pool/flatpak
SHA256
2
0
Fork 1
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Accepting request 1067351 from GNOME:Factory

Browse Source 
OBS-URL: https://build.opensuse.org/request/show/1067351
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/flatpak?expand=0&rev=77
This commit is contained in:
Dominique Leuenberger 2023-02-25 18:54:27 +00:00 committed by Git OBS Bridge
commit a41fd6c9cb
3 changed files with 38 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

28
flatpak-fix-gpg-agent-double-free.patch Normal file
View File

@ -0,0 +1,28 @@
From d7fb31b54077c676be50a6903090d4627b02b994 Mon Sep 17 00:00:00 2001
From: Simon McVittie <smcv@collabora.com>
Date: Mon, 6 Feb 2023 16:09:29 +0000
Subject: [PATCH] run: Avoid double-free of gpgconf stdout stream
g_subprocess_get_stdout_pipe() does not transfer ownership, so the
stream still belongs to the GSubprocess and we must not unref it.
Fixes: 764e5a4d "Add --socket=gpg-agent"
Resolves: https://github.com/flatpak/flatpak/issues/5095
Signed-off-by: Simon McVittie <smcv@collabora.com>
---
common/flatpak-run.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/common/flatpak-run.c b/common/flatpak-run.c
index 8d613165e1..3c85f9223f 100644
--- a/common/flatpak-run.c
+++ b/common/flatpak-run.c
@@ -608,7 +608,7 @@ flatpak_run_add_gpg_agent_args (FlatpakBwrap *bwrap)
g_autofree char * sandbox_agent_socket = NULL;
g_autoptr(GError) gpgconf_error = NULL;
g_autoptr(GSubprocess) process = NULL;
- g_autoptr(GInputStream) base_stream = NULL;
+ GInputStream *base_stream = NULL;
g_autoptr(GDataInputStream) data_stream = NULL;
process = g_subprocess_new (G_SUBPROCESS_FLAGS_STDOUT_PIPE,

7
flatpak.changes
View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Thu Feb 23 08:41:51 UTC 2023 - Alynx Zhou <alynx.zhou@suse.com>
- Add flatpak-fix-gpg-agent-double-free.patch: stdout stream of a
subprocess is owned by the subprocess, not the caller, so don't
use g_autoptr for it to prevent double free (bsc#1207434).
-------------------------------------------------------------------
Mon Feb 6 18:22:23 UTC 2023 - Bjørn Lie <bjorn.lie@gmail.com>

3
flatpak.spec
View File

@ -45,6 +45,8 @@ Source1: update-system-flatpaks.service
Source2: update-system-flatpaks.timer
Source3: https://flathub.org/repo/flathub.flatpakrepo
Patch0: polkit_rules_usability.patch
# PATCH-FIX-UPSTREAM flatpak-fix-gpg-agent-double-free.patch bsc#1207434 alynx.zhou@suse.com -- Fix double free in in handling gpg-agent sockets
Patch1: flatpak-fix-gpg-agent-double-free.patch
BuildRequires: bison
BuildRequires: bubblewrap >= %{bubblewrap_version}
BuildRequires: docbook-xsl-stylesheets
@ -148,6 +150,7 @@ more information.
%package remote-flathub
Summary: Add Flathub repository to system flatpak
Group: System/Packages
Requires: flatpak
Requires(postun):flatpak
Requires(postun):sed