import ibus-1.5.19-11.el8

This commit is contained in:
CentOS Sources 2020-04-28 05:33:32 -04:00 committed by Andrew Lukoshko
parent 14499b7697
commit 37dced47bc
7 changed files with 2918 additions and 3 deletions

View File

@ -0,0 +1,48 @@
From 0f5084e07c215d74adc4eeeda40b374855cce59a Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Fri, 11 Jan 2019 12:56:42 +0900
Subject: [PATCH] src/ibuscomposetable: Replace assert with warning for
.XCompose
BUG=rhbz#1470673
---
src/ibuscomposetable.c | 12 +++++++-----
1 file changed, 7 insertions(+), 5 deletions(-)
diff --git a/src/ibuscomposetable.c b/src/ibuscomposetable.c
index b843e7e1..1c0ece41 100644
--- a/src/ibuscomposetable.c
+++ b/src/ibuscomposetable.c
@@ -1,7 +1,7 @@
/* -*- mode: C; c-basic-offset: 4; indent-tabs-mode: nil; -*- */
/* ibus - The Input Bus
* Copyright (C) 2013-2014 Peng Huang <shawn.p.huang@gmail.com>
- * Copyright (C) 2013-2018 Takao Fujiwara <takao.fujiwara1@gmail.com>
+ * Copyright (C) 2013-2019 Takao Fujiwara <takao.fujiwara1@gmail.com>
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -98,14 +98,16 @@ parse_compose_value (IBusComposeData *compose_data,
uch = words[1][1];
/* The escaped string "\"" is separated with '\\' and '"'. */
- if (uch == '\0' && words[2][0] == '"')
+ if (uch == '\0' && words[2][0] == '"') {
uch = '"';
/* The escaped octal */
- else if (uch >= '0' && uch <= '8')
+ } else if (uch >= '0' && uch <= '8') {
uch = g_ascii_strtoll(words[1] + 1, NULL, 8);
/* If we need to handle other escape sequences. */
- else if (uch != '\\')
- g_assert_not_reached ();
+ } else if (uch != '\\') {
+ g_warning ("Invalid backslash: %s: %s", val, line);
+ goto fail;
+ }
}
if (g_utf8_get_char (g_utf8_next_char (words[1])) > 0) {
--
2.21.0

