Accepting request 556516 from home:pmladek:branches:Base:System
- hardening of the console list generation (bsc#1071568): * libconsole-never-return-empty-list-from-getconsoles.patch * libconsole-Really-allow-to-use-dev-console-as-a-fall.patch * libconsole-Add-console-into-the-list-only-when-succe.patch * libconsole-Correctly-ignore-early-consoles.patch OBS-URL: https://build.opensuse.org/request/show/556516 OBS-URL: https://build.opensuse.org/package/show/Base:System/blog?expand=0&rev=26
This commit is contained in:
parent
f205f5ad48
commit
937beaa81b
@ -1,3 +1,12 @@
|
|||||||
|
-------------------------------------------------------------------
|
||||||
|
Tue Dec 12 15:30:53 UTC 2017 - pmladek@suse.com
|
||||||
|
|
||||||
|
- hardening of the console list generation (bsc#1071568):
|
||||||
|
* libconsole-never-return-empty-list-from-getconsoles.patch
|
||||||
|
* libconsole-Really-allow-to-use-dev-console-as-a-fall.patch
|
||||||
|
* libconsole-Add-console-into-the-list-only-when-succe.patch
|
||||||
|
* libconsole-Correctly-ignore-early-consoles.patch
|
||||||
|
|
||||||
-------------------------------------------------------------------
|
-------------------------------------------------------------------
|
||||||
Mon Nov 6 09:28:13 UTC 2017 - werner@suse.de
|
Mon Nov 6 09:28:13 UTC 2017 - werner@suse.de
|
||||||
|
|
||||||
|
12
blog.spec
12
blog.spec
@ -29,6 +29,14 @@ BuildRequires: suse-module-tools
|
|||||||
Requires(post): coreutils
|
Requires(post): coreutils
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
BuildRoot: %{_tmppath}/%{name}-%{version}-build
|
||||||
Provides: sysvinit-tools:/sbin/blogd
|
Provides: sysvinit-tools:/sbin/blogd
|
||||||
|
# PATCH-FIX-UPSTREAM libconsole-never-return-empty-list-from-getconsoles.patch bsc#1071568
|
||||||
|
Patch0: libconsole-never-return-empty-list-from-getconsoles.patch
|
||||||
|
# PATCH-FIX-UPSTREAM libconsole-Really-allow-to-use-dev-console-as-a-fall.patch bsc#1071568
|
||||||
|
Patch1: libconsole-Really-allow-to-use-dev-console-as-a-fall.patch
|
||||||
|
# PATCH-FIX-UPSTREAM libconsole-Add-console-into-the-list-only-when-succe.patch bsc#1071568
|
||||||
|
Patch2: libconsole-Add-console-into-the-list-only-when-succe.patch
|
||||||
|
# PATCH-FIX-UPSTREAM libconsole-Correctly-ignore-early-consoles.patch bsc#1071568
|
||||||
|
Patch3: libconsole-Correctly-ignore-early-consoles.patch
|
||||||
|
|
||||||
%description
|
%description
|
||||||
The blogd daemon determines the real underlying character device of
|
The blogd daemon determines the real underlying character device of
|
||||||
@ -66,6 +74,10 @@ the LSB startproc command.
|
|||||||
|
|
||||||
%prep
|
%prep
|
||||||
%setup -q -n showconsole-%version
|
%setup -q -n showconsole-%version
|
||||||
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
%patch3 -p1
|
||||||
|
|
||||||
%build
|
%build
|
||||||
make %{?_smp_mflags} CC="%__cc" \
|
make %{?_smp_mflags} CC="%__cc" \
|
||||||
|
112
libconsole-Add-console-into-the-list-only-when-succe.patch
Normal file
112
libconsole-Add-console-into-the-list-only-when-succe.patch
Normal file
@ -0,0 +1,112 @@
|
|||||||
|
From: Petr Mladek <pmladek@suse.com>
|
||||||
|
Date: Tue, 12 Dec 2017 11:41:19 +0100
|
||||||
|
Subject: libconsole: Add console into the list only when successfully allocated
|
||||||
|
Git-commit: 34a74a07c05d53f7c71bf7ba44a48f8be32942fd
|
||||||
|
References: bsc#1071568
|
||||||
|
Upstream: merged
|
||||||
|
|
||||||
|
consalloc() initializes the console when it is used from blogd (io = 1).
