33bd28439a
Resolves: RHEL-25776 Author: Bastien Nocera <bnocera@redhat.com> Date: Wed Feb 14 15:54:55 2024 +0100 Upgrade to 5.72, the latest stable version of bluez. In addition to bringing many bug fixes, updating to this version also provides us with: - support for SecureConnections configuration option (added in 5.67), which makes it possible to require SecureConnections for environments that need it, making it possible to avoid a whole class of possible security vulnerabilities. The default is most compatible. - 25a471a83e02 ("input.conf: Change default of ClassicBondedOnly") which fixes CVE-2023-45866 - should fix the crash when a specific keyboard is connected: https://issues.redhat.com/browse/RHEL-1930 Patches updated: - 0001-obex-Use-GLib-helper-function-to-manipulate-paths.patch was updated to the latest upstream submission. Patches upstreamed in 5.65: - 0001-client-gatt-Fix-memory-leak-issues.patch is obsoleted by b4233bca181580800b483a228ca5377efcfeb844 - 0002-mesh-appkey-Fix-memory-leaks.patch is obsoleted by 5eb96b3ec8545047a74d7204664267c7aa749070 - 0003-monitor-Fix-memory-leaks.patch is obsoleted by 6f02010ce0043ec2e17eb15f2a1dd42f6c64e223 and 1d6cfb8e625a944010956714c1802bc1e1fc6c4f - 0004-sixaxis-Fix-memory-leaks.patch is obsoleted by fc57aa92a4f32f7c0f38198e6d26b529b537a047 - 0005-cltest-Fix-leaked_handle.patch is obsoleted by f4743109f381a4d53b476c5b77c7c68a6aa40b59 - 0006-create-image-Fix-leaked_handle.patch is obsoleted by 4ae130455b173650f564d92f7908a7ca4f7b1ee6 - 0007-l2cap-tester-Fix-leaked_handle.patch is obsoleted by 4334be027ae1ad50193025c90e77a76b64464b53 - 0008-mesh-mesh-db-Fix-resource-leaks.patch is obsoleted by 35cbfd9660949fca23418bfa32fd51d81ed91208 - 0009-obex-client-Fix-leaked_handle.patch is obsoleted by 39b638526d9a45d54d2d6e3f175fd7eb057ef8f0 - 0010-pbap-Fix-memory-leak.patch is obsoleted by 06d3c7429ad6bdf6eef1bcedee327e74a33c40bf - 0011-meshctl-Fix-possible-use_after_free.patch is obsoleted by 56bda20ce9e3e5c4684b37cffd4527264c2b4c1e - 0012-mesh-gatt-Fix-use_after_free.patch is obsoleted by 5cdaeaefc350ea3c42719284b88406579d032fb6 - 0001-gatt-Fix-double-free-and-freed-memory-dereference.patch is obsoleted by 3627eddea13042ffc0848ae37356f30335ce2e4b Signed-off-by: David Marlin <dmarlin@redhat.com>
53 lines
1.7 KiB
Diff
53 lines
1.7 KiB
Diff
From 873e49357081e5c5d8d3d23759f1723db7292bf6 Mon Sep 17 00:00:00 2001
|
|
From: Bastien Nocera <hadess@hadess.net>
|
|
Date: Mon, 12 Feb 2024 20:02:45 +0000
|
|
Subject: [PATCH] obex: Use GLib helper function to manipulate paths
|
|
|
|
Instead of trying to do it by hand. This also makes sure that
|
|
relative paths aren't used by the agent.
|
|
|
|
[Emil Velikov]
|
|
Originally this patch was posted in 2013, but deferred since bluez was
|
|
planning to move away from glib. Presently there's no obvious action
|
|
towards that goal, so I think we can safely land this.
|
|
|
|
As mentioned by the author, current code allows for relative paths and
|
|
considering that obexd service runs without meaningful sandboxing and on
|
|
some distributions it is ran as root, we should plug the whole before
|
|
anyone (ab)uses it.
|
|
---
|
|
obexd/src/manager.c | 15 +++++----------
|
|
1 file changed, 5 insertions(+), 10 deletions(-)
|
|
|
|
diff --git a/obexd/src/manager.c b/obexd/src/manager.c
|
|
index 73fd6b9aff15..cc1de7ae2ed3 100644
|
|
--- a/obexd/src/manager.c
|
|
+++ b/obexd/src/manager.c
|
|
@@ -644,18 +644,13 @@ static void agent_reply(DBusPendingCall *call, void *user_data)
|
|
DBUS_TYPE_STRING, &name,
|
|
DBUS_TYPE_INVALID)) {
|
|
/* Splits folder and name */
|
|
- const char *slash = strrchr(name, '/');
|
|
+ gboolean is_relative = !g_path_is_absolute(name);
|
|
DBG("Agent replied with %s", name);
|
|
- if (!slash) {
|
|
- agent->new_name = g_strdup(name);
|
|
+ agent->new_name = g_path_get_basename(name);
|
|
+ if (is_relative)
|
|
agent->new_folder = NULL;
|
|
- } else {
|
|
- if (strlen(slash) == 1)
|
|
- agent->new_name = NULL;
|
|
- else
|
|
- agent->new_name = g_strdup(slash + 1);
|
|
- agent->new_folder = g_strndup(name, slash - name);
|
|
- }
|
|
+ else
|
|
+ agent->new_folder = g_path_get_dirname(name);
|
|
}
|
|
|
|
dbus_message_unref(reply);
|
|
--
|
|
2.43.0
|
|
|