import libqb-1.0.3-12.el8
This commit is contained in:
parent
5c5860b453
commit
a4b17696c0
32
SOURCES/bz1836146-covscan-fixes.patch
Normal file
32
SOURCES/bz1836146-covscan-fixes.patch
Normal file
@ -0,0 +1,32 @@
|
||||
commit bfa90160e5856cd91e7c3e58bfd50387a41b8ca9
|
||||
Author: Christine Caulfield <ccaulfie@redhat.com>
|
||||
Date: Wed May 20 11:18:07 2020 +0100
|
||||
|
||||
Some bugs spotted by coverity
|
||||
|
||||
diff --git a/include/tlist.h b/include/tlist.h
|
||||
index bcae55d..723d3ec 100644
|
||||
--- a/include/tlist.h
|
||||
+++ b/include/tlist.h
|
||||
@@ -191,7 +191,7 @@ static inline void timerlist_expire(struct timerlist *timerlist)
|
||||
uint64_t current_time;
|
||||
|
||||
current_monotonic_time = qb_util_nano_current_get();
|
||||
- current_time_from_epoch = current_time = qb_util_nano_from_epoch_get();
|
||||
+ current_time_from_epoch = qb_util_nano_from_epoch_get();
|
||||
|
||||
qb_list_for_each_safe(pos, next, &timerlist->timer_head) {
|
||||
|
||||
diff --git a/lib/ringbuffer.c b/lib/ringbuffer.c
|
||||
index 3a0fb7e..cd5089a 100644
|
||||
--- a/lib/ringbuffer.c
|
||||
+++ b/lib/ringbuffer.c
|
||||
@@ -266,7 +266,7 @@ cleanup_hdr:
|
||||
if (fd_hdr >= 0) {
|
||||
close(fd_hdr);
|
||||
}
|
||||
- if (rb && (flags & QB_RB_FLAG_CREATE)) {
|
||||
+ if (rb && (rb->shared_hdr != MAP_FAILED) && (flags & QB_RB_FLAG_CREATE)) {
|
||||
unlink(rb->shared_hdr->hdr_path);
|
||||
if (rb->notifier.destroy_fn) {
|
||||
(void)rb->notifier.destroy_fn(rb->notifier.instance);
|
172
SOURCES/bz1836146-ipc_set_ownership.patch
Normal file
172
SOURCES/bz1836146-ipc_set_ownership.patch
Normal file
@ -0,0 +1,172 @@
|
||||
diff -urp libqb-1.0.3.orig/lib/ipc_shm.c libqb-1.0.3/lib/ipc_shm.c
|
||||
--- libqb-1.0.3.orig/lib/ipc_shm.c 2020-05-20 09:00:31.826899188 +0100
|
||||
+++ libqb-1.0.3/lib/ipc_shm.c 2020-05-20 09:11:56.607788472 +0100
|
||||
@@ -282,6 +282,8 @@ qb_ipcs_shm_connect(struct qb_ipcs_servi
|
||||
struct qb_ipc_connection_response *r)
|
||||
{
|
||||
int32_t res;
|
||||
+ char dirname[PATH_MAX];
|
||||
+ char *slash;
|
||||
|
||||
qb_util_log(LOG_DEBUG, "connecting to client [%d]", c->pid);
|
||||
|
||||
@@ -292,6 +294,14 @@ qb_ipcs_shm_connect(struct qb_ipcs_servi
|
||||
snprintf(r->event, NAME_MAX, "%s-event-%s",
|
||||
c->description, s->name);
|
||||
|
||||
+ /* Set correct ownership if qb_ipcs_connection_auth_set() has been used */
|
||||
+ strlcpy(dirname, c->description, sizeof(dirname));
|
||||
+ slash = strrchr(dirname, '/');
|
||||
+ if (slash) {
|
||||
+ *slash = '\0';
|
||||
+ (void)chown(dirname, c->auth.uid, c->auth.gid);
|
||||
+ }
|
||||
+
|
||||
res = qb_ipcs_shm_rb_open(c, &c->request,
|
||||
r->request);
|
||||
if (res != 0) {
|
||||
diff -urp libqb-1.0.3.orig/tests/check_ipc.c libqb-1.0.3/tests/check_ipc.c
|
||||
--- libqb-1.0.3.orig/tests/check_ipc.c 2017-12-21 09:02:11.000000000 +0000
|
||||
+++ libqb-1.0.3/tests/check_ipc.c 2020-05-20 09:07:55.607104804 +0100
|
||||
@@ -98,6 +98,8 @@ enum my_msg_ids {
|
||||
* 7) service availability
|
||||
*
|
||||
* 8) multiple services
|
||||
+ *
|
||||
+ * 9) setting perms on the sockets
