From 95a1540f8781465c13e665a0c683cffc53690797acb18a3d458fc7e4bd75d70b Mon Sep 17 00:00:00 2001 From: Michael Chang Date: Thu, 19 Nov 2015 03:52:07 +0000 Subject: [PATCH] Accepting request 345115 from home:arvidjaar:bnc:954519 - Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch Fix reading password by grub2-mkpasswd-pbdk2 without controlling tty, e.g. when called from Xfce menu (boo#954519) OBS-URL: https://build.opensuse.org/request/show/345115 OBS-URL: https://build.opensuse.org/package/show/Base:System/grub2?expand=0&rev=188 --- ...o-not-close-stdin-in-grub_passwd_get.patch | 42 +++++++++++++++++++ grub2.changes | 7 ++++ grub2.spec | 3 ++ 3 files changed, 52 insertions(+) create mode 100644 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch diff --git a/0001-unix-do-not-close-stdin-in-grub_passwd_get.patch b/0001-unix-do-not-close-stdin-in-grub_passwd_get.patch new file mode 100644 index 0000000..34a45cf --- /dev/null +++ b/0001-unix-do-not-close-stdin-in-grub_passwd_get.patch @@ -0,0 +1,42 @@ +From 6a46cbcc5c1c746562fd7181bf0f2337db065201 Mon Sep 17 00:00:00 2001 +From: Andrei Borzenkov +Date: Wed, 18 Nov 2015 22:23:58 +0300 +Subject: [PATCH] unix: do not close stdin in grub_passwd_get + +This makes it impossible to read from stdin without controlling tty: + +10:/mnt # echo -e passwd\\npasswd | setsid ./grub-mkpasswd-pbkdf2 +Enter password: +Reenter password: ./grub-mkpasswd-pbkdf2: error: failure to read password. +10:/mnt +--- + grub-core/osdep/unix/password.c | 6 ++++-- + 1 file changed, 4 insertions(+), 2 deletions(-) + +diff --git a/grub-core/osdep/unix/password.c b/grub-core/osdep/unix/password.c +index 4b9507b..9996b24 100644 +--- a/grub-core/osdep/unix/password.c ++++ b/grub-core/osdep/unix/password.c +@@ -54,7 +54,8 @@ grub_password_get (char buf[], unsigned buf_size) + grub_memset (buf, 0, buf_size); + if (!fgets (buf, buf_size, stdin)) + { +- fclose (in); ++ if (in != stdin) ++ fclose (in); + return 0; + } + ptr = buf + strlen (buf) - 1; +@@ -67,7 +68,8 @@ grub_password_get (char buf[], unsigned buf_size) + grub_xputs ("\n"); + grub_refresh (); + +- fclose (in); ++ if (in != stdin) ++ fclose (in); + + return 1; + } +-- +1.9.1 + diff --git a/grub2.changes b/grub2.changes index 508d98c..39960cf 100644 --- a/grub2.changes +++ b/grub2.changes @@ -1,3 +1,10 @@ +------------------------------------------------------------------- +Wed Nov 18 19:33:42 UTC 2015 - arvidjaar@gmail.com + +- Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch + Fix reading password by grub2-mkpasswd-pbdk2 without controlling + tty, e.g. when called from Xfce menu (boo#954519) + ------------------------------------------------------------------- Mon Nov 1 21:30:02 UTC 2015 - arvidjaar@gmail.com diff --git a/grub2.spec b/grub2.spec index ccce862..6e303d1 100644 --- a/grub2.spec +++ b/grub2.spec @@ -260,6 +260,8 @@ Patch261: 0002-linux-getroot-fix-descriptor-leak.patch Patch262: 0003-util-grub-mount-fix-descriptor-leak.patch Patch263: 0004-linux-ofpath-fix-descriptor-leak.patch Patch264: 0005-grub-fstest-fix-descriptor-leak.patch +# Upstream patch to fix patch 0001-unix-password-Fix-file-descriptor-leak.patch +Patch265: 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch Requires: gettext-runtime %if 0%{?suse_version} >= 1140 @@ -530,6 +532,7 @@ mv po/grub.pot po/%{name}.pot %patch262 -p1 %patch263 -p1 %patch264 -p1 +%patch265 -p1 # Generate po/LINGUAS for message catalogs ... ./linguas.sh