pkttyagent: EOF in passwd results in coredump
Resolves: RHEL-5772
This commit is contained in:
parent
7e12765b29
commit
1aff4fbda8
66
pkttyagent-coredump-after-eof.patch
Normal file
66
pkttyagent-coredump-after-eof.patch
Normal file
@ -0,0 +1,66 @@
|
||||
commit 6c9c07981f7ac7e7dfde05fa8210ae4204d31139
|
||||
Author: Jan Rybar <jrybar@redhat.com>
|
||||
Date: Mon Mar 11 16:55:40 2024 +0100
|
||||
|
||||
pkttyagent: EOF in password causes coredump
|
||||
|
||||
diff --git a/src/polkitagent/polkitagenttextlistener.c b/src/polkitagent/polkitagenttextlistener.c
|
||||
index 99af1d1..2ce4098 100644
|
||||
--- a/src/polkitagent/polkitagenttextlistener.c
|
||||
+++ b/src/polkitagent/polkitagenttextlistener.c
|
||||
@@ -330,6 +330,7 @@ on_request (PolkitAgentSession *session,
|
||||
PolkitAgentTextListener *listener = POLKIT_AGENT_TEXT_LISTENER (user_data);
|
||||
struct termios ts, ots;
|
||||
GString *str;
|
||||
+ gint c;
|
||||
|
||||
fprintf (listener->tty, "%s", request);
|
||||
fflush (listener->tty);
|
||||
@@ -374,7 +375,6 @@ on_request (PolkitAgentSession *session,
|
||||
str = g_string_new (NULL);
|
||||
while (TRUE)
|
||||
{
|
||||
- gint c;
|
||||
c = getc (listener->tty);
|
||||
if (c == '\n')
|
||||
{
|
||||
@@ -384,8 +384,7 @@ on_request (PolkitAgentSession *session,
|
||||
else if (c == EOF)
|
||||
{
|
||||
tcsetattr (fileno (listener->tty), TCSAFLUSH, &ots);
|
||||
- g_error ("Got unexpected EOF while reading from controlling terminal.");
|
||||
- abort ();
|
||||
+ g_warning ("Got unexpected EOF while reading from controlling terminal.");
|
||||
break;
|
||||
}
|
||||
else
|
||||
@@ -397,7 +396,15 @@ on_request (PolkitAgentSession *session,
|
||||
g_signal_emit_by_name(listener, "tty_attrs_changed", FALSE);
|
||||
putc ('\n', listener->tty);
|
||||
|
||||
- polkit_agent_session_response (session, str->str);
|
||||
+ if (c == EOF)
|
||||
+ {
|
||||
+ polkit_agent_session_cancel (listener->active_session);
|
||||
+ }
|
||||
+ else
|
||||
+ {
|
||||
+ polkit_agent_session_response (session, str->str);
|
||||
+ }
|
||||
+
|
||||
memset (str->str, '\0', str->len);
|
||||
g_string_free (str, TRUE);
|
||||
}
|
||||
@@ -512,9 +519,9 @@ choose_identity (PolkitAgentTextListener *listener,
|
||||
}
|
||||
else if (c == EOF)
|
||||
{
|
||||
- g_error ("Got unexpected EOF while reading from controlling terminal.");
|
||||
- abort ();
|
||||
- break;
|
||||
+ g_warning ("Got unexpected EOF while reading from controlling terminal.");
|
||||
+ ret = NULL; /* let' be defensive */
|
||||
+ goto out;
|
||||
}
|
||||
else
|
||||
{
|
@ -22,7 +22,7 @@
|
||||
Summary: An authorization framework
|
||||
Name: polkit
|
||||
Version: 0.117
|
||||
Release: 11%{?dist}
|
||||
Release: 12%{?dist}
|
||||
License: LGPLv2+
|
||||
URL: http://www.freedesktop.org/wiki/Software/polkit
|
||||
Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz
|
||||
@ -33,6 +33,7 @@ Patch1002: CVE-2021-3560.patch
|
||||
Patch1003: CVE-2021-4034.patch
|
||||
Patch1004: CVE-2021-4115.patch
|
||||
Patch1005: tty-restore-flags-if-changed.patch
|
||||
Patch1006: pkttyagent-coredump-after-eof.patch
|
||||
|
||||
%if 0%{?bundled_mozjs}
|
||||
Source2: https://ftp.mozilla.org/pub/firefox/releases/%{mozjs_version}esr/source/firefox-%{mozjs_version}esr.source.tar.xz
|
||||
@ -181,6 +182,7 @@ Libraries files for polkit.
|
||||
%patch1003 -p1
|
||||
%patch1004 -p1
|
||||
%patch1005 -p1
|
||||
%patch1006 -p1
|
||||
|
||||
%if 0%{?bundled_mozjs}
|
||||
# Extract mozjs archive
|
||||
@ -387,6 +389,10 @@ exit 0
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Mar 18 2024 Jan Rybar <jrybar@redhat.com> - 0.117-12
|
||||
- pkttyagent: EOF in passwd results in coredump
|
||||
- Resolves: RHEL-5772
|
||||
|
||||
* Fri Dec 02 2022 Jan Rybar <jrybar@redhat.com> - 0.117-11
|
||||
- backport: restore tty only if changed
|
||||
- Resolves: rhbz#2150310
|
||||
|
Loading…
Reference in New Issue
Block a user