packages/krb5
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

Do not reload a modified profile data object

Browse Source
This commit is contained in:
yanshuai01 2024-04-30 15:57:27 +08:00
parent 86362d91f8
commit 3807a66d70
2 changed files with 56 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

51
Do-not-reload-a-modified-profile-data-object.patch Normal file
View File

@ -0,0 +1,51 @@
From 9b2fb80ad24006784170875709a04dc79e03b401 Mon Sep 17 00:00:00 2001
From: Greg Hudson <ghudson@mit.edu>
Date: Tue, 16 Apr 2024 02:14:29 -0400
Subject: [PATCH] Do not reload a modified profile data object
The profile library normally attempts to reload a profile data tree if
the backing file has changed. Reloading a dirty profile object
discards any modifications made by the caller. If we assume that the
modifications are destined to be flushed back out to the backing file,
then there is no good answer--one or the other set of changes will be
lost. But the caller may have a different intended use for the
modified tree (profile_flush_to_file(), profile_flush_to_buffer(),
krb5_init_context_profile()), for which the caller's modifications may
be critical. Avoid discarding in-memory edits to ensure the
correctness of these use cases.
ticket: 9118
---
src/util/profile/prof_file.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/util/profile/prof_file.c b/src/util/profile/prof_file.c
index 79f9500..c051f14 100644
--- a/src/util/profile/prof_file.c
+++ b/src/util/profile/prof_file.c
@@ -274,8 +274,13 @@ errcode_t profile_update_file_data_locked(prf_data_t data, char **ret_modspec)
FILE *f;
int isdir = 0;
+ /* Don't reload if the backing file isn't a regular file. */
if ((data->flags & PROFILE_FILE_NO_RELOAD) && data->root != NULL)
return 0;
+ /* Don't reload a modified data object, as the modifications may be
+ * important for this object's use. */
+ if (data->flags & PROFILE_FILE_DIRTY)
+ return 0;
#ifdef HAVE_STAT
now = time(0);
@@ -331,7 +336,6 @@ errcode_t profile_update_file_data_locked(prf_data_t data, char **ret_modspec)
}
data->upd_serial++;
- data->flags &= ~PROFILE_FILE_DIRTY;
if (isdir) {
retval = profile_process_directory(data->filespec, &data->root);
--
2.27.0

6
krb5.spec
View File

@ -3,7 +3,7 @@
Name: krb5 Name: krb5
Version: 1.21.2 Version: 1.21.2
Release: 1 Release: 2
Summary: The Kerberos network authentication protocol Summary: The Kerberos network authentication protocol
License: MIT License: MIT
URL: http://web.mit.edu/kerberos/www/ URL: http://web.mit.edu/kerberos/www/
@ -27,6 +27,7 @@ Patch3: netlib-and-dns.patch
Patch4: fix-debuginfo-with-y.tab.c.patch Patch4: fix-debuginfo-with-y.tab.c.patch
Patch5: Remove-3des-support.patch Patch5: Remove-3des-support.patch
Patch6: Fix-krb5_cccol_have_content-bad-pointer-free.patch Patch6: Fix-krb5_cccol_have_content-bad-pointer-free.patch
Patch7: Do-not-reload-a-modified-profile-data-object.patch
BuildRequires: gettext BuildRequires: gettext
BuildRequires: gcc make automake autoconf pkgconfig pam-devel libselinux-devel byacc BuildRequires: gcc make automake autoconf pkgconfig pam-devel libselinux-devel byacc
@ -325,6 +326,9 @@ make -C src check || :
%{_mandir}/man8/* %{_mandir}/man8/*
%changelog %changelog
* Tue Apr 30 2024 yanshuai <yanshuai@kylinos.cn> - 1.21.2-2
- Do not reload a modified profile data object
* Tue Jan 2 2024 xuraoqing<xuraoqing@huawei.com> - 1.21.2-1 * Tue Jan 2 2024 xuraoqing<xuraoqing@huawei.com> - 1.21.2-1
- update to 1.21.2 - update to 1.21.2