packages/avahi
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2023-1981

Browse Source
This commit is contained in:
zhouwenpei 2023-04-12 08:48:16 +00:00
parent d6eb857c99
commit 6c8cebfa10
2 changed files with 58 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
avahi.spec
View File

@ -3,7 +3,7 @@
Name: avahi Name: avahi
Version: 0.8 Version: 0.8
Release: 15 Release: 16
Summary: Avahi is a local network service discovery Summary: Avahi is a local network service discovery
License: LGPLv2+ License: LGPLv2+
URL: http://avahi.org URL: http://avahi.org
@ -19,6 +19,7 @@ Patch5: 0005-avahi_dns_packet_consume_uint32-fix-potential-undefi.patc
Patch6001: backport-CVE-2021-3468.patch Patch6001: backport-CVE-2021-3468.patch
Patch6002: backport-CVE-2021-36217.patch Patch6002: backport-CVE-2021-36217.patch
Patch6023: backport-CVE-2023-1981.patch
BuildRequires: gcc automake libtool desktop-file-utils gtk2-devel glib2-devel gcc-c++ BuildRequires: gcc automake libtool desktop-file-utils gtk2-devel glib2-devel gcc-c++
BuildRequires: libcap-devel expat-devel gdbm-devel make BuildRequires: libcap-devel expat-devel gdbm-devel make
@ -578,6 +579,9 @@ fi
%{_mandir}/man8/* %{_mandir}/man8/*
%changelog %changelog
* Wed Apr 12 2023 zhouwenpei <zhouwenpei1@h-partners.com> - 0.8-16
- fix CVE-2023-1981
* Mon Mar 27 2023 zhangpan <zhangpan103@h-partners.com> - 0.8-15 * Mon Mar 27 2023 zhangpan <zhangpan103@h-partners.com> - 0.8-15
- add build_cross to avoid install packages and files in self-build - add build_cross to avoid install packages and files in self-build

53
backport-CVE-2023-1981.patch Normal file
View File

@ -0,0 +1,53 @@
From a2696da2f2c50ac43b6c4903f72290d5c3fa9f6f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Petr=20Men=C5=A1=C3=ADk?= <pemensik@redhat.com>
Date: Thu, 17 Nov 2022 01:51:53 +0100
Subject: [PATCH] Emit error if requested service is not found
It currently just crashes instead of replying with error. Check return
value and emit error instead of passing NULL pointer to reply.
Fixes #375
---
avahi-daemon/dbus-protocol.c | 20 ++++++++++++++------
1 file changed, 14 insertions(+), 6 deletions(-)
diff --git a/avahi-daemon/dbus-protocol.c b/avahi-daemon/dbus-protocol.c
index 70d7687bc..406d0b441 100644
--- a/avahi-daemon/dbus-protocol.c
+++ b/avahi-daemon/dbus-protocol.c
@@ -375,10 +375,14 @@ static DBusHandlerResult dbus_get_alternative_host_name(DBusConnection *c, DBusM
}
t = avahi_alternative_host_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Hostname not found");
+ }
}
static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DBusMessage *m, DBusError *error) {
@@ -389,10 +393,14 @@ static DBusHandlerResult dbus_get_alternative_service_name(DBusConnection *c, DB
}
t = avahi_alternative_service_name(n);
- avahi_dbus_respond_string(c, m, t);
- avahi_free(t);
+ if (t) {
+ avahi_dbus_respond_string(c, m, t);
+ avahi_free(t);
- return DBUS_HANDLER_RESULT_HANDLED;
+ return DBUS_HANDLER_RESULT_HANDLED;
+ } else {
+ return avahi_dbus_respond_error(c, m, AVAHI_ERR_NOT_FOUND, "Service not found");
+ }
}
static DBusHandlerResult dbus_create_new_entry_group(DBusConnection *c, DBusMessage *m, DBusError *error) {