Fix g_get_user_database_entry() crash when used with nss-systemd

Resolves: #2004711
2021-09-15 15:15:48 -05:00 · 2021-09-15 15:15:48 -05:00 · cedbd042db
commit cedbd042db
parent 89f56b1d19
2 changed files with 60 additions and 7 deletions
--- a/2244.patch
+++ b/2244.patch
@ -0,0 +1,49 @@
+From b6036e23b0477be147211b4e21a6b49cd4d6c9a0 Mon Sep 17 00:00:00 2001
+From: Jamie Bainbridge <jamie.bainbridge@gmail.com>
+Date: Wed, 8 Sep 2021 12:08:17 +1000
+Subject: [PATCH] gutils: Avoid segfault in g_get_user_database_entry
+
+g_get_user_database_entry() uses variable pwd to store the contents of
+the call to getpwnam_r(), then capitalises the first letter of pw_name
+with g_ascii_toupper (pw->pw_name[0]).
+
+However, as per the getpwnam manpage, the result of that call "may point
+to a static area". When this happens, GLib is trying to edit static
+memory which belongs to a shared library, so segfaults.
+
+Instead, copy pw_name off to a temporary variable, set uppercase on
+that variable, and use the variable to join into the desired string.
+Free the new variable after it is no longer needed.
+
+Signed-off-by: Jamie Bainbridge <jamie.bainbridge@gmail.com>
+---
+ glib/gutils.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+
+diff --git a/glib/gutils.c b/glib/gutils.c
+index b7a2113d4..4bccd7229 100644
+--- a/glib/gutils.c
+++ b/glib/gutils.c
+@@ -692,14 +692,17 @@ g_get_user_database_entry (void)
+               {
+                 gchar **gecos_fields;
+                 gchar **name_parts;
+                gchar *uppercase_pw_name;
+ 
+                 /* split the gecos field and substitute '&' */
+                 gecos_fields = g_strsplit (pw->pw_gecos, ",", 0);
+                 name_parts = g_strsplit (gecos_fields[0], "&", 0);
+-                pw->pw_name[0] = g_ascii_toupper (pw->pw_name[0]);
+-                e.real_name = g_strjoinv (pw->pw_name, name_parts);
+                uppercase_pw_name = g_strdup (pw->pw_name);
+                uppercase_pw_name[0] = g_ascii_toupper (uppercase_pw_name[0]);
+                e.real_name = g_strjoinv (uppercase_pw_name, name_parts);
+                 g_strfreev (gecos_fields);
+                 g_strfreev (name_parts);
+                g_free (uppercase_pw_name);
+               }
+ #endif
+ 
+-- 
+GitLab
+
--- a/glib2.spec
+++ b/glib2.spec
@ -1,6 +1,6 @@
 Name: glib2
 Version: 2.68.4
-Release: 1%{?dist}
+Release: 2%{?dist}
 Summary: A library of handy utility functions

 License: LGPLv2+
@ -21,9 +21,12 @@ Patch1: 1596.patch
 # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/1965
 # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2194
 # https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2222
-Patch3: 1965.patch
-Patch4: 2194.patch
-Patch5: 2222.patch
+Patch2: 1965.patch
+Patch3: 2194.patch
+Patch4: 2222.patch
+
+# https://gitlab.gnome.org/GNOME/glib/-/merge_requests/2244
+Patch5: 2244.patch

 BuildRequires: chrpath
 BuildRequires: gcc
@ -110,9 +113,6 @@ the functionality of the installed glib2 package.
 # Bug 1324770: Also explicitly remove PCRE sources since we use --with-pcre=system
 rm glib/pcre/*.[ch]

-# We cannot build with GnuTLS in Fedora since there is no gnutls-static
-# subpackage. (glib2-static is needed by qemu in Fedora, but not in RHEL.)
-# Accordingly, we can't build a usable glib2-static in RHEL.
 %meson \
    -Dman=true \
    -Ddtrace=true \
@ -244,6 +244,10 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
 %{_datadir}/installed-tests

 %changelog
+* Wed Sep 15 2021 Michael Catanzaro <mcatanzaro@redhat.com> - 2.68.4-2
+- Fix g_get_user_database_entry() crash when used with nss-systemd
+- Resolves: #2004711
+
 * Sat Aug 21 2021 Kalev Lember <klember@redhat.com> - 2.68.4-1
 - Update to 2.68.4