packages/glib2
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

fix CVE-2024-34397

Browse Source 
(cherry picked from commit c9741486390023784544eb93ef315ecf56ac9be3)
This commit is contained in:
hanhuihui 2024-06-18 09:41:11 +00:00 committed by openeuler-sync-bot
parent 9323a51c1c
commit 3da57299a2
3 changed files with 3310 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

3243
backport-CVE-2024-34397.patch Normal file
View File

File diff suppressed because it is too large Load Diff

59
backport-gdbusconnection-Allow-name-owners-to-have-the-syntax-of-a-well-known-name.patch Normal file
View File

@ -0,0 +1,59 @@
From c1ddca0955619cab194be2b22915c562e94f8852 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Wed, 8 May 2024 14:46:08 +0000
Subject: [PATCH] gdbusconnection: Allow name owners to have the syntax of a
well-known name
In a D-Bus-Specification-compliant message bus, the owner of a well-known
name is a unique name. However, ibus has its own small implementation
of a message bus (src/ibusbus.c) in which org.freedesktop.IBus is
special-cased to also have itself as its owner (like org.freedesktop.DBus
on a standard message bus), and connects to that bus with the
G_DBUS_CONNECTION_FLAGS_MESSAGE_BUS_CONNECTION flag. The ability to do
this regressed when CVE-2024-34397 was fixed.
Relax the checks to allow the owner of a well-known name to be any valid
D-Bus name, even if it is not syntactically a unique name.
Fixes: 683b14b9 "gdbus: Track name owners for signal subscriptions"
Resolves: https://gitlab.gnome.org/GNOME/glib/-/issues/3353
Bug-Debian: https://bugs.debian.org/1070730
Bug-Debian: https://bugs.debian.org/1070736
Bug-Debian: https://bugs.debian.org/1070743
Bug-Debian: https://bugs.debian.org/1070745
Signed-off-by: Simon McVittie <smcv@debian.org>
---
gio/gdbusconnection.c | 10 ++++++++--
1 file changed, 8 insertions(+), 2 deletions(-)
diff --git a/gio/gdbusconnection.c b/gio/gdbusconnection.c
index 782caff0aa..bd0cd1b0eb 100644
--- a/gio/gdbusconnection.c
+++ b/gio/gdbusconnection.c
@@ -2402,7 +2402,10 @@ name_watcher_deliver_name_owner_changed_unlocked (SignalData *name_watcher,
/* Our caller already checked this */
g_assert (g_strcmp0 (name_watcher->arg0, name) == 0);
- if (G_LIKELY (new_owner[0] == '\0' || g_dbus_is_unique_name (new_owner)))
+ /* FIXME: This should be validating that `new_owner` is a unique name,
+ * but IBus implementation of a message bus is not compliant with the spec.
+ * See https://gitlab.gnome.org/GNOME/glib/-/issues/3353 */
+ if (G_LIKELY (new_owner[0] == '\0' || g_dbus_is_name (new_owner)))
name_watcher_set_name_owner_unlocked (name_watcher, new_owner);
else
g_warning ("Received NameOwnerChanged signal with invalid owner \"%s\" for \"%s\"",
@@ -2454,7 +2457,10 @@ name_watcher_deliver_get_name_owner_reply_unlocked (SignalData *name_watcher,
g_variant_get (body, "(&s)", &new_owner);
- if (G_LIKELY (g_dbus_is_unique_name (new_owner)))
+ /* FIXME: This should be validating that `new_owner` is a unique name,
+ * but IBus implementation of a message bus is not compliant with the spec.
+ * See https://gitlab.gnome.org/GNOME/glib/-/issues/3353 */
+ if (G_LIKELY (g_dbus_is_name (new_owner)))
name_watcher_set_name_owner_unlocked (name_watcher, new_owner);
else
g_warning ("Received GetNameOwner reply with invalid owner \"%s\" for \"%s\"",
--
GitLab

9
glib2.spec
View File

@ -1,6 +1,6 @@
Name: glib2 Name: glib2
Version: 2.78.3 Version: 2.78.3
Release: 1 Release: 2
Summary: The core library that forms the basis for projects such as GTK+ and GNOME Summary: The core library that forms the basis for projects such as GTK+ and GNOME
License: LGPLv2+ License: LGPLv2+
URL: https://www.gtk.org URL: https://www.gtk.org
@ -10,6 +10,10 @@ Patch1: gspawn-eperm.patch
Patch2: backport-gmessages-fix-dropping-irrelevant-log-domains.patch Patch2: backport-gmessages-fix-dropping-irrelevant-log-domains.patch
Patch3: backport-gutils-Fix-an-unlikely-minor-leak-in-g_build_user_data_dir.patch Patch3: backport-gutils-Fix-an-unlikely-minor-leak-in-g_build_user_data_dir.patch
Patch6001: backport-CVE-2024-34397.patch
Patch6002: backport-gdbusconnection-Allow-name-owners-to-have-the-syntax-of-a-well-known-name.patch
BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter BuildRequires: chrpath gcc gcc-c++ gettext perl-interpreter
BUildRequires: glibc-devel libattr-devel libselinux-devel meson BUildRequires: glibc-devel libattr-devel libselinux-devel meson
BuildRequires: systemtap-sdt-devel pkgconfig(libelf) pkgconfig(libffi) BuildRequires: systemtap-sdt-devel pkgconfig(libelf) pkgconfig(libffi)
@ -193,6 +197,9 @@ glib-compile-schemas %{_datadir}/glib-2.0/schemas &> /dev/null || :
%endif %endif
%changelog %changelog
* Tue Jun 18 2024 hanhuihui <hanhuihui5@huawei.com> - 2.78.3-2
- fix CVE-2024-34397
* Mon Feb 5 2024 hanhuihui <hanhuihui5@huawei.com> - 2.78.3-1 * Mon Feb 5 2024 hanhuihui <hanhuihui5@huawei.com> - 2.78.3-1
- Update to 2.78.3 - Update to 2.78.3