From: | "Doug Goldstein (cardoe)" <cardoe@g.o> |
---|---|
To: | gentoo-commits@l.g.o |
Subject: | [gentoo-commits] gentoo-x86 commit in sys-apps/dbus/files: dbus-1.2.3-panic-from-dbus_signature_validate.patch |
Date: | Mon, 06 Oct 2008 18:28:04 |
Message-Id: | E1KmuoM-0007Oc-5v@stork.gentoo.org |
1 | cardoe 08/10/06 18:28:02 |
2 | |
3 | Added: dbus-1.2.3-panic-from-dbus_signature_validate.patch |
4 | Log: |
5 | Fix potential DoS issue. fdo bug #17803. Gentoo bug #240308 |
6 | (Portage version: 2.2_rc11/cvs/Linux 2.6.26-gentoo-r1 x86_64) |
7 | |
8 | Revision Changes Path |
9 | 1.1 sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch |
10 | |
11 | file : http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&view=markup |
12 | plain: http://sources.gentoo.org/viewcvs.py/gentoo-x86/sys-apps/dbus/files/dbus-1.2.3-panic-from-dbus_signature_validate.patch?rev=1.1&content-type=text/plain |
13 | |
14 | Index: dbus-1.2.3-panic-from-dbus_signature_validate.patch |
15 | =================================================================== |
16 | From: Colin Walters <walters@××××××.org> |
17 | Date: Wed, 1 Oct 2008 17:49:48 +0000 (-0400) |
18 | Subject: Bug 17803: Panic from dbus_signature_validate |
19 | X-Git-Url: http://gitweb.freedesktop.org/?p=dbus/dbus.git;a=commitdiff;h=7b10b46c5c8658449783ce45f1273dd35c353bce |
20 | |
21 | Bug 17803: Panic from dbus_signature_validate |
22 | |
23 | * dbus/dbus-marshal-validate.c: Ensure we validate |
24 | a basic type before calling is_basic on it. |
25 | * dbus-marshal-validate-util.c: Test. |
26 | --- |
27 | |
28 | --- a/dbus/dbus-marshal-validate-util.c |
29 | +++ b/dbus/dbus-marshal-validate-util.c |
30 | @@ -228,6 +228,7 @@ _dbus_marshal_validate_test (void) |
31 | "123", |
32 | ".", |
33 | "(" |
34 | + "a{(ii)i}" /* https://bugs.freedesktop.org/show_bug.cgi?id=17803 */ |
35 | }; |
36 | |
37 | /* Signature with reason */ |
38 | --- a/dbus/dbus-marshal-validate.c |
39 | +++ b/dbus/dbus-marshal-validate.c |
40 | @@ -247,6 +247,7 @@ _dbus_validate_signature_with_reason (co |
41 | } |
42 | |
43 | if (last == DBUS_DICT_ENTRY_BEGIN_CHAR && |
44 | + _dbus_type_is_valid (*p) && |
45 | !dbus_type_is_basic (*p)) |
46 | { |
47 | result = DBUS_INVALID_DICT_KEY_MUST_BE_BASIC_TYPE; |