From a3070f96473b8913180e902c60eafc8dca5e633632cadd4450410dc8c30b4727 Mon Sep 17 00:00:00 2001 From: "Dr. Werner Fink" Date: Thu, 18 Sep 2014 13:34:20 +0000 Subject: [PATCH] . OBS-URL: https://build.opensuse.org/package/show/Base:System/systemd?expand=0&rev=781 --- ...urce-leak-in-manager_environment_add.patch | 32 ++++++++++++ 0002-util-remove-a-unnecessary-check.patch | 25 +++++++++ ...xplicitly-don-t-read-from-invalid-fd.patch | 27 ++++++++++ 0004-shared-conf-parser.patch | 31 +++++++++++ 0005-logind-fix-typo.patch | 25 +++++++++ ...temctl-fix-resource-leak-CID-1237747.patch | 35 +++++++++++++ ...warn-if-we-fail-to-request-SO_PASSCR.patch | 29 +++++++++++ ...er-don-t-leak-memory-on-error-in-DEF.patch | 52 +++++++++++++++++++ ...int_property-to-use-int-for-booleans.patch | 29 +++++++++++ systemd-mini.changes | 17 ++++++ systemd-mini.spec | 28 +++++++++- systemd.changes | 17 ++++++ systemd.spec | 28 +++++++++- 13 files changed, 371 insertions(+), 4 deletions(-) create mode 100644 0001-core-fix-resource-leak-in-manager_environment_add.patch create mode 100644 0002-util-remove-a-unnecessary-check.patch create mode 100644 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch create mode 100644 0004-shared-conf-parser.patch create mode 100644 0005-logind-fix-typo.patch create mode 100644 0006-systemctl-fix-resource-leak-CID-1237747.patch create mode 100644 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch create mode 100644 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch create mode 100644 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch diff --git a/0001-core-fix-resource-leak-in-manager_environment_add.patch b/0001-core-fix-resource-leak-in-manager_environment_add.patch new file mode 100644 index 0000000..7991b3b --- /dev/null +++ b/0001-core-fix-resource-leak-in-manager_environment_add.patch @@ -0,0 +1,32 @@ +From aa9f8a30fd7dc7aa3aa2575b75b3f9a0ab3f02db Mon Sep 17 00:00:00 2001 +From: Andreas Henriksson +Date: Tue, 16 Sep 2014 21:11:02 +0200 +Subject: [PATCH] core: fix resource leak in manager_environment_add + +Second error path must free the (potentially) allocated memory in the +first code chunk before returning. + +Found by coverity. Fixes: CID#1237750 +--- + src/core/manager.c | 4 +++- + 1 file changed, 3 insertions(+), 1 deletion(-) + +diff --git src/core/manager.c src/core/manager.c +index 0770727..e0c1cd1 100644 +--- src/core/manager.c ++++ src/core/manager.c +@@ -2751,8 +2751,10 @@ int manager_environment_add(Manager *m, char **minus, char **plus) { + + if (!strv_isempty(plus)) { + b = strv_env_merge(2, l, plus); +- if (!b) ++ if (!b) { ++ strv_free(a); + return -ENOMEM; ++ } + + l = b; + } +-- +1.7.9.2 + diff --git a/0002-util-remove-a-unnecessary-check.patch b/0002-util-remove-a-unnecessary-check.patch new file mode 100644 index 0000000..ac7cdfb --- /dev/null +++ b/0002-util-remove-a-unnecessary-check.patch @@ -0,0 +1,25 @@ +Based on 42646a8bf24be2c9280554c9d8540c67c835b3c4 Mon Sep 17 00:00:00 2001 +From: Thomas Hindoe Paaboel Andersen +Date: Tue, 16 Sep 2014 22:58:35 +0200 +Subject: [PATCH] util: remove a unnecessary check + +We only break out of the previous loop if fd >= 0 so there is no +use in checking it again. + +Found by coverity. Fixes: CID#1237577 +--- + src/shared/util.c | 3 --- + 1 file changed, 3 deletions(-) + +--- src/shared/util.c ++++ src/shared/util.c 2014-09-18 13:05:08.218236754 +0000 +@@ -1772,9 +1772,6 @@ int open_terminal(const char *name, int + c++; + } + +- if (fd < 0) +- return -errno; +- + r = isatty(fd); + if (r < 0) { + close_nointr_nofail(fd); diff --git a/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch b/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch new file mode 100644 index 0000000..bad29c5 --- /dev/null +++ b/0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch @@ -0,0 +1,27 @@ +From 3f796750b192e62701e91a95f85389f876d1059b Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Wed, 17 Sep 2014 21:44:56 +0200 +Subject: [PATCH] udev: event - explicitly don't read() from invalid fd + +This fixes CID #1237641. +--- + src/udev/udev-event.c | 3 +++ + 1 file changed, 3 insertions(+) + +diff --git src/udev/udev-event.c src/udev/udev-event.c +index 6b8b5a8..c8b1420 100644 +--- src/udev/udev-event.c ++++ src/udev/udev-event.c +@@ -494,6 +494,9 @@ static void spawn_read(struct udev_event *event, + for (i = 0; i < fdcount; i++) { + int *fd = (int *)ev[i].data.ptr; + ++ if (*fd < 0) ++ continue; ++ + if (ev[i].events & EPOLLIN) { + ssize_t count; + char buf[4096]; +-- +1.7.9.2 + diff --git a/0004-shared-conf-parser.patch b/0004-shared-conf-parser.patch new file mode 100644 index 0000000..8a03d9d --- /dev/null +++ b/0004-shared-conf-parser.patch @@ -0,0 +1,31 @@ +Based on 83e341a637b75f7f592a5dc717c34d8b67ed4ffa Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Wed, 17 Sep 2014 22:17:53 +0200 +Subject: [PATCH] shared: conf-parser + +Check memory allocation. Found by Coverity. + +Fixes CID #1237644. +--- + src/shared/conf-parser.h | 4 ++++ + 1 file changed, 4 insertions(+) + +--- src/shared/conf-parser.h ++++ src/shared/conf-parser.h 2014-09-18 13:07:07.314735514 +0000 +@@ -181,6 +181,8 @@ int log_syntax_internal(const char *unit + assert(data); \ + \ + xs = new0(type, 1); \ ++ if(!xs) \ ++ return -ENOMEM; \ + *xs = invalid; \ + \ + FOREACH_WORD(w, l, rvalue, state) { \ +@@ -213,6 +215,7 @@ int log_syntax_internal(const char *unit + xs = realloc(xs, (++i + 1) * sizeof(type)); \ + if (!xs) \ + return -ENOMEM; \ ++ \ + *(xs + i) = invalid; \ + } \ + \ diff --git a/0005-logind-fix-typo.patch b/0005-logind-fix-typo.patch new file mode 100644 index 0000000..79916e7 --- /dev/null +++ b/0005-logind-fix-typo.patch @@ -0,0 +1,25 @@ +From 2b2332856bafe25c4aa17db2a90bdcddef1fec1a Mon Sep 17 00:00:00 2001 +From: Ronny Chevalier +Date: Wed, 17 Sep 2014 20:10:44 +0200 +Subject: [PATCH] logind: fix typo + +--- + src/login/logind-session-dbus.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/login/logind-session-dbus.c src/login/logind-session-dbus.c +index 7d81500..58836fc 100644 +--- src/login/logind-session-dbus.c ++++ src/login/logind-session-dbus.c +@@ -249,7 +249,7 @@ static int method_set_idle_hint(sd_bus *bus, sd_bus_message *message, void *user + return r; + + if (uid != 0 && uid != s->user->uid) +- return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Only owner of session my set idle hint"); ++ return sd_bus_error_setf(error, SD_BUS_ERROR_ACCESS_DENIED, "Only owner of session may set idle hint"); + + session_set_idle_hint(s, b); + +-- +1.7.9.2 + diff --git a/0006-systemctl-fix-resource-leak-CID-1237747.patch b/0006-systemctl-fix-resource-leak-CID-1237747.patch new file mode 100644 index 0000000..f8ec6af --- /dev/null +++ b/0006-systemctl-fix-resource-leak-CID-1237747.patch @@ -0,0 +1,35 @@ +From 48a2900c6612052149a1d0dd88aeacb99b49ce4d Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Cristian=20Rodr=C3=ADguez?= +Date: Wed, 17 Sep 2014 21:56:25 -0300 +Subject: [PATCH] systemctl: fix resource leak CID #1237747 + +..by simply moving the declaration of "unit" into the STRV_FOREACH +loop as suggested by Andreas. +--- + src/systemctl/systemctl.c | 3 ++- + 1 file changed, 2 insertions(+), 1 deletion(-) + +diff --git src/systemctl/systemctl.c src/systemctl/systemctl.c +index 88be871..9012128 100644 +--- src/systemctl/systemctl.c ++++ src/systemctl/systemctl.c +@@ -4449,7 +4449,6 @@ static int show(sd_bus *bus, char **args) { + } + + static int cat(sd_bus *bus, char **args) { +- _cleanup_free_ char *unit = NULL; + _cleanup_strv_free_ char **names = NULL; + char **name; + bool first = true; +@@ -4468,6 +4467,8 @@ static int cat(sd_bus *bus, char **args) { + _cleanup_bus_error_free_ sd_bus_error error = SD_BUS_ERROR_NULL; + _cleanup_strv_free_ char **dropin_paths = NULL; + _cleanup_free_ char *fragment_path = NULL; ++ _cleanup_free_ char *unit = NULL; ++ + char **path; + + unit = unit_dbus_path_from_name(*name); +-- +1.7.9.2 + diff --git a/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch b/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch new file mode 100644 index 0000000..1585757 --- /dev/null +++ b/0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch @@ -0,0 +1,29 @@ +From 9dedfe7f667a8cb22ba85d0223556c69c4fd0e9a Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 09:20:46 +0200 +Subject: [PATCH] libudev: monitor - warn if we fail to request SO_PASSCRED + +The function still succeeds, so there is no functional change. This fixes CID #996288. +--- + src/libudev/libudev-monitor.