File diff suppressed because it is too large Load Diff

View File

@ -0,0 +1,179 @@
From 3d442dbf936d197aa11ca0a71663c2bc61696151 Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Fri, 13 Sep 2019 15:59:03 +0900
Subject: [PATCH] bus: Implement GDBusAuthObserver callback
ibus uses a GDBusServer with G_DBUS_SERVER_FLAGS_AUTHENTICATION_ALLOW_ANONYMOUS,
and doesn't set a GDBusAuthObserver, which allows anyone who can connect
to its AF_UNIX socket to authenticate and be authorized to send method calls.
It also seems to use an abstract AF_UNIX socket, which does not have
filesystem permissions, so the practical effect might be that a local
attacker can connect to another user's ibus service and make arbitrary
method calls.
BUGS=rhbz#1717958
---
bus/server.c | 89 ++++++++++++++++++++++++++++++++++++++++++----------
1 file changed, 73 insertions(+), 16 deletions(-)
diff --git a/bus/server.c b/bus/server.c
index 3a626230..2439de14 100644
--- a/bus/server.c
+++ b/bus/server.c
@@ -2,7 +2,8 @@
/* vim:set et sts=4: */
/* bus - The Input Bus
* Copyright (C) 2008-2010 Peng Huang <shawn.p.huang@gmail.com>
- * Copyright (C) 2008-2010 Red Hat, Inc.
+ * Copyright (C) 2011-2019 Takao Fujiwara <takao.fujiwara1@gmail.com>
+ * Copyright (C) 2008-2019 Red Hat, Inc.
*
* This library is free software; you can redistribute it and/or
* modify it under the terms of the GNU Lesser General Public
@@ -70,16 +71,63 @@ _restart_server (void)
}
/**
+ * bus_allow_mechanism_cb:
+ * @observer: A #GDBusAuthObserver.
+ * @mechanism: The name of the mechanism.
+ * @user_data: always %NULL.
+ *
+ * Check if @mechanism can be used to authenticate the other peer.
+ * Returns: %TRUE if the peer's mechanism is allowed.
+ */
+static gboolean
+bus_allow_mechanism_cb (GDBusAuthObserver *observer,
+ const gchar *mechanism,
+ G_GNUC_UNUSED gpointer user_data)
+{
+ if (g_strcmp0 (mechanism, "EXTERNAL") == 0)
+ return TRUE;
+ return FALSE;
+}
+
+/**
+ * bus_authorize_authenticated_peer_cb:
+ * @observer: A #GDBusAuthObserver.
+ * @stream: A #GIOStream.
+ * @credentials: A #GCredentials.
+ * @user_data: always %NULL.
+ *
+ * Check if a peer who has already authenticated should be authorized.
+ * Returns: %TRUE if the peer's credential is authorized.
+ */
+static gboolean
+bus_authorize_authenticated_peer_cb (GDBusAuthObserver *observer,
+ GIOStream *stream,
+ GCredentials *credentials,
+ G_GNUC_UNUSED gpointer user_data)
+{
+ gboolean authorized = FALSE;
+ if (credentials) {
+ GCredentials *own_credentials = g_credentials_new ();
+ if (g_credentials_is_same_user (credentials, own_credentials, NULL))
+ authorized = TRUE;
+ g_object_unref (own_credentials);
+ }
+ return authorized;
+}
+
+/**
* bus_new_connection_cb:
- * @user_data: always NULL.
- * @returns: TRUE when the function can handle the connection.
+ * @observer: A #GDBusAuthObserver.