|
||||||
|
This operation might fail when the related tty device cannot be opened.
|
||||||
|
The structure is freed in this case but it was already added into
|
||||||
|
the list before. This might cause access to a freed memory.
|
||||||
|
|
||||||
|
This patch moves the initialization code into a separate function.
|
||||||
|
The structure is added to the list only when the initialization
|
||||||
|
succeeds. It is freed otherwise.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Mladek <pmladek@suse.com>
|
||||||
|
---
|
||||||
|
libconsole/console.c | 57 +++++++++++++++++++++++++++++-----------------------
|
||||||
|
1 file changed, 32 insertions(+), 25 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libconsole/console.c b/libconsole/console.c
|
||||||
|
index 600e22608630..47e95a4b9046 100644
|
||||||
|
--- a/libconsole/console.c
|
||||||
|
+++ b/libconsole/console.c
|
||||||
|
@@ -531,13 +531,39 @@ void closeIO(void)
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
|
||||||
|
+static int consinitIO(struct console *newc)
|
||||||
|
+{
|
||||||
|
+ int tflags;
|
||||||
|
+
|
||||||
|
+ if ((newc->fd = open(newc->tty, O_WRONLY|O_NONBLOCK|O_NOCTTY)) < 0) {
|
||||||
|
+ if (errno == EACCES)
|
||||||
|
+ error("can not open %s", newc->tty);
|
||||||
|
+ warn("can not open %s", newc->tty);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
+ newc->tlock = 0;
|
||||||
|
+ newc->max_canon = _POSIX_MAX_CANON;
|
||||||
|
+ memset(&newc->ltio, 0, sizeof(newc->ltio));
|
||||||
|
+ memset(&newc->otio, 0, sizeof(newc->otio));
|
||||||
|
+ memset(&newc->ctio, 0, sizeof(newc->ctio));
|
||||||
|
+ if ((tflags = fcntl(newc->fd, F_GETFL)) < 0)
|
||||||
|
+ warn("can not get terminal flags of %s", newc->tty);
|
||||||
|
+
|
||||||
|
+ tflags &= ~(O_NONBLOCK);
|
||||||
|
+ tflags |= O_NOCTTY;
|
||||||
|
+ if (fcntl(newc->fd, F_SETFL, tflags) < 0)
|
||||||
|
+ warn("can not set terminal flags of %s", newc->tty);
|
||||||
|
+
|
||||||
|
+ return 1;
|
||||||
|
+}
|
||||||
|
+
|
||||||
|
/* Allocate a console */
|
||||||
|
static list_t lcons = { &(lcons), &(lcons) };
|
||||||
|
static int consalloc(struct console **cons, char *name, const int cflags, const dev_t dev, int io)
|
||||||
|
{
|
||||||
|
struct console *newc;
|
||||||
|
list_t *head;
|
||||||
|
- int tflags;
|
||||||
|
|
||||||
|
if (!cons)
|
||||||
|
error("missing console pointer");
|
||||||
|
@@ -551,6 +577,11 @@ static int consalloc(struct console **cons, char *name, const int cflags, const
|
||||||
|
newc->dev = dev;
|
||||||
|
newc->pid = -1;
|
||||||
|
|
||||||
|
+ if (io && !consinitIO(newc)) {
|
||||||
|
+ free(newc);
|
||||||
|
+ return 0;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
if (!*cons) {
|
||||||
|
head = &lcons;
|
||||||
|
*cons = (struct console*)head;
|
||||||
|
@@ -558,30 +589,6 @@ static int consalloc(struct console **cons, char *name, const int cflags, const
|
||||||
|
head = &(*cons)->node;
|
||||||
|
insert(&newc->node, head);
|
||||||
|
|
||||||
|
- if (!io)
|
||||||
|
- return 1;
|
||||||
|
-
|
||||||
|
- if ((newc->fd = open(newc->tty, O_WRONLY|O_NONBLOCK|O_NOCTTY)) < 0) {
|
||||||
|
- if (errno == EACCES)
|
||||||
|
- error("can not open %s", newc->tty);
|
||||||
|
- warn("can not open %s", newc->tty);
|
||||||
|
- free(newc);
|
||||||
|
- return 0;
|
||||||
|
- }
|
||||||
|
-
|
||||||
|
- newc->tlock = 0;
|
||||||
|
- newc->max_canon = _POSIX_MAX_CANON;
|
||||||
|
