From: Yu Watanabe <watanabe.yu+github@×××××.com> |
316 |
-Date: Sun, 4 Aug 2019 05:43:34 +0900 |
317 |
-Subject: [PATCH] Revert "logind: remove unused check" |
318 |
- |
319 |
-This reverts commit f2330acda408a34451d5e15380fcdd225a672473. |
320 |
- |
321 |
-Fixes #13255. |
322 |
---- |
323 |
- src/login/logind-action.c | 8 ++++++-- |
324 |
- 1 file changed, 6 insertions(+), 2 deletions(-) |
325 |
- |
326 |
-diff --git a/src/login/logind-action.c b/src/login/logind-action.c |
327 |
-index fa92f4870a2..140953eec10 100644 |
328 |
---- a/src/login/logind-action.c |
329 |
-+++ b/src/login/logind-action.c |
330 |
-@@ -61,8 +61,12 @@ int manager_handle_action( |
331 |
- int r; |
332 |
- |
333 |
- assert(m); |
334 |
-- /* We should be called only with valid actions different than HANDLE_IGNORE. */ |
335 |
-- assert(handle > HANDLE_IGNORE && handle < _HANDLE_ACTION_MAX); |
336 |
-+ |
337 |
-+ /* If the key handling is turned off, don't do anything */ |
338 |
-+ if (handle == HANDLE_IGNORE) { |
339 |
-+ log_debug("Refusing operation, as it is turned off."); |
340 |
-+ return 0; |
341 |
-+ } |
342 |
- |
343 |
- if (inhibit_key == INHIBIT_HANDLE_LID_SWITCH) { |
344 |
- /* If the last system suspend or startup is too close, |
345 |
|
346 |
diff --git a/sys-apps/systemd/files/243-rc1-udev-properties.patch b/sys-apps/systemd/files/243-rc1-udev-properties.patch |
347 |
deleted file mode 100644 |
348 |
index 5e2ffa1868a..00000000000 |
349 |
--- a/sys-apps/systemd/files/243-rc1-udev-properties.patch |
350 |
+++ /dev/null |
351 |
@@ -1,53 +0,0 @@ |
352 |
-From 41c81c4a626fda0969fc09ddeb8addb7aae6e4d9 Mon Sep 17 00:00:00 2001 |
353 |
-From: Yu Watanabe <watanabe.yu+github@×××××.com> |
354 |
-Date: Sun, 4 Aug 2019 06:08:06 +0900 |
355 |
-Subject: [PATCH] udev: do not try to import properties on commented out lines |
356 |
- |
357 |
-Fixes #13257. |
358 |
---- |
359 |
- src/udev/udev-rules.c | 10 ++++++++-- |
360 |
- 1 file changed, 8 insertions(+), 2 deletions(-) |
361 |
- |
362 |
-diff --git a/src/udev/udev-rules.c b/src/udev/udev-rules.c |
363 |
-index 3473a7eb7e5..1642f105354 100644 |
364 |
---- a/src/udev/udev-rules.c |
365 |
-+++ b/src/udev/udev-rules.c |
366 |
-@@ -1401,8 +1401,10 @@ static int get_property_from_string(char *line, char **ret_key, char **ret_value |
367 |
- key = skip_leading_chars(line, NULL); |
368 |
- |
369 |
- /* comment or empty line */ |
370 |
-- if (IN_SET(key[0], '#', '\0')) |
371 |
-+ if (IN_SET(key[0], '#', '\0')) { |
372 |
-+ *ret_key = *ret_value = NULL; |
373 |
- return 0; |
374 |
-+ } |
375 |
- |
376 |
- /* split key/value */ |
377 |
- val = strchr(key, '='); |
378 |
-@@ -1429,7 +1431,7 @@ static int get_property_from_string(char *line, char **ret_key, char **ret_value |
379 |
- |
380 |
- *ret_key = key; |
381 |
- *ret_value = val; |
382 |
-- return 0; |
383 |
-+ return 1; |
384 |
- } |
385 |
- |
386 |
- static int import_parent_into_properties(sd_device *dev, const char *filter) { |
387 |
-@@ -1681,6 +1683,8 @@ static int udev_rule_apply_token_to_event( |
388 |
- line); |
389 |
- continue; |
390 |
- } |
391 |
-+ if (r == 0) |
392 |
-+ continue; |
393 |
- |
394 |
- r = device_add_property(dev, key, value); |
395 |
- if (r < 0) |
396 |
-@@ -1719,6 +1723,8 @@ static int udev_rule_apply_token_to_event( |
397 |
- line); |
398 |
- continue; |
399 |
- } |