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git src/libudev/libudev-monitor.c src/libudev/libudev-monitor.c +index 186e5e1..59698b8 100644 +--- src/libudev/libudev-monitor.c ++++ src/libudev/libudev-monitor.c +@@ -412,7 +412,10 @@ _public_ int udev_monitor_enable_receiving(struct udev_monitor *udev_monitor) + } + + /* enable receiving of sender credentials */ +- setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ err = setsockopt(udev_monitor->sock, SOL_SOCKET, SO_PASSCRED, &on, sizeof(on)); ++ if (err < 0) ++ udev_err(udev_monitor->udev, "setting SO_PASSCRED failed: %m\n"); ++ + return 0; + } + +-- +1.7.9.2 + diff --git a/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch b/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch new file mode 100644 index 0000000..3e5d0c0 --- /dev/null +++ b/0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch @@ -0,0 +1,52 @@ +Based on 77c10205bb337585c320e91af4b416f2dcc6faba Mon Sep 17 00:00:00 2001 +From: Tom Gundersen +Date: Thu, 18 Sep 2014 13:47:00 +0200 +Subject: [PATCH] shared: conf-parser - don't leak memory on error in + DEFINE_CONFIG_PARSE_ENUMV + +Found by Coverity. Fixes CID #1237746. +--- + src/shared/conf-parser.h | 12 +++++++++--- + 1 file changed, 9 insertions(+), 3 deletions(-) + +--- src/shared/conf-parser.h ++++ src/shared/conf-parser.h 2014-09-18 13:14:43.730234764 +0000 +@@ -171,7 +171,8 @@ int log_syntax_internal(const char *unit + void *data, \ + void *userdata) { \ + \ +- type **enums = data, *xs, x, *ys; \ ++ type **enums = data, x, *ys; \ ++ _cleanup_free_ type *xs = NULL; \ + char *w, *state; \ + size_t l, i = 0; \ + \ +@@ -187,6 +188,7 @@ int log_syntax_internal(const char *unit + \ + FOREACH_WORD(w, l, rvalue, state) { \ + _cleanup_free_ char *en = NULL; \ ++ type *new_xs; \ + \ + en = strndup(w, l); \ + if (!en) \ +@@ -212,8 +214,10 @@ int log_syntax_internal(const char *unit + continue; \ + \ + *(xs + i) = x; \ +- xs = realloc(xs, (++i + 1) * sizeof(type)); \ +- if (!xs) \ ++ new_xs = realloc(xs, (++i + 1) * sizeof(type)); \ ++ if (new_xs) \ ++ xs = new_xs; \ ++ else \ + return -ENOMEM; \ + \ + *(xs + i) = invalid; \ +@@ -221,5 +225,7 @@ int log_syntax_internal(const char *unit + \ + free(*enums); \ + *enums = xs; \ ++ xs = NULL; \ ++ \ + return 0; \ + } diff --git a/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch b/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch new file mode 100644 index 0000000..381d073 --- /dev/null +++ b/0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch @@ -0,0 +1,29 @@ +From c2fa048c4a70c8386c6d8fe939e5ea9edecf1e98 Mon Sep 17 00:00:00 2001 +From: David Herrmann +Date: Thu, 18 Sep 2014 13:28:28 +0200 +Subject: [PATCH] bus: fix bus_print_property() to use "int" for booleans + +We always use "int" if we retrieve boolean values from sd-bus, as "bool" +is only a single byte, but full int on va-args. + +Thanks to Werner Fink for the report! +--- + src/libsystemd/sd-bus/bus-util.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git src/libsystemd/sd-bus/bus-util.c src/libsystemd/sd-bus/bus-util.c +index 7c6da60..9018bce 100644 +--- src/libsystemd/sd-bus/bus-util.c ++++ src/libsystemd/sd-bus/bus-util.c +@@ -631,7 +631,7 @@ int bus_print_property(const char *name, sd_bus_message *property, bool all) { + } + + case SD_BUS_TYPE_BOOLEAN: { +- bool b; ++ int b; + + r = sd_bus_message_read_basic(property, type, &b); + if (r < 0) +-- +1.7.9.2 + diff --git a/systemd-mini.changes b/systemd-mini.changes index 2bc0fa3..a6dbde4 100644 --- a/systemd-mini.changes +++ b/systemd-mini.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Thu Sep 18 13:21:45 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-core-fix-resource-leak-in-manager_environment_add.patch + 0002-util-remove-a-unnecessary-check.patch + 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch + 0004-shared-conf-parser.patch + 0005-logind-fix-typo.patch + 0006-systemctl-fix-resource-leak-CID-1237747.