packages: dbus/dbus.spec, dbus/dbus-bug-22316.patch (NEW) - rel 2; patch ne...
arekm
arekm at pld-linux.org
Thu Jun 18 20:23:52 CEST 2009
Author: arekm Date: Thu Jun 18 18:23:52 2009 GMT
Module: packages Tag: HEAD
---- Log message:
- rel 2; patch needed by upstart
---- Files affected:
packages/dbus:
dbus.spec (1.188 -> 1.189) , dbus-bug-22316.patch (NONE -> 1.1) (NEW)
---- Diffs:
================================================================
Index: packages/dbus/dbus.spec
diff -u packages/dbus/dbus.spec:1.188 packages/dbus/dbus.spec:1.189
--- packages/dbus/dbus.spec:1.188 Tue May 12 19:11:09 2009
+++ packages/dbus/dbus.spec Thu Jun 18 20:23:47 2009
@@ -8,7 +8,7 @@
Summary(pl.UTF-8): Magistrala przesyłania komunikatów D-BUS
Name: dbus
Version: 1.2.14
-Release: 1
+Release: 2
License: AFL v2.1 or GPL v2
Group: Libraries
Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz
@@ -21,6 +21,7 @@
Patch1: %{name}-config.patch
Patch2: %{name}-no_fatal_checks.patch
Patch3: %{name}-allow-introspection.patch
+Patch4: %{name}-bug-22316.patch
URL: http://www.freedesktop.org/Software/dbus
BuildRequires: audit-libs-devel
BuildRequires: autoconf >= 2.52
@@ -118,6 +119,7 @@
%patch1 -p1
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
%{__libtoolize}
@@ -258,6 +260,9 @@
All persons listed below can be reached at <cvs_login>@pld-linux.org
$Log$
+Revision 1.189 2009/06/18 18:23:47 arekm
+- rel 2; patch needed by upstart
+
Revision 1.188 2009/05/12 17:11:09 megabajt
- updated to 1.2.14 [fixes CVE-2009-1189]
================================================================
Index: packages/dbus/dbus-bug-22316.patch
diff -u /dev/null packages/dbus/dbus-bug-22316.patch:1.1
--- /dev/null Thu Jun 18 20:23:52 2009
+++ packages/dbus/dbus-bug-22316.patch Thu Jun 18 20:23:47 2009
@@ -0,0 +1,148 @@
+From 1351de749ab46d276db3de94beea07b1c66c9b6e Mon Sep 17 00:00:00 2001
+From: Scott James Remnant <scott at ubuntu.com>
+Date: Tue, 16 Jun 2009 16:47:32 +0100
+Subject: [PATCH] bfo22316 - add dbus_message_iter_abandon_container()
+
+It's not currently possible to abandon creation of a container without
+either hitting asserts or leaking memory. This new function allows
+that.
+
+Signed-off-by: Scott James Remnant <scott at ubuntu.com>
+---
+ dbus/dbus-message.c | 55 +++++++++++++++++++++++++++++++++++++++++++++++++++
+ dbus/dbus-message.h | 2 +
+ 2 files changed, 57 insertions(+), 0 deletions(-)
+
+diff --git a/dbus/dbus-message.c b/dbus/dbus-message.c
+index edae425..30b5d6c 100644
+--- a/dbus/dbus-message.c
++++ b/dbus/dbus-message.c
+@@ -2200,6 +2200,35 @@ _dbus_message_iter_close_signature (DBusMessageRealIter *real)
+ return retval;
+ }
+
++/**
++ * Frees the signature string and marks the iterator as not having a
++ * type_str anymore. Since the new signature is not set, the message
++ * will generally be hosed after this is called.
++ *
++ * @param real an iterator without a type_str
++ */
++static void
++_dbus_message_iter_abandon_signature (DBusMessageRealIter *real)
++{
++ DBusString *str;
++
++ _dbus_assert (real->iter_type == DBUS_MESSAGE_ITER_TYPE_WRITER);
++ _dbus_assert (real->u.writer.type_str != NULL);
++ _dbus_assert (real->sig_refcount > 0);
++
++ real->sig_refcount -= 1;
++
++ if (real->sig_refcount > 0)
++ return;
++ _dbus_assert (real->sig_refcount == 0);
++
++ str = real->u.writer.type_str;
++
++ _dbus_type_writer_remove_types (&real->u.writer);
++ _dbus_string_free (str);
++ dbus_free (str);
++}
++
+ #ifndef DBUS_DISABLE_CHECKS
+ static dbus_bool_t
+ _dbus_message_iter_append_check (DBusMessageRealIter *iter)
+@@ -2428,6 +2457,32 @@ dbus_message_iter_close_container (DBusMessageIter *iter,
+ }
+
+ /**
++ * Abandons creation of a contained-typed value and frees resources created
++ * by dbus_message_iter_open_container(). Once this returns, the message
++ * is hosed and you have to start over building the whole message.
