From 4635612dc9146c2b88de4624fb70feee482c611a Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Franti=C5=A1ek=20Zatloukal?= Date: Mon, 21 Feb 2022 00:33:22 +0100 Subject: [PATCH] switch to mozjs91 --- 92.patch | 103 ++++++++++++++++++++++++++++++++++++++++++++++++++++ polkit.spec | 9 ++++- 2 files changed, 110 insertions(+), 2 deletions(-) create mode 100644 92.patch diff --git a/92.patch b/92.patch new file mode 100644 index 0000000..5fc86d9 --- /dev/null +++ b/92.patch @@ -0,0 +1,103 @@ +From 4910132853ad68dbe8f4e7710dd098120d1b9b95 Mon Sep 17 00:00:00 2001 +From: Xi Ruoyao +Date: Tue, 25 Jan 2022 19:19:30 +0800 +Subject: [PATCH 1/3] jsauthority: ensure to call JS_Init() and JS_ShutDown() + exactly once + +Before this commit, we were calling JS_Init() in +polkit_backend_js_authority_class_init and never called JS_ShutDown. +This is actually a misusage of SpiderMonkey API. Quote from a comment +in js/Initialization.h (both mozjs-78 and mozjs-91): + + It is currently not possible to initialize SpiderMonkey multiple + times (that is, calling JS_Init/JSAPI methods/JS_ShutDown in that + order, then doing so again). + +This misusage does not cause severe issues with mozjs-78. However, when +we eventually port jsauthority to use mozjs-91, bad thing will happen: +see the test failure mentioned in #150. + +This commit is tested with both mozjs-78 and mozjs-91, all tests pass +with it. +--- + src/polkitbackend/polkitbackendjsauthority.cpp | 9 +++++++-- + 1 file changed, 7 insertions(+), 2 deletions(-) + +diff --git a/src/polkitbackend/polkitbackendjsauthority.cpp b/src/polkitbackend/polkitbackendjsauthority.cpp +index ca17108..b22c34e 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.cpp ++++ b/src/polkitbackend/polkitbackendjsauthority.cpp +@@ -75,6 +75,13 @@ + + /* ---------------------------------------------------------------------------------------------------- */ + ++static class JsInitHelperType ++{ ++public: ++ JsInitHelperType() { JS_Init(); } ++ ~JsInitHelperType() { JS_ShutDown(); } ++} JsInitHelper; ++ + struct _PolkitBackendJsAuthorityPrivate + { + gchar **rules_dirs; +@@ -589,7 +596,6 @@ polkit_backend_js_authority_finalize (GObject *object) + delete authority->priv->js_polkit; + + JS_DestroyContext (authority->priv->cx); +- /* JS_ShutDown (); */ + + G_OBJECT_CLASS (polkit_backend_js_authority_parent_class)->finalize (object); + } +@@ -666,7 +672,6 @@ polkit_backend_js_authority_class_init (PolkitBackendJsAuthorityClass *klass) + + g_type_class_add_private (klass, sizeof (PolkitBackendJsAuthorityPrivate)); + +- JS_Init (); + } + + /* ---------------------------------------------------------------------------------------------------- */ +-- +GitLab + + +From 2b5f49a4e4266d2c327ef55e6df121511e23236b Mon Sep 17 00:00:00 2001 +From: Xi Ruoyao +Date: Tue, 25 Jan 2022 19:20:58 +0800 +Subject: [PATCH 2/3] jsauthority: port to mozjs-91 + +--- + configure.ac | 2 +- + meson.build | 2 +- + 2 files changed, 2 insertions(+), 2 deletions(-) + +diff --git a/configure.ac b/configure.ac +index e434ca2..6783ee7 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -80,7 +80,7 @@ PKG_CHECK_MODULES(GLIB, [gmodule-2.0 gio-unix-2.0 >= 2.30.0]) + AC_SUBST(GLIB_CFLAGS) + AC_SUBST(GLIB_LIBS) + +-PKG_CHECK_MODULES(LIBJS, [mozjs-78]) ++PKG_CHECK_MODULES(LIBJS, [mozjs-91]) + + AC_SUBST(LIBJS_CFLAGS) + AC_SUBST(LIBJS_CXXFLAGS) +-- +diff --git a/meson.build b/meson.build +index 858078d..09cce0f 100644 +--- a/meson.build ++++ b/meson.build +@@ -133,7 +133,7 @@ expat_dep = dependency('expat') + assert(cc.has_header('expat.h', dependencies: expat_dep), 'Can\'t find expat.h. Please install expat.') + assert(cc.has_function('XML_ParserCreate', dependencies: expat_dep), 'Can\'t find expat library. Please install expat.') + +-mozjs_dep = dependency('mozjs-78') ++mozjs_dep = dependency('mozjs-91') + + dbus_dep = dependency('dbus-1', required: false) + dbus_policydir = pk_prefix / pk_datadir / 'dbus-1/system.d' +-- +GitLab + diff --git a/polkit.spec b/polkit.spec index efad367..2c1786d 100644 --- a/polkit.spec +++ b/polkit.spec @@ -6,7 +6,7 @@ Summary: An authorization framework Name: polkit Version: 0.120 -Release: 4%{?dist} +Release: 5%{?dist} License: LGPLv2+ URL: http://www.freedesktop.org/wiki/Software/polkit Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz @@ -14,6 +14,8 @@ Source1: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}. Patch1: a2bf5c9c83b6ae46cbd5c779d3055bff81ded683.patch Patch2: CVE-2021-4115.patch +# https://gitlab.freedesktop.org/polkit/polkit/-/merge_requests/92 +Patch3: 92.patch BuildRequires: gcc-c++ BuildRequires: glib2-devel >= 2.30.0 @@ -23,7 +25,7 @@ BuildRequires: gtk-doc BuildRequires: intltool BuildRequires: gobject-introspection-devel BuildRequires: systemd, systemd-devel -BuildRequires: pkgconfig(mozjs-78) +BuildRequires: pkgconfig(mozjs-91) BuildRequires: git %if 0%{?enable_autoreconf} @@ -177,6 +179,9 @@ exit 0 %{_libdir}/girepository-1.0/*.typelib %changelog +* Sun Feb 20 2022 Frantisek Zatloukal - 0.120-5 +- switch to mozjs91 + * Wed Feb 16 2022 Jan Rybar - 0.120-4 - file descriptor exhaustion (GHSL-2021-077) - Resolves: CVE-2021-4115