Accepting request 451468 from home:fgerling:branches:Base:System

- Update to HEAD 66eab208d3c2abe947ba0a793094ee856e8fb3ee * Fix use-after-free of fd OBS-URL: https://build.opensuse.org/request/show/451468 OBS-URL: https://build.opensuse.org/package/show/Base:System/biosdevname?expand=0&rev=66
2017-01-23 11:23:22 +00:00 · 2017-01-23 11:23:22 +00:00 · abc80c5025
commit abc80c5025
parent bfc6057abe
3 changed files with 42 additions and 1 deletions
--- a/biosdevname.changes
+++ b/biosdevname.changes
@ -1,3 +1,9 @@
+-------------------------------------------------------------------
+Thu Jan 19 17:44:56 UTC 2017 - felix.gerling@suse.com
+
+-  Update to HEAD 66eab208d3c2abe947ba0a793094ee856e8fb3ee
+  * Fix use-after-free of fd
+
 -------------------------------------------------------------------
 Tue Aug 16 14:18:06 UTC 2016 - olaf@aepfle.de

--- a/biosdevname.spec
+++ b/biosdevname.spec
@ -1,7 +1,7 @@
 #
 # spec file for package biosdevname
 #
-# Copyright (c) 2016 SUSE LINUX GmbH, Nuernberg, Germany.
+# Copyright (c) 2017 SUSE LINUX Products GmbH, Nuernberg, Germany.
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@ -30,6 +30,7 @@ Patch2:         whitelist-dell
 Patch3:         udev-rule-path.patch
 Patch4:         biosdevname-pic.patch
 Patch5:         biosdevname-dom0.patch
+Patch6:         v0.7.2_to_HEAD_66eab208.patch
 BuildRequires:  automake
 # to figure out how to name/location of the rules file
 BuildRequires:  libudev-devel
@ -69,6 +70,7 @@ You can enable/disable usage of biosdevname with boot option
 %patch3 -p1
 %patch4 -p1
 %patch5 -p1
+%patch6 -p1

 %build
 sed -i -e 's#@@BIOSDEVNAME_RULEDEST@@#'%{_udevrulesdir}'/71-biosdevname.rules#' configure.ac
--- a/v0.7.2_to_HEAD_66eab208.patch
+++ b/v0.7.2_to_HEAD_66eab208.patch
@ -0,0 +1,33 @@
+commit 66eab208d3c2abe947ba0a793094ee856e8fb3ee
+Merge: 2527399 d1d6296
+Author: Mario Limonciello <superm1@gmail.com>
+Date:   Tue Oct 18 11:57:41 2016 -0500
+
+    Merge pull request #1 from msekletar/use-after-free
+    
+    Fix use-after-free of fd
+
+commit d1d62966032784f292e6875ba4373b18149a5754
+Author: Michal Sekletar <msekleta@redhat.com>
+Date:   Tue Dec 22 10:34:16 2015 +0100
+
+    Fix use-after-free of fd
+    
+    This bug got introduced in 51219cac581b5eaced5b172dbbb4586889cb27e1. I
+    overlooked that we are already properly closing fd on non-error code
+    path and I added redundant call to close.
+    
+    Closing already closed fd is harmless though. Function returns EBADF and
+    fails silently.
+
+diff --git a/src/dmidecode/util.c b/src/dmidecode/util.c
+index 3340e1f..ea06663 100644
+--- a/src/dmidecode/util.c
+++ b/src/dmidecode/util.c
+@@ -162,6 +162,5 @@ void *mem_chunk(size_t base, size_t len, const char *devmem)
+ 	if(close(fd)==-1)
+ 		perror(devmem);
+ 
+-	close(fd);
+ 	return p;
+ }