fix double-free handling VPN data in nm-applet (rh #1541565)
Also: fix certificate chooser for no available modules (bgo #785674)
This commit is contained in:
parent
d6f6981153
commit
0dca25c6fa
137
0002-fix-vpn-get-data-crash-rh1541565.patch
Normal file
137
0002-fix-vpn-get-data-crash-rh1541565.patch
Normal file
@ -0,0 +1,137 @@
|
|||||||
|
From 46f99b295e59f44dfde50ec90e7c09627d32431e Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
|
||||||
|
Date: Wed, 20 Dec 2017 13:23:12 +0100
|
||||||
|
Subject: [PATCH 1/2] shared/compat: fix memory handling of
|
||||||
|
nm_setting_vpn_get_*_keys
|
||||||
|
|
||||||
|
The compat implementations return a (transfer none) strv instead of a
|
||||||
|
(transfer container) one. This has caused double frees in nm-applet:
|
||||||
|
https://bugs.archlinux.org/task/56772
|
||||||
|
|
||||||
|
Don't copy the keys and don't free the container later.
|
||||||
|
|
||||||
|
[thaller@redhat.com: patch adjusted to avoid compiler warning]
|
||||||
|
|
||||||
|
Patch imported from NetworkManager commit 8ac8c01162235c2c198bfaf25fb7d1a57a595ce5.
|
||||||
|
|
||||||
|
Fixes: e93ca7fc129ec0f29f5313a3aa12839914df8fa2
|
||||||
|
(cherry picked from commit 0c90e08f77b71d2bda699cf032fceec0122bbf82)
|
||||||
|
---
|
||||||
|
shared/nm-utils/nm-compat.c | 10 +---------
|
||||||
|
1 file changed, 1 insertion(+), 9 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/shared/nm-utils/nm-compat.c b/shared/nm-utils/nm-compat.c
|
||||||
|
index 22ab675d..47035e62 100644
|
||||||
|
--- a/shared/nm-utils/nm-compat.c
|
||||||
|
+++ b/shared/nm-utils/nm-compat.c
|
||||||
|
@@ -30,7 +30,7 @@ _get_keys_cb (const char *key, const char *val, gpointer user_data)
|
||||||
|
{
|
||||||
|
GPtrArray *a = user_data;
|
||||||
|
|
||||||
|
- g_ptr_array_add (a, g_strdup (key));
|
||||||
|
+ g_ptr_array_add (a, (gpointer) key);
|
||||||
|
}
|
||||||
|
|
||||||
|
static const char **
|
||||||
|
@@ -55,14 +55,6 @@ _get_keys (NMSettingVpn *setting,
|
||||||
|
g_ptr_array_sort (a, nm_strcmp_p);
|
||||||
|
g_ptr_array_add (a, NULL);
|
||||||
|
keys = (const char **) g_ptr_array_free (g_steal_pointer (&a), FALSE);
|
||||||
|
-
|
||||||
|
- /* we need to cache the keys *somewhere*. */
|
||||||
|
- g_object_set_qdata_full (G_OBJECT (setting),
|
||||||
|
- is_secrets
|
||||||
|
- ? NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_secret_keys")
|
||||||
|
- : NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_data_keys"),
|
||||||
|
- keys,
|
||||||
|
- (GDestroyNotify) g_strfreev);
|
||||||
|
}
|
||||||
|
|
||||||
|
NM_SET_OUT (out_length, len);
|
||||||
|
--
|
||||||
|
2.14.3
|
||||||
|
|
||||||
|
|
||||||
|
From 0d13a8b4064c83146714ecee86b69042aca35f9e Mon Sep 17 00:00:00 2001
|
||||||
|
From: "Jan Alexander Steffens (heftig)" <jan.steffens@gmail.com>
|
||||||
|
Date: Thu, 21 Dec 2017 20:36:48 +0100
|
||||||
|
Subject: [PATCH 2/2] shared/compat: fix memory handling of
|
||||||
|
nm_setting_vpn_get_*_keys()
|
||||||
|
|
||||||
|
The previous fix was bad because the keys do not come from NMSettingVpn's hash
|
||||||
|
table but are copies that are freed by nm_setting_vpn_foreach_* before
|
||||||
|
it returns.
|
||||||
|
|
||||||
|
[thaller@redhat.com: import shared code from NetworkManager, merging
|
||||||
|
three patches together.]