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +- Remove 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch as + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch + is the upstream solution + ------------------------------------------------------------------- Wed Sep 17 16:02:33 UTC 2014 - werner@suse.de diff --git a/systemd-mini.spec b/systemd-mini.spec index 297191a..cdee7a7 100644 --- a/systemd-mini.spec +++ b/systemd-mini.spec @@ -856,8 +856,24 @@ Patch412: 0008-core-smack-setup-Actually-allow-for-succesfully-load.patch Patch413: 0009-journal-do-not-leak-mmaps-on-OOM.patch # PATCH-FIX-UPSTREAM added at 2014/09/16 Patch414: 0010-manager-use-correct-cleanup-function.patch -# PATCH-FIX-SUSE Be aware that the size of the type bool may vary -Patch415: 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch415: 0001-core-fix-resource-leak-in-manager_environment_add.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch416: 0002-util-remove-a-unnecessary-check.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch417: 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch418: 0004-shared-conf-parser.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch419: 0005-logind-fix-typo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch420: 0006-systemctl-fix-resource-leak-CID-1237747.patch +# PATCH-FIX-UPSTREAM added at 2014/09/16 +Patch421: 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch422: 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 -- Be aware that the size of the type bool may vary +Patch423: 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch # UDEV PATCHES # ============ @@ -1599,6 +1615,14 @@ cp %{SOURCE7} m4/ %patch413 -p0 %patch414 -p0 %patch415 -p0 +%patch416 -p0 +%patch417 -p0 +%patch418 -p0 +%patch419 -p0 +%patch420 -p0 +%patch421 -p0 +%patch422 -p0 +%patch423 -p0 # udev patches %patch1001 -p1 diff --git a/systemd.changes b/systemd.changes index 2bc0fa3..a6dbde4 100644 --- a/systemd.changes +++ b/systemd.changes @@ -1,3 +1,20 @@ +------------------------------------------------------------------- +Thu Sep 18 13:21:45 UTC 2014 - werner@suse.de + +- Add upstream bugfix patches + 0001-core-fix-resource-leak-in-manager_environment_add.patch + 0002-util-remove-a-unnecessary-check.patch + 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch + 0004-shared-conf-parser.patch + 0005-logind-fix-typo.patch + 0006-systemctl-fix-resource-leak-CID-1237747.patch + 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch + 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch +- Remove 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch as + 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch + is the upstream solution + ------------------------------------------------------------------- Wed Sep 17 16:02:33 UTC 2014 - werner@suse.de diff --git a/systemd.spec b/systemd.spec index 059216d..2b61b7b 100644 --- a/systemd.spec +++ b/systemd.spec @@ -851,8 +851,24 @@ Patch412: 0008-core-smack-setup-Actually-allow-for-succesfully-load.patch Patch413: 0009-journal-do-not-leak-mmaps-on-OOM.patch # PATCH-FIX-UPSTREAM added at 2014/09/16 Patch414: 0010-manager-use-correct-cleanup-function.patch -# PATCH-FIX-SUSE Be aware that the size of the type bool may vary -Patch415: 0001-sizeof-bool-used-by-gcc-depends-on-arch.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch415: 0001-core-fix-resource-leak-in-manager_environment_add.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch416: 0002-util-remove-a-unnecessary-check.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch417: 0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch418: 0004-shared-conf-parser.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch419: 0005-logind-fix-typo.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch420: 0006-systemctl-fix-resource-leak-CID-1237747.patch +# PATCH-FIX-UPSTREAM added at 2014/09/16 +Patch421: 0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 +Patch422: 0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch +# PATCH-FIX-UPSTREAM added at 2014/09/18 -- Be aware that the size of the type bool may vary +Patch423: 0009-bus-fix-bus_print_property-to-use-int-for-booleans.patch # UDEV PATCHES # ============ @@ -1594,6 +1610,14 @@ cp %{SOURCE7} m4/ %patch413 -p0 %patch414 -p0 %patch415 -p0 +%patch416 -p0 +%patch417 -p0 +%patch418 -p0 +%patch419 -p0 +%patch420 -p0 +%patch421 -p0 +%patch422 -p0 +%patch423 -p0 # udev patches %patch1001 -p1