400 |
-+ if (r == 0) |
401 |
-+ continue; |
402 |
- |
403 |
- r = device_add_property(dev, key, value); |
404 |
- if (r < 0) |
405 |
|
406 |
diff --git a/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch b/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch |
407 |
deleted file mode 100644 |
408 |
index 6a0c8d1b0c5..00000000000 |
409 |
--- a/sys-apps/systemd/files/CVE-2019-6454/0001-Refuse-dbus-message-paths-longer-than-BUS_PATH_SIZE_.patch |
410 |
+++ /dev/null |
411 |
@@ -1,48 +0,0 @@ |
412 |
-From 29de632674473729d1e9497b6fe47e7c88682ed9 Mon Sep 17 00:00:00 2001 |
413 |
-From: Riccardo Schirone <rschiron@××××××.com> |
414 |
-Date: Mon, 4 Feb 2019 14:29:09 +0100 |
415 |
-Subject: [PATCH 1/3] Refuse dbus message paths longer than BUS_PATH_SIZE_MAX |
416 |
- limit. |
417 |
- |
418 |
-Even though the dbus specification does not enforce any length limit on the |
419 |
-path of a dbus message, having to analyze too long strings in PID1 may be |
420 |
-time-consuming and it may have security impacts. |
421 |
- |
422 |
-In any case, the limit is set so high that real-life applications should not |
423 |
-have a problem with it. |
424 |
---- |
425 |
- src/libsystemd/sd-bus/bus-internal.c | 2 +- |
426 |
- src/libsystemd/sd-bus/bus-internal.h | 4 ++++ |
427 |
- 2 files changed, 5 insertions(+), 1 deletion(-) |
428 |
- |
429 |
-diff --git a/src/libsystemd/sd-bus/bus-internal.c b/src/libsystemd/sd-bus/bus-internal.c |
430 |
-index 40acae2133..598b7f110c 100644 |
431 |
---- a/src/libsystemd/sd-bus/bus-internal.c |
432 |
-+++ b/src/libsystemd/sd-bus/bus-internal.c |
433 |
-@@ -43,7 +43,7 @@ bool object_path_is_valid(const char *p) { |
434 |
- if (slash) |
435 |
- return false; |
436 |
- |
437 |
-- return true; |
438 |
-+ return (q - p) <= BUS_PATH_SIZE_MAX; |
439 |
- } |
440 |
- |
441 |
- char* object_path_startswith(const char *a, const char *b) { |
442 |
-diff --git a/src/libsystemd/sd-bus/bus-internal.h b/src/libsystemd/sd-bus/bus-internal.h |
443 |
-index f208b294d8..a8d61bf72a 100644 |
444 |
---- a/src/libsystemd/sd-bus/bus-internal.h |
445 |
-+++ b/src/libsystemd/sd-bus/bus-internal.h |
446 |
-@@ -332,6 +332,10 @@ struct sd_bus { |
447 |
- |
448 |
- #define BUS_MESSAGE_SIZE_MAX (128*1024*1024) |
449 |
- #define BUS_AUTH_SIZE_MAX (64*1024) |
450 |
-+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one |
451 |
-+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however, |
452 |
-+ * to not clash unnecessarily with real-life applications. */ |
453 |
-+#define BUS_PATH_SIZE_MAX (64*1024) |
454 |
- |
455 |
- #define BUS_CONTAINER_DEPTH 128 |
456 |
- |
457 |
--- |
458 |
-2.20.1 |
459 |
- |
460 |
|
461 |
diff --git a/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch b/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch |
462 |
deleted file mode 100644 |
463 |
index bbc6db974d4..00000000000 |
464 |
--- a/sys-apps/systemd/files/CVE-2019-6454/0002-Allocate-temporary-strings-to-hold-dbus-paths-on-the.patch |
465 |
+++ /dev/null |
466 |
@@ -1,188 +0,0 @@ |
467 |
-From 1ffe59592c5cbf924eb81a3662b4252ba6de7132 Mon Sep 17 00:00:00 2001 |
468 |
-From: Riccardo Schirone <rschiron@××××××.com> |
469 |
-Date: Mon, 4 Feb 2019 14:29:28 +0100 |
470 |
-Subject: [PATCH 2/3] Allocate temporary strings to hold dbus paths on the heap |
471 |
- |
472 |
