9bcf4fe361
Resolves: RHEL-165633 Fix arbitrary file deletion on host via improper cache file path validation Resolves: RHEL-170160
39 lines
1.5 KiB
Diff
39 lines
1.5 KiB
Diff
From 8d1e978c6a582b1603dccb7fe9340e15787f6297 Mon Sep 17 00:00:00 2001
|
|
From: Xiangzhe <xiangzhedev@gmail.com>
|
|
Date: Wed, 8 Apr 2026 12:27:28 +0800
|
|
Subject: [PATCH] run: Fix checking wrong variable in runtime fd selection
|
|
|
|
In flatpak_run_app(), the else-if branch that handles
|
|
FLATPAK_RUN_APP_DEPLOY_USR_ORIGINAL was checking custom_app_fd instead
|
|
of custom_runtime_fd. When custom_app_fd is APP_EMPTY (-3) and
|
|
custom_runtime_fd is USR_ORIGINAL (-2), the condition would not match
|
|
and fall through to g_assert_not_reached(), aborting the process.
|
|
|
|
This broke sub-sandbox spawning with --app-path="" (empty app), which
|
|
is used by steam-runtime-check-requirements to verify that Flatpak's
|
|
sub-sandbox mechanism works.
|
|
|
|
Fixes: ac62ebe3 "run: Use O_PATH fds for the runtime and app deploy directories"
|
|
Helps: https://github.com/flatpak/flatpak/issues/6568
|
|
(cherry picked from commit 066babba75d355d077ea11091e5f65d3b0e0d818)
|
|
---
|
|
common/flatpak-run.c | 2 +-
|
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
|
|
|
diff --git a/common/flatpak-run.c b/common/flatpak-run.c
|
|
index 9087be23..4ffc5fa3 100644
|
|
--- a/common/flatpak-run.c
|
|
+++ b/common/flatpak-run.c
|
|
@@ -4350,7 +4350,7 @@ flatpak_run_app (FlatpakDecomposed *app_ref,
|
|
runtime_fd = custom_runtime_fd;
|
|
runtime_files = custom_runtime_files;
|
|
}
|
|
- else if (custom_app_fd == FLATPAK_RUN_APP_DEPLOY_USR_ORIGINAL)
|
|
+ else if (custom_runtime_fd == FLATPAK_RUN_APP_DEPLOY_USR_ORIGINAL)
|
|
{
|
|
original_runtime_target_path = "/usr";
|
|
runtime_fd = original_runtime_fd;
|
|
--
|
|
2.54.0
|
|
|