pkttyagent: EOF in passwd results in coredump
Resolves: RHEL-5772
This commit is contained in:
parent
7e12765b29
commit
1aff4fbda8
66
pkttyagent-coredump-after-eof.patch
Normal file
66
pkttyagent-coredump-after-eof.patch
Normal file
@ -0,0 +1,66 @@
|
|||||||
|
commit 6c9c07981f7ac7e7dfde05fa8210ae4204d31139
|
||||||
|
Author: Jan Rybar <jrybar@redhat.com>
|
||||||
|
Date: Mon Mar 11 16:55:40 2024 +0100
|
||||||
|
|
||||||
|
pkttyagent: EOF in password causes coredump
|
||||||
|
|
||||||
|
diff --git a/src/polkitagent/polkitagenttextlistener.c b/src/polkitagent/polkitagenttextlistener.c
|
||||||
|
index 99af1d1..2ce4098 100644
|
||||||
|
--- a/src/polkitagent/polkitagenttextlistener.c
|
||||||
|
+++ b/src/polkitagent/polkitagenttextlistener.c
|
||||||
|
@@ -330,6 +330,7 @@ on_request (PolkitAgentSession *session,
|
||||||
|
PolkitAgentTextListener *listener = POLKIT_AGENT_TEXT_LISTENER (user_data);
|
||||||
|
struct termios ts, ots;
|
||||||
|
GString *str;
|
||||||
|
+ gint c;
|
||||||
|
|
||||||
|
fprintf (listener->tty, "%s", request);
|
||||||
|
fflush (listener->tty);
|
||||||
|
@@ -374,7 +375,6 @@ on_request (PolkitAgentSession *session,
|
||||||
|
str = g_string_new (NULL);
|
||||||
|
while (TRUE)
|
||||||
|
{
|
||||||
|
- gint c;
|
||||||
|
c = getc (listener->tty);
|
||||||
|
if (c == '\n')
|
||||||
|
{
|
||||||
|
@@ -384,8 +384,7 @@ on_request (PolkitAgentSession *session,
|
||||||
|
else if (c == EOF)
|
||||||
|
{
|
||||||
|
tcsetattr (fileno (listener->tty), TCSAFLUSH, &ots);
|
||||||
|
- g_error ("Got unexpected EOF while reading from controlling terminal.");
|
||||||
|
- abort ();
|
||||||
|
+ g_warning ("Got unexpected EOF while reading from controlling terminal.");
|
||||||
|
break;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
@@ -397,7 +396,15 @@ on_request (PolkitAgentSession *session,
|
||||||
|
g_signal_emit_by_name(listener, "tty_attrs_changed", FALSE);
|
||||||
|
putc ('\n', listener->tty);
|
||||||
|
|
||||||
|
- polkit_agent_session_response (session, str->str);
|
||||||
|
+ if (c == EOF)
|
||||||
|
+ {
|
||||||
|
+ polkit_agent_session_cancel (listener->active_session);
|
||||||
|
+ }
|
||||||
|
+ else
|
||||||
|
+ {
|
||||||
|
+ polkit_agent_session_response (session, str->str);
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
memset (str->str, '\0', str->len);
|
||||||
|
g_string_free (str, TRUE);
|
||||||
|
}
|
||||||
|
@@ -512,9 +519,9 @@ choose_identity (PolkitAgentTextListener *listener,
|
||||||
|
}
|
||||||
|
else if (c == EOF)
|
||||||
|
{
|
||||||
|
- g_error ("Got unexpected EOF while reading from controlling terminal.");
|
||||||
|
- abort ();
|
||||||
|
- break;
|
||||||
|
+ g_warning ("Got unexpected EOF while reading from controlling terminal.");
|
||||||
|
+ ret = NULL; /* let' be defensive */
|
||||||
|
+ goto out;
|
||||||
|
}
|
||||||
|
else
|
||||||
|
{
|
@ -22,7 +22,7 @@
|
|||||||
Summary: An authorization framework
|
Summary: An authorization framework
|
||||||
Name: polkit
|
Name: polkit
|
||||||
Version: 0.117
|
Version: 0.117
|
||||||
Release: 11%{?dist}
|
Release: 12%{?dist}
|
||||||
License: LGPLv2+
|
License: LGPLv2+
|
||||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||||
@ -33,6 +33,7 @@ Patch1002: CVE-2021-3560.patch
|
|||||||
Patch1003: CVE-2021-4034.patch
|
Patch1003: CVE-2021-4034.patch
|
||||||
Patch1004: CVE-2021-4115.patch
|
Patch1004: CVE-2021-4115.patch
|
||||||
Patch1005: tty-restore-flags-if-changed.patch
|
Patch1005: tty-restore-flags-if-changed.patch
|
||||||
|
Patch1006: pkttyagent-coredump-after-eof.patch
|
||||||
|
|
||||||
%if 0%{?bundled_mozjs}
|
%if 0%{?bundled_mozjs}
|
||||||
Source2: https://ftp.mozilla.org/pub/firefox/releases/%{mozjs_version}esr/source/firefox-%{mozjs_version}esr.source.tar.xz
|
Source2: https://ftp.mozilla.org/pub/firefox/releases/%{mozjs_version}esr/source/firefox-%{mozjs_version}esr.source.tar.xz
|
||||||
@ -181,6 +182,7 @@ Libraries files for polkit.
|
|||||||
%patch1003 -p1
|
%patch1003 -p1
|
||||||
%patch1004 -p1
|
%patch1004 -p1
|
||||||
%patch1005 -p1
|
%patch1005 -p1
|
||||||
|
%patch1006 -p1
|
||||||
|
|
||||||
%if 0%{?bundled_mozjs}
|
%if 0%{?bundled_mozjs}
|
||||||
# Extract mozjs archive
|
# Extract mozjs archive
|
||||||
@ -387,6 +389,10 @@ exit 0
|
|||||||
%endif
|
%endif
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Mar 18 2024 Jan Rybar <jrybar@redhat.com> - 0.117-12
|
||||||
|
- pkttyagent: EOF in passwd results in coredump
|
||||||
|
- Resolves: RHEL-5772
|
||||||
|
|
||||||
* Fri Dec 02 2022 Jan Rybar <jrybar@redhat.com> - 0.117-11
|
* Fri Dec 02 2022 Jan Rybar <jrybar@redhat.com> - 0.117-11
|
||||||
- backport: restore tty only if changed
|
- backport: restore tty only if changed
|
||||||
- Resolves: rhbz#2150310
|
- Resolves: rhbz#2150310
|
||||||
|
Loading…
Reference in New Issue
Block a user