-Paths are limited to BUS_PATH_SIZE_MAX but the maximum size is anyway too big |
473 |
-to be allocated on the stack, so let's switch to the heap where there is a |
474 |
-clear way to understand if the allocation fails. |
475 |
---- |
476 |
- src/libsystemd/sd-bus/bus-objects.c | 68 +++++++++++++++++++++++------ |
477 |
- 1 file changed, 54 insertions(+), 14 deletions(-) |
478 |
- |
479 |
-diff --git a/src/libsystemd/sd-bus/bus-objects.c b/src/libsystemd/sd-bus/bus-objects.c |
480 |
-index 58329f3fe7..54b977418e 100644 |
481 |
---- a/src/libsystemd/sd-bus/bus-objects.c |
482 |
-+++ b/src/libsystemd/sd-bus/bus-objects.c |
483 |
-@@ -1133,7 +1133,8 @@ static int object_manager_serialize_path_and_fallbacks( |
484 |
- const char *path, |
485 |
- sd_bus_error *error) { |
486 |
- |
487 |
-- char *prefix; |
488 |
-+ _cleanup_free_ char *prefix = NULL; |
489 |
-+ size_t pl; |
490 |
- int r; |
491 |
- |
492 |
- assert(bus); |
493 |
-@@ -1149,7 +1150,12 @@ static int object_manager_serialize_path_and_fallbacks( |
494 |
- return 0; |
495 |
- |
496 |
- /* Second, add fallback vtables registered for any of the prefixes */ |
497 |
-- prefix = newa(char, strlen(path) + 1); |
498 |
-+ pl = strlen(path); |
499 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
500 |
-+ prefix = new(char, pl + 1); |
501 |
-+ if (!prefix) |
502 |
-+ return -ENOMEM; |
503 |
-+ |
504 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
505 |
- r = object_manager_serialize_path(bus, reply, prefix, path, true, error); |
506 |
- if (r < 0) |
507 |
-@@ -1345,6 +1351,7 @@ static int object_find_and_run( |
508 |
- } |
509 |
- |
510 |
- int bus_process_object(sd_bus *bus, sd_bus_message *m) { |
511 |
-+ _cleanup_free_ char *prefix = NULL; |
512 |
- int r; |
513 |
- size_t pl; |
514 |
- bool found_object = false; |
515 |
-@@ -1369,9 +1376,12 @@ int bus_process_object(sd_bus *bus, sd_bus_message *m) { |
516 |
- assert(m->member); |
517 |
- |
518 |
- pl = strlen(m->path); |
519 |
-- do { |
520 |
-- char prefix[pl+1]; |
521 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
522 |
-+ prefix = new(char, pl + 1); |
523 |
-+ if (!prefix) |
524 |
-+ return -ENOMEM; |
525 |
- |
526 |
-+ do { |
527 |
- bus->nodes_modified = false; |
528 |
- |
529 |
- r = object_find_and_run(bus, m, m->path, false, &found_object); |
530 |
-@@ -1498,9 +1508,15 @@ static int bus_find_parent_object_manager(sd_bus *bus, struct node **out, const |
531 |
- |
532 |
- n = hashmap_get(bus->nodes, path); |
533 |
- if (!n) { |
534 |
-- char *prefix; |
535 |
-+ _cleanup_free_ char *prefix = NULL; |
536 |
-+ size_t pl; |
537 |
-+ |
538 |
-+ pl = strlen(path); |
539 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
540 |
-+ prefix = new(char, pl + 1); |
541 |
-+ if (!prefix) |
542 |
-+ return -ENOMEM; |
543 |
- |
544 |
-- prefix = newa(char, strlen(path) + 1); |
545 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
546 |
- n = hashmap_get(bus->nodes, prefix); |
547 |
- if (n) |
548 |
-@@ -2083,8 +2099,9 @@ _public_ int sd_bus_emit_properties_changed_strv( |
549 |
- const char *interface, |
550 |
- char **names) { |
551 |
- |
552 |
-+ _cleanup_free_ char *prefix = NULL; |
553 |
- bool found_interface = false; |
554 |
-- char *prefix; |
555 |
-+ size_t pl; |
556 |
- int r; |
557 |
- |
558 |
- assert_return(bus, -EINVAL); |
559 |