|
||||||
|
|
||||||
|
Fixes: e93ca7fc129ec0f29f5313a3aa12839914df8fa2
|
||||||
|
Fixes: 0c90e08f77b71d2bda699cf032fceec0122bbf82
|
||||||
|
|
||||||
|
https://mail.gnome.org/archives/networkmanager-list/2017-December/msg00069.html
|
||||||
|
https://mail.gnome.org/archives/networkmanager-list/2017-December/msg00070.html
|
||||||
|
(cherry picked from commit a52ccb2fe170558fc0aab4dd1d15ba8808b10951)
|
||||||
|
---
|
||||||
|
shared/nm-utils/nm-compat.c | 29 ++++++++++++++++++++++-------
|
||||||
|
1 file changed, 22 insertions(+), 7 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/shared/nm-utils/nm-compat.c b/shared/nm-utils/nm-compat.c
|
||||||
|
index 47035e62..90328c06 100644
|
||||||
|
--- a/shared/nm-utils/nm-compat.c
|
||||||
|
+++ b/shared/nm-utils/nm-compat.c
|
||||||
|
@@ -30,7 +30,7 @@ _get_keys_cb (const char *key, const char *val, gpointer user_data)
|
||||||
|
{
|
||||||
|
GPtrArray *a = user_data;
|
||||||
|
|
||||||
|
- g_ptr_array_add (a, (gpointer) key);
|
||||||
|
+ g_ptr_array_add (a, g_strdup (key));
|
||||||
|
}
|
||||||
|
|
||||||
|
static const char **
|
||||||
|
@@ -40,22 +40,37 @@ _get_keys (NMSettingVpn *setting,
|
||||||
|
{
|
||||||
|
guint len;
|
||||||
|
const char **keys = NULL;
|
||||||
|
- gs_unref_ptrarray GPtrArray *a = NULL;
|
||||||
|
+ GPtrArray *a;
|
||||||
|
|
||||||
|
nm_assert (NM_IS_SETTING_VPN (setting));
|
||||||
|
|
||||||
|
- a = g_ptr_array_new ();
|
||||||
|
+ if (is_secrets)
|
||||||
|
+ len = nm_setting_vpn_get_num_secrets (setting);
|
||||||
|
+ else
|
||||||
|
+ len = nm_setting_vpn_get_num_data_items (setting);
|
||||||
|
+
|
||||||
|
+ a = g_ptr_array_sized_new (len + 1);
|
||||||
|
+
|
||||||
|
if (is_secrets)
|
||||||
|
nm_setting_vpn_foreach_secret (setting, _get_keys_cb, a);
|
||||||
|
else
|
||||||
|
nm_setting_vpn_foreach_data_item (setting, _get_keys_cb, a);
|
||||||
|
- len = a->len;
|
||||||
|
|
||||||
|
- if (a->len) {
|
||||||
|
+ len = a->len;
|
||||||
|
+ if (len) {
|
||||||
|
g_ptr_array_sort (a, nm_strcmp_p);
|
||||||
|
g_ptr_array_add (a, NULL);
|
||||||
|
- keys = (const char **) g_ptr_array_free (g_steal_pointer (&a), FALSE);
|
||||||
|
- }
|
||||||
|
+ keys = g_memdup (a->pdata, a->len * sizeof (gpointer));
|
||||||
|
+
|
||||||
|
+ /* we need to cache the keys *somewhere*. */
|
||||||
|
+ g_object_set_qdata_full (G_OBJECT (setting),
|
||||||
|
+ is_secrets
|
||||||
|
+ ? NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_secret_keys")
|
||||||
|
+ : NM_CACHED_QUARK ("libnm._nm_setting_vpn_get_data_keys"),
|
||||||
|
+ g_ptr_array_free (a, FALSE),
|
||||||
|
+ (GDestroyNotify) g_strfreev);
|
||||||
|
+ } else
|
||||||
|
+ g_ptr_array_free (a, TRUE);
|
||||||
|
|
||||||
|
NM_SET_OUT (out_length, len);
|
||||||
|
return keys;
|
||||||
|
--
|
||||||
|
2.14.3
|
||||||
|
|
38
0003-fix-cert-chooser-for-no-modules-bgo785674.patch
Normal file
38
0003-fix-cert-chooser-for-no-modules-bgo785674.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From 4d2523b482ab78134dafc02c9b99bd15f1a9174a Mon Sep 17 00:00:00 2001
|
||||||
|
From: Ben Wiederhake <BenWiederhake.GitHub@gmx.de>
|
||||||
|
Date: Sun, 14 Jan 2018 23:28:15 +0100
|
||||||
|
Subject: [PATCH 1/1] libnma/cert-chooser: handle case of no avalable modules
|
||||||
|
|
||||||
|
Cause: Apparently it's perfectly okay if the list of modules is empty
|
||||||
|
(e.g., NULL). However, the code assume that this indicates an error,
|
||||||
|
tries to print the NULL error, and crashes.
