systemd/0004-util-refuse-considering-UID-0xFFFF-and-0xFFFFFFFF-va.patch
Stephan Kulow 13d3158c64 Accepting request 239780 from Base:System
- Add upstream patch
  0001-machine-don-t-return-uninitialized-variable.patch
- Port and add upstream patch
  0002-vconsole-setup-run-setfont-before-loadkeys.patch

- Rename
  0001-udev-net_setup_link-add-a-bit-more-logging.patch
  to
  1048-udev-net_setup_link-add-a-bit-more-logging.patch 

- Port and add upstream patches
  0001-udev-net_setup_link-add-a-bit-more-logging.patch
  0003-namespace-make-sure-tmp-var-tmp-and-dev-are-writable.patch
  0002-namespace-fix-uninitialized-memory-access.patch

- Add upstream patches
  0001-architecture-Add-tilegx.patch
  0002-architecture-Add-cris.patch
  0003-arch-add-crisv32-to-uname-check.patch
  0004-architecture-remove-cris-from-uname-list.patch

- Add upstream patches
  0006-hwdb-update.patch
  0007-hwdb-Update-database-of-Bluetooth-company-identifier.patch

- Add upstream patches
  0001-parse_uid-return-ENXIO-for-1-uids.patch
  0002-util-when-unescaping-strings-don-t-allow-smuggling-i.patch
  0003-localed-consider-an-unset-model-as-a-wildcard.patch
  0004-sd-bus-when-an-event-loop-terminates-explicitly-clos.patch

OBS-URL: https://build.opensuse.org/request/show/239780
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=191
2014-07-12 15:14:24 +00:00

32 lines
934 B
Diff

From 306a55c86360a7ae7b2509771d5ea6ab0d166d85 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Sun, 29 Jun 2014 22:15:33 +0200
Subject: [PATCH] util: refuse considering UID 0xFFFF and 0xFFFFFFFF valid
---
src/shared/util.c | 8 ++++++++
1 file changed, 8 insertions(+)
diff --git src/shared/util.c src/shared/util.c
index e7ff0f8..1709bb7 100644
--- src/shared/util.c
+++ src/shared/util.c
@@ -280,6 +280,14 @@ int parse_uid(const char *s, uid_t* ret_uid) {
if ((unsigned long) uid != ul)
return -ERANGE;
+ /* Some libc APIs use (uid_t) -1 as special placeholder */
+ if (uid == (uid_t) 0xFFFFFFFF)
+ return -EINVAL;
+
+ /* A long time ago UIDs where 16bit, hence explicitly avoid the 16bit -1 too */
+ if (uid == (uid_t) 0xFFFF)
+ return -EINVAL;
+
*ret_uid = uid;
return 0;
}
--
1.7.9.2