Accepting request 85422 from home:vuntz:branches:GNOME:Factory

Only use regular files for user icons OBS-URL: https://build.opensuse.org/request/show/85422 OBS-URL: https://build.opensuse.org/package/show/GNOME:Factory/accountsservice?expand=0&rev=14
2011-09-29 11:14:35 +00:00 · 2011-09-29 11:14:35 +00:00 · aceb41cc9e
commit aceb41cc9e
parent 8b65dc3fee
3 changed files with 53 additions and 0 deletions
--- a/accountsservice-regular-file-for-icon.patch
+++ b/accountsservice-regular-file-for-icon.patch
@ -0,0 +1,44 @@
+commit d7c5d29a1f5d1305f66a24209ddb0719fecf2160
+Author: Vincent Untz <vuntz@gnome.org>
+Date:   Thu Sep 29 10:44:18 2011 +0200
+
+    daemon: Only accept regular files when setting icon
+    
+    We don't want to call cat on a FIFO, for instance.
+
+diff --git a/src/user.c b/src/user.c
+index 4587bbb..8f0bdd3 100644
+--- a/src/user.c
+++ b/src/user.c
+@@ -1370,6 +1370,7 @@ user_change_icon_file_authorized_cb (Daemon                *daemon,
+         GFile *file;
+         GFileInfo *info;
+         guint32 mode;
+        GFileType type;
+         guint64 size;
+ 
+         filename = g_strdup (data);
+@@ -1400,14 +1401,23 @@ user_change_icon_file_authorized_cb (Daemon                *daemon,
+ 
+         file = g_file_new_for_path (filename);
+         info = g_file_query_info (file, G_FILE_ATTRIBUTE_UNIX_MODE ","
+                                        G_FILE_ATTRIBUTE_STANDARD_TYPE ","
+                                         G_FILE_ATTRIBUTE_STANDARD_SIZE,
+                                   0, NULL, NULL);
+         mode = g_file_info_get_attribute_uint32 (info, G_FILE_ATTRIBUTE_UNIX_MODE);
+        type = g_file_info_get_file_type (info);
+         size = g_file_info_get_attribute_uint64 (info, G_FILE_ATTRIBUTE_STANDARD_SIZE);
+ 
+         g_object_unref (info);
+         g_object_unref (file);
+ 
+        if (type != G_FILE_TYPE_REGULAR) {
+                g_debug ("not a regular file\n");
+                throw_error (context, ERROR_FAILED, "file '%s' is not a regular file", filename);
+                g_free (filename);
+                return;
+        }
+
+         if (size > 1048576) {
+                 g_debug ("file too large\n");
+                 /* 1MB ought to be enough for everybody */
--- a/accountsservice.changes
+++ b/accountsservice.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Sep 29 08:46:11 UTC 2011 - vuntz@opensuse.org
+
+- Add accountsservice-regular-file-for-icon.patch: only use regular
+  files when setting user icon. Part of bnc#676638.
+
 -------------------------------------------------------------------
 Mon Sep  5 06:30:54 UTC 2011 - vuntz@opensuse.org

--- a/accountsservice.spec
+++ b/accountsservice.spec
@ -28,6 +28,8 @@ Source:         http://www.freedesktop.org/software/accountsservice/%{name}-%{ve
 # WARNING: do not remove/significantly change patch0 without updating the relevant patch in gdm too
 # PATCH-FIX-OPENSUSE accountsservice-sysconfig.patch bnc#688071 vuntz@opensuse.org -- Read/write autologin configuration from sysconfig, like gdm (see gdm-sysconfig-settings.patch)
 Patch0:         accountsservice-sysconfig.patch
+# PATCH-FIX-UPSTREAM accountsservice-regular-file-for-icon.patch fdo#41320 bnc#676638 vuntz@opensuse.org -- Check files are regular files before using them as user icons
+Patch1:         accountsservice-regular-file-for-icon.patch
 # needed for patch0
 BuildRequires:  gnome-common
 BuildRequires:  gobject-introspection-devel
@ -75,6 +77,7 @@ querying and manipulating user account information.
 %prep
 %setup -q
 %patch0 -p1
+%patch1 -p1

 %build
 # needed for patch0