Dr. Werner Fink 2014-06-17 15:09:13 +00:00 committed by Git OBS Bridge
parent 55a76546aa
commit 7bfdacc396
7 changed files with 126 additions and 0 deletions

View File

@ -0,0 +1,32 @@
From 3e09eb5c83e56bc0184bd9d9c44f76047464f77c Mon Sep 17 00:00:00 2001
From: Andreas Henriksson <andreas@fatal.se>
Date: Fri, 13 Jun 2014 18:48:19 +0200
Subject: [PATCH] core: fix invalid free() in killall()
static int killall(....) in ./src/core/killall.c tries to get "s"
initialized by calling get_process_comm(...) which calls
read_one_line_file(...) which if it fails will mean it is left
uninitialized.
It is then used in argument to strna(s) call where it is
dereferenced(!), in addition to nothing else initializing it before
the scope it is in finishes.
---
src/core/killall.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/core/killall.c src/core/killall.c
index 57ed41c..eab48f7 100644
--- src/core/killall.c
+++ src/core/killall.c
@@ -168,7 +168,7 @@ static int killall(int sig, Set *pids, bool send_sighup) {
continue;
if (sig == SIGKILL) {
- _cleanup_free_ char *s;
+ _cleanup_free_ char *s = NULL;
get_process_comm(pid, &s);
log_notice("Sending SIGKILL to PID "PID_FMT" (%s).", pid, strna(s));
--
1.7.9.2

View File

@ -0,0 +1,30 @@
From f8a0bb5285024b6ce372c3157e761e6543ebdcd2 Mon Sep 17 00:00:00 2001
From: Andreas Henriksson <andreas@fatal.se>
Date: Fri, 13 Jun 2014 18:48:21 +0200
Subject: [PATCH] udev: fix invalid free() in enable_name_policy()
static bool enable_name_policy(...) in ./src/udev/net/link-config.c
calls proc_cmdline(...) to get "line" initialized, but
proc_cmdline(...) does not guarantee that atleast when both
conditions (detect_container(NULL) > 0) and
read_full_file(...) returned < 0.
---
src/udev/net/link-config.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/udev/net/link-config.c src/udev/net/link-config.c
index a9acc3d..7a9d01b 100644
--- src/udev/net/link-config.c
+++ src/udev/net/link-config.c
@@ -185,7 +185,7 @@ static int load_link(link_config_ctx *ctx, const char *filename) {
}
static bool enable_name_policy(void) {
- _cleanup_free_ char *line;
+ _cleanup_free_ char *line = NULL;
char *w, *state;
int r;
size_t l;
--
1.7.9.2

View File

@ -0,0 +1,30 @@
From 223217749e57996336d5730b0a28716cca56d45d Mon Sep 17 00:00:00 2001
From: Andreas Henriksson <andreas@fatal.se>
Date: Fri, 13 Jun 2014 18:48:18 +0200
Subject: [PATCH] install: fix invalid free() in unit_file_mask()
int unit_file_mask(...) in ./src/shared/install.c calls
get_config_path(...) which can in 4 error cases return without setting
"ret", and thus "prefix" can be uninitialized when unit_file_mask(...)
finishes (which it does directly after the error is returned from
get_config_path(...)).
---
src/shared/install.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git src/shared/install.c src/shared/install.c
index 487d0f6..f562063 100644
--- src/shared/install.c
+++ src/shared/install.c
@@ -563,7 +563,7 @@ int unit_file_mask(
unsigned *n_changes) {
char **i;
- _cleanup_free_ char *prefix;
+ _cleanup_free_ char *prefix = NULL;
int r;
assert(scope >= 0);
--
1.7.9.2

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Jun 17 14:21:56 UTC 2014 - werner@suse.de
- Add upstream patches
0001-core-fix-invalid-free-in-killall.patch
0002-udev-fix-invalid-free-in-enable_name_policy.patch
0003-install-fix-invalid-free-in-unit_file_mask.patch
-------------------------------------------------------------------
Tue Jun 17 11:43:23 UTC 2014 - rmilasan@suse.com

View File

@ -558,6 +558,12 @@ Patch275: 0004-systemd-detect-virt-only-discover-Xen-domU.patch
Patch276: 0005-backlight-Do-not-clamp-brightness-for-LEDs.patch
# PATCH-FIX-UPSTREAM added at 2014/06/11
Patch277: 0006-log-honour-the-kernel-s-quiet-cmdline-argument.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch278: 0001-core-fix-invalid-free-in-killall.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch279: 0002-udev-fix-invalid-free-in-enable_name_policy.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch280: 0003-install-fix-invalid-free-in-unit_file_mask.patch
# UDEV PATCHES
# ============
@ -1073,6 +1079,9 @@ cp %{SOURCE7} m4/
%patch275 -p0
%patch276 -p0
%patch277 -p0
%patch278 -p0
%patch279 -p0
%patch280 -p0
# udev patches
%patch1001 -p1

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Jun 17 14:21:56 UTC 2014 - werner@suse.de
- Add upstream patches
0001-core-fix-invalid-free-in-killall.patch
0002-udev-fix-invalid-free-in-enable_name_policy.patch
0003-install-fix-invalid-free-in-unit_file_mask.patch
-------------------------------------------------------------------
Tue Jun 17 11:43:23 UTC 2014 - rmilasan@suse.com

View File

@ -553,6 +553,12 @@ Patch275: 0004-systemd-detect-virt-only-discover-Xen-domU.patch
Patch276: 0005-backlight-Do-not-clamp-brightness-for-LEDs.patch
# PATCH-FIX-UPSTREAM added at 2014/06/11
Patch277: 0006-log-honour-the-kernel-s-quiet-cmdline-argument.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch278: 0001-core-fix-invalid-free-in-killall.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch279: 0002-udev-fix-invalid-free-in-enable_name_policy.patch
# PATCH-FIX-UPSTREAM added at 2014/06/17
Patch280: 0003-install-fix-invalid-free-in-unit_file_mask.patch
# UDEV PATCHES
# ============
@ -1068,6 +1074,9 @@ cp %{SOURCE7} m4/
%patch275 -p0
%patch276 -p0
%patch277 -p0
%patch278 -p0
%patch279 -p0
%patch280 -p0
# udev patches
%patch1001 -p1