+ * @dbus_connection: A #GDBusconnection.
+ * @user_data: always %NULL.
*
* Handle incoming connections.
+ * Returns: %TRUE when the function can handle the connection.
*/
static gboolean
-bus_new_connection_cb (GDBusServer *server,
- GDBusConnection *dbus_connection,
- gpointer user_data)
+bus_new_connection_cb (GDBusServer *server,
+ GDBusConnection *dbus_connection,
+ G_GNUC_UNUSED gpointer user_data)
{
BusConnection *connection = bus_connection_new (dbus_connection);
bus_dbus_impl_new_connection (dbus, connection);
@@ -94,9 +142,9 @@ bus_new_connection_cb (GDBusServer *
}
static void
-_server_connect_start_portal_cb (GObject *source_object,
- GAsyncResult *res,
- gpointer user_data)
+_server_connect_start_portal_cb (GObject *source_object,
+ GAsyncResult *res,
+ G_GNUC_UNUSED gpointer user_data)
{
GVariant *result;
GError *error = NULL;
@@ -113,9 +161,9 @@ _server_connect_start_portal_cb (GObject
}
static void
-bus_acquired_handler (GDBusConnection *connection,
- const gchar *name,
- gpointer user_data)
+bus_acquired_handler (GDBusConnection *connection,
+ const gchar *name,
+ G_GNUC_UNUSED gpointer user_data)
{
g_dbus_connection_call (connection,
IBUS_SERVICE_PORTAL,
@@ -136,22 +184,27 @@ void
bus_server_init (void)
{
GError *error = NULL;
+ GDBusServerFlags flags = G_DBUS_SERVER_FLAGS_NONE;
+ gchar *guid;
+ GDBusAuthObserver *observer;
dbus = bus_dbus_impl_get_default ();
ibus = bus_ibus_impl_get_default ();
bus_dbus_impl_register_object (dbus, (IBusService *)ibus);
/* init server */
- GDBusServerFlags flags = G_DBUS_SERVER_FLAGS_AUTHENTICATION_ALLOW_ANONYMOUS;
- gchar *guid = g_dbus_generate_guid ();
- if (!g_str_has_prefix (g_address, "unix:tmpdir=")) {
- g_error ("Your socket address does not have the format unix:tmpdir=$DIR; %s",
- g_address);
+ guid = g_dbus_generate_guid ();
+ observer = g_dbus_auth_observer_new ();
+ if (!g_str_has_prefix (g_address, "unix:tmpdir=") &&
+ !g_str_has_prefix (g_address, "unix:path=")) {
+ g_error ("Your socket address does not have the format unix:tmpdir=$DIR "
+ "or unix:path=$FILE; %s", g_address);
+
}
server = g_dbus_server_new_sync (
g_address, /* the place where the socket file lives, e.g. /tmp, abstract namespace, etc. */
flags, guid,
- NULL /* observer */,
+ observer,
NULL /* cancellable */,
&error);
if (server == NULL) {
@@ -161,7 +214,13 @@ bus_server_init (void)
}
g_free (guid);
- g_signal_connect (server, "new-connection", G_CALLBACK (bus_new_connection_cb), NULL);
+ g_signal_connect (observer, "allow-mechanism",
+ G_CALLBACK (bus_allow_mechanism_cb), NULL);
+ g_signal_connect (observer, "authorize-authenticated-peer",
+ G_CALLBACK (bus_authorize_authenticated_peer_cb), NULL);
+ g_object_unref (observer);
+ g_signal_connect (server, "new-connection",
+ G_CALLBACK (bus_new_connection_cb), NULL);
g_dbus_server_start (server);
--
2.21.0