- memset(&newc->ltio, 0, sizeof(newc->ltio));
|
||||||
|
- memset(&newc->otio, 0, sizeof(newc->otio));
|
||||||
|
- memset(&newc->ctio, 0, sizeof(newc->ctio));
|
||||||
|
- if ((tflags = fcntl(newc->fd, F_GETFL)) < 0)
|
||||||
|
- warn("can not get terminal flags of %s", newc->tty);
|
||||||
|
-
|
||||||
|
- tflags &= ~(O_NONBLOCK);
|
||||||
|
- tflags |= O_NOCTTY;
|
||||||
|
- if (fcntl(newc->fd, F_SETFL, tflags) < 0)
|
||||||
|
- warn("can not set terminal flags of %s", newc->tty);
|
||||||
|
-
|
||||||
|
return 1;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.13.6
|
||||||
|
|
55
libconsole-Correctly-ignore-early-consoles.patch
Normal file
55
libconsole-Correctly-ignore-early-consoles.patch
Normal file
@ -0,0 +1,55 @@
|
|||||||
|
From: Petr Mladek <pmladek@suse.com>
|
||||||
|
Date: Tue, 12 Dec 2017 12:49:39 +0100
|
||||||
|
Subject: libconsole: Correctly ignore early consoles
|
||||||
|
Git-commit: 08b7314b53524040a16ce2a7f95a73304c55db30
|
||||||
|
References: bsc#1071568
|
||||||
|
Upstream: merged
|
||||||
|
|
||||||
|
There might be consoles without tty binding. These do not have
|
||||||
|
defined major and minor numbers in the /proc/consoles list.
|
||||||
|
For example, it might look like:
|
||||||
|
|
||||||
|
$> cat /proc/consoles
|
||||||
|
pl11 -W- (E Bp )
|
||||||
|
ttyAMA0 -W- (EC p a) 204:64
|
||||||
|
|
||||||
|
Let's just ignore them.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Mladek <pmladek@suse.com>
|
||||||
|
---
|
||||||
|
libconsole/console.c | 8 +++++++-
|
||||||
|
1 file changed, 7 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/libconsole/console.c b/libconsole/console.c
|
||||||
|
index 47e95a4b9046..c4396b1f9b5e 100644
|
||||||
|
--- a/libconsole/console.c
|
||||||
|
+++ b/libconsole/console.c
|
||||||
|
@@ -609,6 +609,7 @@ void getconsoles(struct console **cons, int io)
|
||||||
|
char fbuf[16], dev[64];
|
||||||
|
char *tty = NULL;
|
||||||
|
FILE *fc;
|
||||||
|
+ int items;
|
||||||
|
|
||||||
|
if (!cons)
|
||||||
|
error("error: console pointer empty");
|
||||||
|
@@ -621,11 +622,16 @@ void getconsoles(struct console **cons, int io)
|
||||||
|
goto err;
|
||||||
|
}
|
||||||
|
|
||||||
|
- while ((fscanf(fc, "%*s %*s (%[^)]) %[0-9:]", &fbuf[0], &dev[0]) == 2)) {
|
||||||
|
+ while ((items = fscanf(fc, "%*s %*s (%[^)]) %[0-9:]", &fbuf[0], &dev[0]))
|
||||||
|
+ != EOF) {
|
||||||
|
char *tmp;
|
||||||
|
int flags, n, maj, min;
|
||||||
|
int ret;
|
||||||
|
|
||||||
|
+ /* Ignore consoles without tty binding. */
|
||||||
|
+ if (items != 2)
|
||||||
|
+ continue;
|
||||||
|
+
|
||||||
|
if (!strchr(fbuf, 'E'))
|
||||||
|
continue;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.13.6
|
||||||
|
|
36
libconsole-Really-allow-to-use-dev-console-as-a-fall.patch
Normal file
36
libconsole-Really-allow-to-use-dev-console-as-a-fall.patch
Normal file
@ -0,0 +1,36 @@
|
|||||||
|
From: Petr Mladek <pmladek@suse.com>
|
||||||
|
Date: Mon, 11 Dec 2017 16:40:39 +0100
|
||||||
|
Subject: libconsole: Really allow to use /dev/console as a fallback in showconsole
|
||||||
|
Git-commit: 19329e59e442c81d270028cbc945fe83a9732327
|
||||||
|
References: bsc#1071568
|
||||||
|
Upstream: merged
|
||||||
|
|
||||||
|
consalloc() always returns an error when it is called from
|
||||||
|
showconsole (with io = 0). As a result, /dev/console is ignored
|
||||||
|
because it is not assigned to the global "cons" pointer
|
||||||
|
in getconsoles().
