From 0596791a389a4b6b888b4ec6d50f648f45f8aa32 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= Date: Thu, 17 Nov 2022 02:07:14 +0100 Subject: [PATCH] Prevent crashes on some invalid DBus calls --- ...or-if-requested-service-is-not-found.patch | 56 +++++++++++++++++++ avahi.spec | 7 ++- 2 files changed, 62 insertions(+), 1 deletion(-) create mode 100644 0017-Emit-error-if-requested-service-is-not-found.patch diff --git a/0017-Emit-error-if-requested-service-is-not-found.patch b/0017-Emit-error-if-requested-service-is-not-found.patch new file mode 100644 index 0000000..bb22631 --- /dev/null +++ b/0017-Emit-error-if-requested-service-is-not-found.patch @@ -0,0 +1,56 @@ +From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= +Date: Thu, 17 Nov 2022 01:51:53 +0100 +Subject: [PATCH] Emit error if requested service is not found + +It currently just crashes instead of replying with error. Check return +value and emit error instead of passing NULL pointer to reply. + +Fixes #375 +--- + avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------ + 1 file changed, 14 insertions(+), 6 deletions(-) + +diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c +index 70d7687..406d0b4 100644 +--- a/avahi-daemon/dbus-protocol.c ++++ b/avahi-daemon/dbus-protocol.c +@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM + } + + t = avahi_alternative_host_name(n); +- avahi_dbus_respond_string(c, m, t); +- avahi_free(t); ++ if (t) { ++ avahi_dbus_respond_string(c, m, t); ++ avahi_free(t); + +- return DBUS_HANDLER_RESULT_HANDLED; ++ return DBUS_HANDLER_RESULT_HANDLED; ++ } else { ++ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found"); ++ } + } + + static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) { +@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB + } + + t = avahi_alternative_service_name(n); +- avahi_dbus_respond_string(c, m, t); +- avahi_free(t); ++ if (t) { ++ avahi_dbus_respond_string(c, m, t); ++ avahi_free(t); + +- return DBUS_HANDLER_RESULT_HANDLED; ++ return DBUS_HANDLER_RESULT_HANDLED; ++ } else { ++ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found"); ++ } + } + + static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) { +-- +2.38.1 + diff --git a/avahi.spec b/avahi.spec index 48baffa..f9b1bee 100644 --- a/avahi.spec +++ b/avahi.spec @@ -57,7 +57,7 @@ Name: avahi Version: 0.8 -Release: 21%{?dist} +Release: 22%{?dist} Summary: Local network service discovery License: LGPLv2+ URL: http://avahi.org @@ -155,6 +155,8 @@ Patch11: 0011-avahi_dns_packet_consume_uint32-fix-potential-undefi.patch # https://github.com/lathiat/avahi/pull/324 # https://github.com/lathiat/avahi/commit/9d31939e55280a733d930b15ac9e4dda4497680c Patch16: 0016-Fix-NULL-pointer-crashes-from-175.patch +# https://github.com/lathiat/avahi/pull/407 +Patch17: 0017-Emit-error-if-requested-service-is-not-found.patch ## downstream patches Patch100: avahi-0.6.30-mono-libdir.patch @@ -864,6 +866,9 @@ exit 0 %changelog +* Sun Mar 19 2023 Petr Menšík - 0.8-22 +- Prevent crashes on some invalid DBus calls + * Sun Mar 19 2023 Yaakov Selkowitz - 0.8-21 - Disable GTK2 in ELN/RHEL10 builds