Dr. Werner Fink 2024-11-11 10:46:06 +00:00 committed by Git OBS Bridge
parent 5d8a6d1ef2
commit 59aabc4876
5 changed files with 192 additions and 53 deletions

View File

@ -0,0 +1,60 @@
Avoid abort() in regain_effective_privs() if mandb is called by root
that is always initialize saved_uid and saved_gid!
--- gl/lib/idpriv-droptemp.c 2024-08-29 13:17:12.000000000 +0200
+++ gl/lib/idpriv-droptemp.c 2024-11-11 09:55:45.539212073 +0100
@@ -31,19 +31,24 @@
static gid_t saved_gid = -1;
#endif
-int
-idpriv_temp_drop (void)
+void
+idpriv_initial (void)
{
-#if HAVE_GETEUID && HAVE_GETEGID && (HAVE_SETRESUID || HAVE_SETREUID) && (HAVE_SETRESGID || HAVE_SETREGID)
- uid_t uid = getuid ();
- gid_t gid = getgid ();
-
/* Find out about the privileged uid and gid at the first call. */
if (saved_uid == -1)
saved_uid = geteuid ();
if (saved_gid == -1)
saved_gid = getegid ();
+}
+
+int
+idpriv_temp_drop (void)
+{
+#if HAVE_GETEUID && HAVE_GETEGID && (HAVE_SETRESUID || HAVE_SETREUID) && (HAVE_SETRESGID || HAVE_SETREGID)
+ uid_t uid = getuid ();
+ gid_t gid = getgid ();
+ idpriv_initial ();
/* Drop the gid privilege first, because in some cases the gid privilege
cannot be dropped after the uid privilege has been dropped. */
--- gl/lib/idpriv.h 2024-08-29 13:17:12.000000000 +0200
+++ gl/lib/idpriv.h 2024-11-11 09:50:35.047999910 +0100
@@ -95,6 +95,9 @@
/* For approach 3. */
+/* Initialize internal variable saved_uid as well as saved_gid */
+extern void idpriv_initial (void);
+
/* Drop the uid and gid privileges of the current process in a way that allows
them to be restored later.
Return 0 if successful, or -1 with errno set upon failure. The recommended
--- lib/security.c 2024-11-11 09:10:13.044830286 +0100
+++ lib/security.c 2024-11-11 09:51:16.688162468 +0100
@@ -138,7 +138,8 @@
gripe_set_euid ();
uid = ruid;
gid = rgid;
- }
+ } else
+ idpriv_initial ();
priv_drop_count++;
#endif /* MAN_OWNER */