-@@ -2105,6 +2122,12 @@ _public_ int sd_bus_emit_properties_changed_strv( |
560 |
- |
561 |
- BUS_DONT_DESTROY(bus); |
562 |
- |
563 |
-+ pl = strlen(path); |
564 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
565 |
-+ prefix = new(char, pl + 1); |
566 |
-+ if (!prefix) |
567 |
-+ return -ENOMEM; |
568 |
-+ |
569 |
- do { |
570 |
- bus->nodes_modified = false; |
571 |
- |
572 |
-@@ -2114,7 +2137,6 @@ _public_ int sd_bus_emit_properties_changed_strv( |
573 |
- if (bus->nodes_modified) |
574 |
- continue; |
575 |
- |
576 |
-- prefix = newa(char, strlen(path) + 1); |
577 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
578 |
- r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names); |
579 |
- if (r != 0) |
580 |
-@@ -2246,7 +2268,8 @@ static int object_added_append_all_prefix( |
581 |
- |
582 |
- static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { |
583 |
- _cleanup_set_free_ Set *s = NULL; |
584 |
-- char *prefix; |
585 |
-+ _cleanup_free_ char *prefix = NULL; |
586 |
-+ size_t pl; |
587 |
- int r; |
588 |
- |
589 |
- assert(bus); |
590 |
-@@ -2291,7 +2314,12 @@ static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *p |
591 |
- if (bus->nodes_modified) |
592 |
- return 0; |
593 |
- |
594 |
-- prefix = newa(char, strlen(path) + 1); |
595 |
-+ pl = strlen(path); |
596 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
597 |
-+ prefix = new(char, pl + 1); |
598 |
-+ if (!prefix) |
599 |
-+ return -ENOMEM; |
600 |
-+ |
601 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
602 |
- r = object_added_append_all_prefix(bus, m, s, prefix, path, true); |
603 |
- if (r < 0) |
604 |
-@@ -2430,7 +2458,8 @@ static int object_removed_append_all_prefix( |
605 |
- |
606 |
- static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { |
607 |
- _cleanup_set_free_ Set *s = NULL; |
608 |
-- char *prefix; |
609 |
-+ _cleanup_free_ char *prefix = NULL; |
610 |
-+ size_t pl; |
611 |
- int r; |
612 |
- |
613 |
- assert(bus); |
614 |
-@@ -2462,7 +2491,12 @@ static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char |
615 |
- if (bus->nodes_modified) |
616 |
- return 0; |
617 |
- |
618 |
-- prefix = newa(char, strlen(path) + 1); |
619 |
-+ pl = strlen(path); |
620 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
621 |
-+ prefix = new(char, pl + 1); |
622 |
-+ if (!prefix) |
623 |
-+ return -ENOMEM; |
624 |
-+ |
625 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
626 |
- r = object_removed_append_all_prefix(bus, m, s, prefix, path, true); |
627 |
- if (r < 0) |
628 |
-@@ -2612,7 +2646,8 @@ static int interfaces_added_append_one( |
629 |
- const char *path, |
630 |
- const char *interface) { |
631 |
- |
632 |
-- char *prefix; |
633 |
-+ _cleanup_free_ char *prefix = NULL; |
634 |
-+ size_t pl; |
635 |
- int r; |
636 |
- |
637 |
- assert(bus); |
638 |
-@@ -2626,7 +2661,12 @@ static int interfaces_added_append_one( |
639 |
- if (bus->nodes_modified) |
640 |
- return 0; |
641 |
- |
642 |
-- prefix = newa(char, strlen(path) + 1); |
643 |
-+ pl = strlen(path); |
644 |
-+ assert(pl <= BUS_PATH_SIZE_MAX); |
645 |
-+ prefix = new(char, pl + 1); |
646 |
-+ if (!prefix) |
647 |
-+ return -ENOMEM; |
648 |
-+ |
649 |
- OBJECT_PATH_FOREACH_PREFIX(prefix, path) { |
650 |
- r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true); |
651 |
- if (r != 0) |
652 |
--- |
653 |
-2.20.1 |
654 |
- |