|
||||||
|
|
||||||
|
[lkundrak@v3.sk: cosmetic changes]
|
||||||
|
|
||||||
|
https://bugzilla.gnome.org/show_bug.cgi?id=785674
|
||||||
|
(cherry picked from commit a37483c1a364ef3cc1cfa29e7ad51ca108d75674)
|
||||||
|
---
|
||||||
|
src/libnma/nma-cert-chooser-button.c | 6 +++---
|
||||||
|
1 file changed, 3 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/libnma/nma-cert-chooser-button.c b/src/libnma/nma-cert-chooser-button.c
|
||||||
|
index c7089390..00651765 100644
|
||||||
|
--- a/src/libnma/nma-cert-chooser-button.c
|
||||||
|
+++ b/src/libnma/nma-cert-chooser-button.c
|
||||||
|
@@ -93,10 +93,10 @@ modules_initialized (GObject *object, GAsyncResult *res, gpointer user_data)
|
||||||
|
gchar *label;
|
||||||
|
|
||||||
|
modules = gck_modules_initialize_registered_finish (res, &error);
|
||||||
|
- if (!modules) {
|
||||||
|
+ if (error) {
|
||||||
|
/* The Front Fell Off. */
|
||||||
|
- g_critical ("Error getting registered modules: %s", error->message);
|
||||||
|
- g_error_free (error);
|
||||||
|
+ g_warning ("Error getting registered modules: %s", error->message);
|
||||||
|
+ g_clear_error (&error);
|
||||||
|
}
|
||||||
|
|
||||||
|
model = GTK_LIST_STORE (gtk_combo_box_get_model (GTK_COMBO_BOX (self)));
|
||||||
|
--
|
||||||
|
2.14.3
|
||||||
|
|
@ -5,7 +5,7 @@
|
|||||||
|
|
||||||
%global rpm_version 1.8.10
|
%global rpm_version 1.8.10
|
||||||
%global real_version 1.8.10
|
%global real_version 1.8.10
|
||||||
%global release_version 1
|
%global release_version 2
|
||||||
|
|
||||||
%global real_version_major %(printf '%s' '%{real_version}' | sed -n 's/^\\([1-9][0-9]*\\.[1-9][0-9]*\\)\\.[1-9][0-9]*$/\\1/p')
|
%global real_version_major %(printf '%s' '%{real_version}' | sed -n 's/^\\([1-9][0-9]*\\.[1-9][0-9]*\\)\\.[1-9][0-9]*$/\\1/p')
|
||||||
|
|
||||||
@ -18,7 +18,7 @@
|
|||||||
Name: network-manager-applet
|
Name: network-manager-applet
|
||||||
Summary: A network control and status applet for NetworkManager
|
Summary: A network control and status applet for NetworkManager
|
||||||
Version: %{rpm_version}
|
Version: %{rpm_version}
|
||||||
Release: %{release_version}%{?dist}.2
|
Release: %{release_version}%{?dist}
|
||||||
Group: Applications/System
|
Group: Applications/System
|
||||||
License: GPLv2+
|
License: GPLv2+
|
||||||
URL: http://www.gnome.org/projects/NetworkManager/
|
URL: http://www.gnome.org/projects/NetworkManager/
|
||||||
@ -26,6 +26,8 @@ Obsoletes: NetworkManager-gnome < %{obsoletes_ver}
|
|||||||
|
|
||||||
Source: https://download.gnome.org/sources/network-manager-applet/%{real_version_major}/%{name}-%{real_version}.tar.xz
|
Source: https://download.gnome.org/sources/network-manager-applet/%{real_version_major}/%{name}-%{real_version}.tar.xz
|
||||||
Patch1: 0001-nm-applet-no-notifications.patch
|
Patch1: 0001-nm-applet-no-notifications.patch
|
||||||
|
Patch2: 0002-fix-vpn-get-data-crash-rh1541565.patch
|
||||||
|
Patch3: 0003-fix-cert-chooser-for-no-modules-bgo785674.patch
|
||||||
|
|
||||||
Requires: NetworkManager >= %{nm_version}
|
Requires: NetworkManager >= %{nm_version}
|
||||||
Requires: libnotify >= 0.4.3
|
Requires: libnotify >= 0.4.3
|
||||||
@ -126,6 +128,8 @@ This package deprecates libnm-gtk.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q -n "%{name}-%{real_version}"
|
%setup -q -n "%{name}-%{real_version}"
|
||||||
%patch1 -p1
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%meson \
|
%meson \
|
||||||
@ -216,6 +220,10 @@ desktop-file-validate $RPM_BUILD_ROOT%{_datadir}/applications/nm-connection-edit
|
|||||||
|
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Sun Feb 4 2018 Thomas Haller <thaller@redhat.com> - 1.8.10-2
|
||||||
|
- fix double-free handling VPN data in nm-applet (rh #1541565)
|
||||||
|
- fix certificate chooser for no available modules (bgo #785674)
|
||||||
|
|
||||||
* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.10-1.2
|
* Sat Feb 03 2018 Igor Gnatenko <ignatenkobrain@fedoraproject.org> - 1.8.10-1.2
|
||||||
- Switch to %%ldconfig_scriptlets
|
- Switch to %%ldconfig_scriptlets
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user