|
||||
*/
|
||||
static qb_loop_t *my_loop;
|
||||
static qb_ipcs_service_t* s1;
|
||||
@@ -109,6 +111,7 @@ static int32_t num_bulk_events = 10;
|
||||
static int32_t num_stress_events = 30000;
|
||||
static int32_t reference_count_test = QB_FALSE;
|
||||
static int32_t multiple_connections = QB_FALSE;
|
||||
+static int32_t set_perms_on_socket = QB_FALSE;
|
||||
|
||||
|
||||
static int32_t
|
||||
@@ -360,6 +363,16 @@ s1_connection_destroyed(qb_ipcs_connecti
|
||||
qb_leave();
|
||||
}
|
||||
|
||||
+static int32_t
|
||||
+s1_connection_accept(qb_ipcs_connection_t *c, uid_t uid, gid_t gid)
|
||||
+{
|
||||
+ if (set_perms_on_socket) {
|
||||
+ qb_ipcs_connection_auth_set(c, 555, 741, S_IRWXU|S_IRWXG|S_IROTH|S_IWOTH);
|
||||
+ }
|
||||
+ return 0;
|
||||
+}
|
||||
+
|
||||
+
|
||||
static void
|
||||
s1_connection_created(qb_ipcs_connection_t *c)
|
||||
{
|
||||
@@ -402,7 +415,7 @@ run_ipc_server(void)
|
||||
qb_loop_signal_handle handle;
|
||||
|
||||
struct qb_ipcs_service_handlers sh = {
|
||||
- .connection_accept = NULL,
|
||||
+ .connection_accept = s1_connection_accept,
|
||||
.connection_created = s1_connection_created,
|
||||
.msg_process = s1_msg_process_fn,
|
||||
.connection_destroyed = s1_connection_destroyed,
|
||||
@@ -517,7 +530,7 @@ verify_graceful_stop(pid_t pid)
|
||||
} else {
|
||||
fail_if(rc == 0);
|
||||
}
|
||||
-
|
||||
+
|
||||
return 0;
|
||||
}
|
||||
|
||||
@@ -1018,7 +1031,7 @@ test_ipc_stress_connections(void)
|
||||
}
|
||||
} while (conn == NULL && c < 5);
|
||||
fail_if(conn == NULL);
|
||||
-
|
||||
+
|
||||
if (((connections+1) % 1000) == 0) {
|
||||
qb_log(LOG_INFO, "%d ipc connections made", connections+1);
|
||||
}
|
||||
@@ -1448,6 +1461,63 @@ START_TEST(test_ipcc_truncate_when_unlin
|
||||
END_TEST
|
||||
#endif
|
||||
|
||||
+// Check perms uses illegal access to libqb internals
|
||||
+// DO NOT try this at home.
|
||||
+#include "../lib/ipc_int.h"
|
||||
+#include "../lib/ringbuffer_int.h"
|
||||
+START_TEST(test_ipc_server_perms)
|
||||
+{
|
||||
+ pid_t pid;
|
||||
+ struct stat st;
|
||||
+ int j;
|
||||
+ uint32_t max_size;
|
||||
+ int res;
|
||||
+ int c = 0;
|
||||
+
|
||||
+ // Can only test this if we are root
|
||||
+ if (getuid() != 0) {
|
||||
+ return;
|
||||
+ }
|
||||
+
|
||||
+ ipc_type = QB_IPC_SHM;
|
||||
+ set_perms_on_socket = QB_TRUE;
|
||||
+ max_size = MAX_MSG_SIZE;
|
||||
+
|
||||
+ pid = run_function_in_new_process(run_ipc_server);
|
||||
+ fail_if(pid == -1);
|
||||
+
|
||||
+ do {
|
||||
+ conn = qb_ipcc_connect(ipc_name, max_size);
|
||||
+ if (conn == NULL) {
|
||||
+ j = waitpid(pid, NULL, WNOHANG);
|
||||
+ ck_assert_int_eq(j, 0);
|
||||
+ poll(NULL, 0, 400);
|
||||
+ c++;
|
||||
+ }
|
||||
+ } while (conn == NULL && c < 5);
|
||||
+ fail_if(conn == NULL);
|
||||
+
|
||||
+ // Check perms - uses illegal access to libqb internals
|
||||
+ char sockdir[PATH_MAX];
|
||||
+ strcpy(sockdir, conn->request.u.shm.rb->shared_hdr->hdr_path);
|
||||
+ *strrchr(sockdir, '/') = 0;
|
||||
+ res = stat(sockdir, &st);
|
||||
+
|
||||
+ ck_assert_int_eq(res, 0);
|
||||