View File

@ -0,0 +1,26 @@
From 6aab10f2e5a8e10dac9b007eff19b26990461790 Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Thu, 14 Feb 2019 17:37:39 +0900
Subject: [PATCH] ui/gtk3: Fix assert with 16 candidates
BUG=https://github.com/ibus/ibus/issues/2076
---
ui/gtk3/candidatearea.vala | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ui/gtk3/candidatearea.vala b/ui/gtk3/candidatearea.vala
index f590cf3a..781ecd1e 100644
--- a/ui/gtk3/candidatearea.vala
+++ b/ui/gtk3/candidatearea.vala
@@ -109,7 +109,7 @@ class CandidateArea : Gtk.Box {
m_focus_candidate = focus_candidate;
m_show_cursor = show_cursor;
- assert(candidates.length < 16);
+ assert(candidates.length <= 16);
for (int i = 0 ; i < 16 ; i++) {
Gtk.Label label = m_candidates[i];
bool visible = false;
--
2.21.0

View File

@ -0,0 +1,134 @@
From 8375f391e1b9bfc048ff14fd458f689d853064ac Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Thu, 28 Feb 2019 15:26:11 +0900
Subject: [PATCH] ui/gtk3: Do not add emojis in compose category to emoji
variants
Any emojis in compose category have variants and should be shown by default.
---
bindings/vala/IBus-1.0-custom.vala | 4 ++
ui/gtk3/emojier.vala | 74 ++++++++++++++++++++++++++----
2 files changed, 68 insertions(+), 10 deletions(-)
diff --git a/bindings/vala/IBus-1.0-custom.vala b/bindings/vala/IBus-1.0-custom.vala
index 7d34a8bd..ec46fc90 100644
--- a/bindings/vala/IBus-1.0-custom.vala
+++ b/bindings/vala/IBus-1.0-custom.vala
@@ -17,4 +17,8 @@ namespace IBus {
public class PanelService : IBus.Service {
public void panel_extension_register_keys(string first_property_name, ...);
}
+ public class EmojiData : IBus.Serializable {
+ [CCode (cname = "ibus_emoji_data_new", has_construct_function = true)]
+ public EmojiData (string first_property_name, ...);
+ }
}
diff --git a/ui/gtk3/emojier.vala b/ui/gtk3/emojier.vala
index aedeb4cb..fc15cffe 100644
--- a/ui/gtk3/emojier.vala
+++ b/ui/gtk3/emojier.vala
@@ -389,6 +389,14 @@ public class IBusEmojier : Gtk.ApplicationWindow {
}
make_emoji_dict(m_current_lang_id);
}
+ add_variants_to_component();
+
+ GLib.List<unowned string> annotations =
+ m_annotation_to_emojis_dict.get_keys();
+ foreach (unowned string annotation in annotations) {
+ if (m_emoji_max_seq_len < annotation.length)
+ m_emoji_max_seq_len = annotation.length;
+ }
update_favorite_emoji_dict();
}
@@ -430,11 +438,54 @@ public class IBusEmojier : Gtk.ApplicationWindow {
update_annotation_to_emojis_dict(data);
update_category_to_emojis_dict(data, lang);
}
- GLib.List<unowned string> annotations =
- m_annotation_to_emojis_dict.get_keys();
- foreach (unowned string annotation in annotations) {
- if (m_emoji_max_seq_len < annotation.length)
- m_emoji_max_seq_len = annotation.length;
+ }
+
+
+ private static void add_variants_to_component() {
+ string category = "Component";
+ unowned GLib.SList<string> hits =
+ m_category_to_emojis_dict.lookup(category);
+ if (hits == null) {
+ category = "component";
+ hits = m_category_to_emojis_dict.lookup(category);
+ }
+ if (hits == null)
+ return;
+ GLib.SList<IBus.EmojiData> emoji_list =
+ new GLib.SList<IBus.EmojiData>();
+ GLib.SList<string> annotations = new GLib.SList<string>();
+ annotations.append("zero");
+ IBus.EmojiData _data;
+ _data = new IBus.EmojiData("emoji", "\u200d",
+ "annotations", annotations,
+ "description",
+ "ZERO WIDTH JOINER",
+ "category", category);
+ emoji_list.append(_data);
+ annotations = null;
+ annotations.append("text");
+ annotations.append("variation");
+ annotations.append("selector");
+ _data = new IBus.EmojiData("emoji", "\ufe0e",
+ "annotations", annotations,
+ "description",
+ "VARIATION SELECTOR-15",
+ "category", category);
+ emoji_list.append(_data);
+ annotations = null;
+ annotations.append("emoji");
+ annotations.append("variation");
+ annotations.append("selector");
+ _data = new IBus.EmojiData("emoji", "\ufe0f",
+ "annotations", annotations,
+ "description",
+ "VARIATION SELECTOR-16",
+ "category", category);
+ emoji_list.append(_data);
+ foreach (IBus.EmojiData data in emoji_list) {
+ update_emoji_to_data_dict(data, "en");
+ update_annotation_to_emojis_dict(data);
+ update_category_to_emojis_dict(data, "en");
}
}
@@ -583,10 +634,12 @@ public class IBusEmojier : Gtk.ApplicationWindow {
category = EMOJI_CATEGORY_OTHERS;
if (lang == "en") {
bool has_variant = false;
- foreach (unichar ch in EMOJI_VARIANT_LIST) {
- if (emoji.index_of_char(ch) >= 0) {
- has_variant = true;
- break;
+ if (category.ascii_casecmp("component") != 0) {
+ foreach (unichar ch in EMOJI_VARIANT_LIST) {
+ if (emoji.index_of_char(ch) >= 0) {
+ has_variant = true;
+ break;
+ }
}
}
// If emoji includes variants (skin colors and items),
@@ -606,7 +659,8 @@ public class IBusEmojier : Gtk.ApplicationWindow {
if (variants.find_custom(emoji, GLib.strcmp) == null) {
if (variants == null)
variants.append(base_emoji);
- variants.append(emoji);
+ if (base_emoji != emoji)
+ variants.append(emoji);
m_emoji_to_emoji_variants_dict.replace(
base_emoji,
variants.copy_deep(GLib.strdup));
--
2.21.0

