fix DoS issue introduced by previous fix

Resolves: CVE-2026-4897

cve-2026-4897-getline-overflow.patch

@@ -8,8 +8,8 @@ Pavel Kohout, Aisle Research
 
 Signed-off-by: Jan Rybar jrybar@redhat.com
 ---
- src/polkitagent/polkitagenthelperprivate.c | 23 +++++++++++++---------
- 1 file changed, 14 insertions(+), 9 deletions(-)
+ src/polkitagent/polkitagenthelperprivate.c | 20 +++++++++---------
+ 1 file changed, 11 insertions(+), 9 deletions(-)
 
 diff --git a/src/polkitagent/polkitagenthelperprivate.c b/src/polkitagent/polkitagenthelperprivate.c
 index 35bca85..7e4f94e 100644
@@ -23,7 +23,7 @@ index 35bca85..7e4f94e 100644
  #include <unistd.h>
  
  #ifndef HAVE_CLEARENV
-@@ -59,21 +60,25 @@ read_cookie (int argc, char **argv)
+@@ -59,21 +60,22 @@ read_cookie (int argc, char **argv)
      return strdup (argv[2]);
    else
      {
@@ -46,10 +46,7 @@ index 35bca85..7e4f94e 100644
          {
 -          g_strchomp (ret);
 -          return ret;
-+          /* Cookie too long - drain remaining input and reject */
-+          int c;
-+          while ((c = getchar ()) != '\n' && c != EOF)
-+            ;
++          /* Cookie too long - reject */
 +          errno = EOVERFLOW;
 +          return NULL;
          }

polkit.spec

@@ -4,7 +4,7 @@
 Summary: An authorization framework
 Name: polkit
 Version: 125
-Release: 5%{?dist}
+Release: 6%{?dist}
 License: LGPL-2.0-or-later
 URL: https://github.com/polkit-org/polkit
 Source0: https://github.com/polkit-org/polkit/archive/refs/tags/%{version}.tar.gz
@@ -165,6 +165,10 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.la
 %{_libdir}/girepository-1.0/*.typelib
 
 %changelog
+* Wed May 13 2026 Jan Rybar <jrybar@redhat.com> - 125-6
+- fix DoS issue introduced by previous fix
+- Resolves: CVE-2026-4897
+
 * Tue May 12 2026 Jan Rybar <jrybar@redhat.com> - 125-5
 - CVE-2026-4897: getline() string overflow via unsanitized input
 - Resolves: CVE-2026-4897