+ ck_assert(st.st_mode & S_IRWXG);
|
||||
+ ck_assert_int_eq(st.st_uid, 555);
|
||||
+ ck_assert_int_eq(st.st_gid, 741);
|
||||
+
|
||||
+ res = stat(conn->request.u.shm.rb->shared_hdr->hdr_path, &st);
|
||||
+ ck_assert_int_eq(res, 0);
|
||||
+ ck_assert_int_eq(st.st_uid, 555);
|
||||
+ ck_assert_int_eq(st.st_gid, 741);
|
||||
+
|
||||
+ qb_ipcc_disconnect(conn);
|
||||
+ verify_graceful_stop(pid);
|
||||
+}
|
||||
+END_TEST
|
||||
+
|
||||
static void
|
||||
test_ipc_service_ref_count(void)
|
||||
{
|
||||
@@ -1502,7 +1572,7 @@ END_TEST
|
||||
#if 0
|
||||
static void test_max_dgram_size(void)
|
||||
{
|
||||
- /* most implementations will not let you set a dgram buffer
|
||||
+ /* most implementations will not let you set a dgram buffer
|
||||
* of 1 million bytes. This test verifies that the we can detect
|
||||
* the max dgram buffersize regardless, and that the value we detect
|
||||
* is consistent. */
|
||||
@@ -1562,6 +1632,7 @@ make_shm_suite(void)
|
||||
add_tcase(s, tc, test_ipc_exit_shm, 8);
|
||||
add_tcase(s, tc, test_ipc_event_on_created_shm, 10);
|
||||
add_tcase(s, tc, test_ipc_service_ref_count_shm, 10);
|
||||
+ add_tcase(s, tc, test_ipc_server_perms, 7);
|
||||
add_tcase(s, tc, test_ipc_stress_connections_shm, 3600);
|
||||
|
||||
#ifdef HAVE_FAILURE_INJECTION
|
@ -1,9 +1,9 @@
|
||||
%bcond_without check
|
||||
%bcond_with check
|
||||
%bcond_without testsrpm
|
||||
|
||||
Name: libqb
|
||||
Version: 1.0.3
|
||||
Release: 10%{?dist}
|
||||
Release: 12%{?dist}
|
||||
Summary: An IPC library for high performance servers
|
||||
|
||||
Group: System Environment/Libraries
|
||||
@ -15,6 +15,8 @@ Patch0: bz1615945-remove-linker-callsites.patch
|
||||
Patch1: bz1682119-install-tests.patch
|
||||
Patch2: bz1714854-improve-shm-security.patch
|
||||
Patch3: bz1718773-avoid-ipc-deadlock.patch
|
||||
Patch4: bz1836146-ipc_set_ownership.patch
|
||||
Patch5: bz1836146-covscan-fixes.patch
|
||||
|
||||
BuildRequires: autoconf automake libtool doxygen procps check-devel
|
||||
# https://fedoraproject.org/wiki/Packaging:C_and_C%2B%2B#BuildRequires_and_Requires
|
||||
@ -33,7 +35,9 @@ and polling.
|
||||
%patch0 -p1 -b .bz1615945-remove-linker-callsites
|
||||
%patch1 -p1 -b .bz1682119-install-tests
|
||||
%patch2 -p1 -b .bz1714854-improve-shm-security.patch
|
||||
%patch3 -p1 -b bz1718773-avoid-ipc-deadlock.patch
|
||||
%patch3 -p1 -b .bz1718773-avoid-ipc-deadlock.patch
|
||||
%patch4 -p1 -b .bz1836146-ipc_set_ownership.patch
|
||||
%patch5 -p1 -b .bz1836146-covscan-fixes.patch
|
||||
|
||||
%build
|
||||
./autogen.sh
|
||||
@ -99,6 +103,11 @@ The %{name}-tests package contains the %{name} test suite.
|
||||
|
||||
|
||||
%changelog
|
||||
* Wed May 20 2020 Christine Caulfield <ccaulfie@redhat.com> - 1.0.3-11
|
||||
Correctly set socket directory permissions when
|
||||
qb_ipcs_connection_auth_set() is called
|
||||
Resolves: rhbz#1836146
|
||||
|
||||
* Mon Jun 10 2019 Christine Caulfield <ccaulfie@redhat.com> - 1.0.3-10
|
||||
Avoid deadlock in IPC connections
|
||||
Resolves: rhbz#1718773
|
||||
|
Loading…
Reference in New Issue
Block a user