View File

@ -0,0 +1,60 @@
From 1cb5032e85d85f496e349236d1b74f17fb8db966 Mon Sep 17 00:00:00 2001
From: fujiwarat <takao.fujiwara1@gmail.com>
Date: Tue, 23 Apr 2019 15:40:45 +0900
Subject: [PATCH] configure: Move ibus-setup from configure.ac to Makefile.am
@localedir@ can be extracted to ${datarootdir}/locale and
it needs datarootdir=/usr/share in case configure.ac is used
and deleting the datarootdir line caused a regression.
All variables can be extracted in Makefile.am with sed.
---
configure.ac | 1 -
setup/Makefile.am | 13 +++++++++++--
2 files changed, 11 insertions(+), 3 deletions(-)
diff --git a/configure.ac b/configure.ac
index 9518e808..7503f3e8 100644
--- a/configure.ac
+++ b/configure.ac
@@ -724,7 +724,6 @@ ibus/interface/Makefile
ui/Makefile
ui/gtk3/Makefile
setup/Makefile
-setup/ibus-setup
bindings/Makefile
bindings/pygobject/Makefile
bindings/vala/Makefile
diff --git a/setup/Makefile.am b/setup/Makefile.am
index cb4dd8d1..34c8f136 100644
--- a/setup/Makefile.am
+++ b/setup/Makefile.am
@@ -3,8 +3,8 @@
# ibus - The Input Bus
#
# Copyright (c) 2007-2014 Peng Huang <shawn.p.huang@gmail.com>
-# Copyright (c) 2015-2017 Takao Fujiwara <takao.fujiwara1@gmail.com>
-# Copyright (c) 2007-2017 Red Hat, Inc.
+# Copyright (c) 2015-2019 Takao Fujiwara <takao.fujiwara1@gmail.com>
+# Copyright (c) 2007-2019 Red Hat, Inc.
#
# This library is free software; you can redistribute it and/or
# modify it under the terms of the GNU Lesser General Public
@@ -40,6 +40,15 @@ ibussetup_DATA = \
bin_SCRIPTS = ibus-setup
ibussetupdir = $(pkgdatadir)/setup
+ibus-setup: ibus-setup.in
+ $(AM_V_GEN) sed -e "s|\@datarootdir\@|$(datarootdir)|g" \
+ -e "s|\@localedir\@|$(localedir)|g" \
+ -e "s|\@libexecdir\@|$(libexecdir)|g" \
+ -e "s|\@prefix\@|$(prefix)|g" \
+ -e "s|\@PYTHON\@|$(PYTHON)|g" \
+ $< > $@.tmp && \
+ mv $@.tmp $@
+
desktop_in_files = ibus-setup.desktop.in
desktop_DATA = $(desktop_in_files:.desktop.in=.desktop)
desktopdir = $(datadir)/applications
--
2.21.0