++ *
++ * This should only be used to abandon creation of a message when you have
++ * open containers.
++ *
++ * @param iter the append iterator
++ * @param sub sub-iterator to close
++ */
++void
++dbus_message_iter_abandon_container (DBusMessageIter *iter,
++ DBusMessageIter *sub)
++{
++ DBusMessageRealIter *real = (DBusMessageRealIter *)iter;
++ DBusMessageRealIter *real_sub = (DBusMessageRealIter *)sub;
++
++ _dbus_return_if_fail (_dbus_message_iter_append_check (real));
++ _dbus_return_if_fail (real->iter_type == DBUS_MESSAGE_ITER_TYPE_WRITER);
++ _dbus_return_if_fail (_dbus_message_iter_append_check (real_sub));
++ _dbus_return_if_fail (real_sub->iter_type == DBUS_MESSAGE_ITER_TYPE_WRITER);
++
++ _dbus_message_iter_abandon_signature (real);
++}
++
++/**
+ * Sets a flag indicating that the message does not want a reply; if
+ * this flag is set, the other end of the connection may (but is not
+ * required to) optimize by not sending method return or error
+diff --git a/dbus/dbus-message.h b/dbus/dbus-message.h
+index 2e29fef..49c7e72 100644
+--- a/dbus/dbus-message.h
++++ b/dbus/dbus-message.h
+@@ -197,6 +197,8 @@ dbus_bool_t dbus_message_iter_open_container (DBusMessageIter *iter,
+ DBusMessageIter *sub);
+ dbus_bool_t dbus_message_iter_close_container (DBusMessageIter *iter,
+ DBusMessageIter *sub);
++void dbus_message_iter_abandon_container (DBusMessageIter *iter,
++ DBusMessageIter *sub);
+
+ void dbus_message_lock (DBusMessage *message);
+
+--
+1.6.0.5
+
+From da88126b7bfc3abfc77f8b18dda97517e4d6e014 Mon Sep 17 00:00:00 2001
+From: Scott James Remnant <scott at ubuntu.com>
+Date: Tue, 16 Jun 2009 17:03:23 +0100
+Subject: [PATCH] dbus_message_append_args_valist - abandon container
+
+In case of OOM when constructing an array, we should abandon the
+container to free the resources.
+
+Signed-off-by: Scott James Remnant <scott at ubuntu.com>
+---
+ dbus/dbus-message.c | 8 ++++++--
+ 1 files changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/dbus/dbus-message.c b/dbus/dbus-message.c
+index 30b5d6c..98c284e 100644
+--- a/dbus/dbus-message.c
++++ b/dbus/dbus-message.c
+@@ -1567,8 +1567,10 @@ dbus_message_append_args_valist (DBusMessage *message,
+ if (!dbus_message_iter_append_fixed_array (&array,
+ element_type,
+ value,
+- n_elements))
++ n_elements)) {
++ dbus_message_iter_abandon_container (&iter, &array);
+ goto failed;
++ }
+ }
+ else if (element_type == DBUS_TYPE_STRING ||
+ element_type == DBUS_TYPE_SIGNATURE ||
+@@ -1589,8 +1591,10 @@ dbus_message_append_args_valist (DBusMessage *message,
+ {
+ if (!dbus_message_iter_append_basic (&array,
+ element_type,
+- &value[i]))
++ &value[i])) {
++ dbus_message_iter_abandon_container (&iter, &array);
+ goto failed;
++ }
+ ++i;
+ }
+ }
+--
+1.6.0.5
+
================================================================
---- CVS-web:
http://cvs.pld-linux.org/cgi-bin/cvsweb.cgi/packages/dbus/dbus.spec?r1=1.188&r2=1.189&f=u
More information about the pld-cvs-commit
mailing list