33bd28439a
Resolves: RHEL-25776
Author: Bastien Nocera <bnocera@redhat.com>
Date: Wed Feb 14 15:54:55 2024 +0100
Upgrade to 5.72, the latest stable version of bluez. In addition to
bringing many bug fixes, updating to this version also provides us with:
- support for SecureConnections configuration option (added in 5.67),
which makes it possible to require SecureConnections for environments
that need it, making it possible to avoid a whole class of possible
security vulnerabilities. The default is most compatible.
- 25a471a83e02 ("input.conf: Change default of ClassicBondedOnly") which
fixes CVE-2023-45866
- should fix the crash when a specific keyboard is connected:
https://issues.redhat.com/browse/RHEL-1930
Patches updated:
- 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch was updated
to the latest upstream submission.
Patches upstreamed in 5.65:
- 0001-client-gatt-Fix-memory-leak-issues.patch is obsoleted by
b4233bca181580800b483a228ca5377efcfeb844
- 0002-mesh-appkey-Fix-memory-leaks.patch is obsoleted by
5eb96b3ec8545047a74d7204664267c7aa749070
- 0003-monitor-Fix-memory-leaks.patch is obsoleted by
6f02010ce0043ec2e17eb15f2a1dd42f6c64e223 and
1d6cfb8e625a944010956714c1802bc1e1fc6c4f
- 0004-sixaxis-Fix-memory-leaks.patch is obsoleted by
fc57aa92a4f32f7c0f38198e6d26b529b537a047
- 0005-cltest-Fix-leaked_handle.patch is obsoleted by
f4743109f381a4d53b476c5b77c7c68a6aa40b59
- 0006-create-image-Fix-leaked_handle.patch is obsoleted by
4ae130455b173650f564d92f7908a7ca4f7b1ee6
- 0007-l2cap-tester-Fix-leaked_handle.patch is obsoleted by
4334be027ae1ad50193025c90e77a76b64464b53
- 0008-mesh-mesh-db-Fix-resource-leaks.patch is obsoleted by
35cbfd9660949fca23418bfa32fd51d81ed91208
- 0009-obex-client-Fix-leaked_handle.patch is obsoleted by
39b638526d9a45d54d2d6e3f175fd7eb057ef8f0
- 0010-pbap-Fix-memory-leak.patch is obsoleted by
06d3c7429ad6bdf6eef1bcedee327e74a33c40bf
- 0011-meshctl-Fix-possible-use_after_free.patch is obsoleted by
56bda20ce9e3e5c4684b37cffd4527264c2b4c1e
- 0012-mesh-gatt-Fix-use_after_free.patch is obsoleted by
5cdaeaefc350ea3c42719284b88406579d032fb6
- 0001-gatt-Fix-double-free-and-freed-memory-dereference.patch is
obsoleted by 3627eddea13042ffc0848ae37356f30335ce2e4b
Signed-off-by: David Marlin <dmarlin@redhat.com>
53 lines
1.7 KiB
Diff
53 lines
1.7 KiB
Diff
From 873e49357081e5c5d8d3d23759f1723db7292bf6 Mon Sep 17 00:00:00 2001
|
|
From: Bastien Nocera <hadess@hadess.net>
|
|
Date: Mon, 12 Feb 2024 20:02:45 +0000
|
|
Subject: [PATCH] obex: Use GLib helper function to manipulate paths
|
|
|
|
Instead of trying to do it by hand. This also makes sure that
|
|
relative paths aren't used by the agent.
|
|
|
|
[Emil Velikov]
|
|
Originally this patch was posted in 2013, but deferred since bluez was
|
|
planning to move away from glib. Presently there's no obvious action
|
|
towards that goal, so I think we can safely land this.
|
|
|
|
As mentioned by the author, current code allows for relative paths and
|
|
considering that obexd service runs without meaningful sandboxing and on
|
|
some distributions it is ran as root, we should plug the whole before
|
|
anyone (ab)uses it.
|
|
---
|
|
obexd/src/manager.c | 15 +++++----------
|
|
1 file changed, 5 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/obexd/src/manager.c b/obexd/src/manager.c
|
|
index 73fd6b9aff15..cc1de7ae2ed3 100644
|
|
--- a/obexd/src/manager.c
|
|
+++ b/obexd/src/manager.c
|
|
@@ -644,18 +644,13 @@ static void agent_reply(DBusPendingCall *call, void *user_data)
|
|
DBUS_TYPE_STRING, &name,
|
|
DBUS_TYPE_INVALID)) {
|
|
/* Splits folder and name */
|
|
- const char *slash = strrchr(name, '/');
|
|
+ gboolean is_relative = !g_path_is_absolute(name);
|
|
DBG("Agent replied with %s", name);
|
|
- if (!slash) {
|
|
- agent->new_name = g_strdup(name);
|
|
+ agent->new_name = g_path_get_basename(name);
|
|
+ if (is_relative)
|
|
agent->new_folder = NULL;
|
|
- } else {
|
|
- if (strlen(slash) == 1)
|
|
- agent->new_name = NULL;
|
|
- else
|
|
- agent->new_name = g_strdup(slash + 1);
|
|
- agent->new_folder = g_strndup(name, slash - name);
|
|
- }
|
|
+ else
|
|
+ agent->new_folder = g_path_get_dirname(name);
|
|
}
|
|
|
|
dbus_message_unref(reply);
|
|
--
|
|
2.43.0
|
|
|