View File

@ -31,7 +31,7 @@
Name: ibus
Version: 1.5.19
Release: 4%{?dist}
Release: 11%{?dist}
Summary: Intelligent Input Bus for Linux OS
License: LGPLv2+
Group: System Environment/Libraries
@ -41,9 +41,23 @@ Source1: %{name}-xinput
Source2: %{name}.conf.5
Source3: https://fujiwara.fedorapeople.org/ibus/po/%{name}-po-1.5.19-20180822.tar.gz
# Patch0: %%{name}-HEAD.patch
# RHEL 8.0 From upstreamed patches
Patch0: %{name}-HEAD.patch
# Under testing #1349148 #1385349 #1350291 #1406699 #1432252 #1601577
Patch1: %{name}-1385349-segv-bus-proxy.patch
# RHEL 8.2 Fix not to assert with wrong compose files
Patch1: %{name}-1470673-emoji-warn-instead-assert.patch
# RHEL 8.2 Fix not to assert with 16 candidates
Patch2: %{name}-2076-fix-16-candidates.patch
# RHEL 8.2 Show emoji compose in the top category
Patch3: %{name}-xx-emoji-compose.patch
# RHEL 8.2 Extract $(datarootdir) in ibus-setup
Patch4: %{name}-xx-setup-env.patch
# RHEL 8.2 CVE 2019-14822
Patch5: %{name}-1750836-server-auth-observer.patch
# RHEL 8.2 Bug 1682157 - Integrate ibus-desktop-testing and test cases
Patch6: %{name}-1682157-ci.patch
# RHEL 8.0 Under testing #1349148 #1385349 #1350291 #1406699 #1432252 #1601577
Patch100: %{name}-1385349-segv-bus-proxy.patch
BuildRequires: gettext-devel
BuildRequires: libtool
@ -236,10 +250,33 @@ BuildArch: noarch
%description devel-docs
The ibus-devel-docs package contains developer documentation for IBus
%package desktop-testing
Summary: Wrapper of InstalledTests Runner for IBus
Group: Development/Libraries
Requires: %{name} = %{version}-%{release}
BuildArch: noarch
%description desktop-testing
GNOME desktop testing runner implements the InstalledTests specification
and IBus also needs focus events to enable input contexts on text widgets.
The wrapper script runs gnome-session for the focus events and GNOME
desktop testing runner internally.
%package tests
Summary: Tests for the %{name} package
Group: Development/Libraries
Requires: %{name}%{?_isa} = %{version}-%{release}
Requires: %{name}-libs%{?_isa} = %{version}-%{release}
%description tests
The %{name}-tests package contains tests that can be used to verify
the functionality of the installed %{name} package.
%prep
%autosetup -S git
# cp client/gtk2/ibusimcontext.c client/gtk3/ibusimcontext.c || :
cp client/gtk2/ibusimcontext.c client/gtk3/ibusimcontext.c || :
zcat %SOURCE3 | tar xfv -
@ -273,6 +310,7 @@ autoreconf -f -i -v
--disable-appindicator \
%endif
--enable-introspection \
--enable-install-tests \
%{nil}
make -C ui/gtk3 maintainer-clean-generic
@ -300,6 +338,12 @@ install -pm 644 -D %{SOURCE1} $RPM_BUILD_ROOT%{_xinputconf}
echo "NoDisplay=true" >> $RPM_BUILD_ROOT%{_datadir}/applications/ibus-setup.desktop
#echo "X-GNOME-Autostart-enabled=false" >> $RPM_BUILD_ROOT%%{_sysconfdir}/xdg/autostart/ibus.desktop
# Delete unused prefix line in Fedora only
if test `grep '^prefix' $RPM_BUILD_ROOT%{_bindir}/ibus-setup | wc -l` = 1 ; then
sed -i -e '/^prefix/d' $RPM_BUILD_ROOT%{_bindir}/ibus-setup
fi
desktop-file-install --delete-original \
--dir $RPM_BUILD_ROOT%{_datadir}/applications \
$RPM_BUILD_ROOT%{_datadir}/applications/*
@ -424,7 +468,38 @@ dconf update || :
%dir %{_datadir}/gtk-doc/html
%{_datadir}/gtk-doc/html/*
%files desktop-testing
%{_bindir}/ibus-desktop-testing-runner
%files tests
%dir %{_libexecdir}/installed-tests
%{_libexecdir}/installed-tests/ibus
%dir %{_datadir}/installed-tests
%{_datadir}/installed-tests/ibus
%changelog
* Thu Jan 09 2020 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-11
- Resolves: #1750836 - Fix CVE-2019-14822
* Thu Dec 12 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-10
- Resolves: #1750836 - Revert Hangul fix for 8.2 schedule
* Tue Dec 03 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-9
- Resolves: #1682157 - Fix RHEL 8.2 covscan #2
* Sat Nov 30 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-8
- Resolves: #1682157 - Fix libibus dependency in ibus-tests with rpmdiff
* Fri Nov 29 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-7
- Resolves: #1682157 - Fix RHEL 8.2 covscan
* Fri Nov 29 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-6
- Resolves: #1682157 - Add CI
* Fri Nov 29 2019 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-5
- Resolves: #1713606 - Fix hangul preedit commit with mouse click
- Resolves: #1682157 - Integrate ibus-desktop-testing and test cases
* Tue Nov 06 2018 Takao Fujiwara <tfujiwar@redhat.com> - 1.5.19-4
- Delete Requires ibus in ibus-gtk* for Flatpak
- Update upstreamed patches