|
||||||
|
|
||||||
|
consalloc() should return success (1) when the console is added
|
||||||
|
to the list and the io-related operations are skipped.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Mladek <pmladek@suse.com>
|
||||||
|
---
|
||||||
|
libconsole/console.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/libconsole/console.c b/libconsole/console.c
|
||||||
|
index 2f6e0b1d56d9..600e22608630 100644
|
||||||
|
--- a/libconsole/console.c
|
||||||
|
+++ b/libconsole/console.c
|
||||||
|
@@ -559,7 +559,7 @@ static int consalloc(struct console **cons, char *name, const int cflags, const
|
||||||
|
insert(&newc->node, head);
|
||||||
|
|
||||||
|
if (!io)
|
||||||
|
- return 0;
|
||||||
|
+ return 1;
|
||||||
|
|
||||||
|
if ((newc->fd = open(newc->tty, O_WRONLY|O_NONBLOCK|O_NOCTTY)) < 0) {
|
||||||
|
if (errno == EACCES)
|
||||||
|
--
|
||||||
|
2.13.6
|
||||||
|
|
39
libconsole-never-return-empty-list-from-getconsoles.patch
Normal file
39
libconsole-never-return-empty-list-from-getconsoles.patch
Normal file
@ -0,0 +1,39 @@
|
|||||||
|
From: Petr Mladek <pmladek@suse.com>
|
||||||
|
Date: Mon, 11 Dec 2017 16:32:11 +0100
|
||||||
|
Subject: libconsole: never return empty list from getconsoles()
|
||||||
|
Git-commit: d7fe84cd6198c4acc00a59d7c403fe6bdc3f509a
|
||||||
|
References: bsc#1071568
|
||||||
|
Upstream: merged
|
||||||
|
|
||||||
|
getconsoles() users expect that they get a non-empty list of consoles.
|
||||||
|
Otherwise, they might access an invalid memory.
|
||||||
|
|
||||||
|
There is an attempt to create fallback to /dev/console but it is
|
||||||
|
used (assigned to *cons) only when the corresponding consalloc()
|
||||||
|
passes. Otherwise, we should printk an error and exit.
|
||||||
|
|
||||||
|
Signed-off-by: Petr Mladek <pmladek@suse.com>
|
||||||
|
---
|
||||||
|
libconsole/console.c | 6 ++++--
|
||||||
|
1 file changed, 4 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/libconsole/console.c b/libconsole/console.c
|
||||||
|
index 2c6bbac8989f..2f6e0b1d56d9 100644
|
||||||
|
--- a/libconsole/console.c
|
||||||
|
+++ b/libconsole/console.c
|
||||||
|
@@ -662,8 +662,10 @@ err:
|
||||||
|
if (!tty)
|
||||||
|
error("can not allocate string");
|
||||||
|
|
||||||
|
- if (consalloc(&c, tty, CON_CONSDEV, makedev(TTYAUX_MAJOR, 1), io))
|
||||||
|
- *cons = c;
|
||||||
|
+ if (!consalloc(&c, tty, CON_CONSDEV, makedev(TTYAUX_MAJOR, 1), io))
|
||||||
|
+ error("/dev/console is not a valid fallback\n");
|
||||||
|
+
|
||||||
|
+ *cons = c;
|
||||||
|
}
|
||||||
|
|
||||||
|
/*
|
||||||
|
--
|
||||||
|
2.13.6
|
||||||
|
|
Loading…
Reference in New Issue
Block a user