View File

@ -1,11 +1,11 @@
--- ---
config.h.in | 3 ++ config.h.in | 3 +
configure.ac | 52 +++++++++++++++++++++++++++++++++++++++++ configure.ac | 52 +++++++++++++++++++++++++++++++++
src/decompress.c | 69 ++++++++++++++++++++++++++++++++++++++++++++++++++++++- src/decompress.c | 86 +++++++++++++++++++++++++++++++++++++++++++++++++++++--
3 files changed, 123 insertions(+), 1 deletion(-) 3 files changed, 138 insertions(+), 3 deletions(-)
--- config.h.in --- config.h.in
+++ config.h.in 2024-10-18 12:05:43.927063826 +0000 +++ config.h.in 2024-11-11 10:43:01.369880933 +0000
@@ -1148,6 +1148,9 @@ @@ -1148,6 +1148,9 @@
/* Define to 1 if you have the `z' library (-lz). */ /* Define to 1 if you have the `z' library (-lz). */
#undef HAVE_LIBZ #undef HAVE_LIBZ
@ -17,7 +17,7 @@
#undef HAVE_LIB_BCRYPT #undef HAVE_LIB_BCRYPT
--- configure.ac --- configure.ac
+++ configure.ac 2024-10-18 12:05:43.927063826 +0000 +++ configure.ac 2024-11-11 10:43:01.369880933 +0000
@@ -35,6 +35,18 @@ MAN_ARG_DEVICE @@ -35,6 +35,18 @@ MAN_ARG_DEVICE
MAN_ARG_DB MAN_ARG_DB
MAN_ARG_CONFIG_FILE MAN_ARG_CONFIG_FILE
@ -85,7 +85,7 @@
# Check for various header files and associated libraries. # Check for various header files and associated libraries.
--- src/decompress.c --- src/decompress.c
+++ src/decompress.c 2024-10-18 12:11:37.516631374 +0000 +++ src/decompress.c 2024-11-11 10:44:24.036386441 +0000
@@ -40,12 +40,17 @@ @@ -40,12 +40,17 @@
#include "pipeline.h" #include "pipeline.h"
@ -104,12 +104,68 @@
#include "manconfig.h" #include "manconfig.h"
#include "compression.h" #include "compression.h"
@@ -189,6 +194,32 @@ static decompress *decompress_try_zlib ( @@ -146,7 +151,11 @@ static void decompress_zlib (void *data
static decompress *decompress_try_zlib (const char *filename)
{
+#ifdef HAVE_ZIO
+ FILE *file;
+#else
gzFile zlibfile;
+#endif
/* We only ever call this from the parent process (and don't
* currently use threads), and this lets us skip per-file memory
* allocation.
@@ -154,18 +163,32 @@ static decompress *decompress_try_zlib (
static char buffer[MAX_INPROCESS];
int len = 0;
+#ifdef HAVE_ZIO
+ file = fzopen(filename, "r");
+ if (!file)
+ return NULL;
+#else
zlibfile = gzopen (filename, "r");
if (!zlibfile)
return NULL;
+#endif
while (len < MAX_INPROCESS) {
/* Read one more byte than we're prepared to return, in
* order to detect EOF at the right position. The "len >=
* MAX_INPROCESS" check below catches the boundary case.
*/
+#ifdef HAVE_ZIO
+ int r = fread(buffer + len, sizeof(char), MAX_INPROCESS - len, file);
+#else
int r = gzread (zlibfile, buffer + len, MAX_INPROCESS - len);
+#endif
if (r < 0) {
+#ifdef HAVE_ZIO
+ fclose(file);
+#else
gzclose (zlibfile);
+#endif
return NULL;
} else if (r == 0)
break;
@@ -173,7 +196,11 @@ static decompress *decompress_try_zlib (
len += r;
}
+#ifdef HAVE_ZIO
+ fclose(file);
+#else
gzclose (zlibfile);
+#endif
if (len >= MAX_INPROCESS)
return NULL;
/* Copy input data so that we don't have potential data corruption
@@ -189,33 +216,86 @@ static decompress *decompress_try_zlib (
# define OPEN_FLAGS_UNUSED MAYBE_UNUSED # define OPEN_FLAGS_UNUSED MAYBE_UNUSED
#endif /* HAVE_LIBZ */ #endif /* HAVE_LIBZ */
+#ifdef HAVE_ZIO +#ifdef HAVE_ZIO
+
+static void decompress_zio (void *data) +static void decompress_zio (void *data)
+{ +{
+ const char *what = (const char*)data; + const char *what = (const char*)data;
@ -131,64 +187,70 @@
+ fclose(file); + fclose(file);
+ return; + return;
+} +}
+
+#endif /* HAVE_ZIO */ +#endif /* HAVE_ZIO */
+ +
decompress *decompress_open (const char *filename, int flags OPEN_FLAGS_UNUSED) decompress *decompress_open (const char *filename, int flags OPEN_FLAGS_UNUSED)
{ {
pipecmd *cmd; pipecmd *cmd;
@@ -203,6 +234,38 @@ decompress *decompress_open (const char pipeline *p;
struct stat st;
#ifdef HAVE_LIBZ
+# ifdef HAVE_ZIO
+ char *ext;
+# else
size_t filename_len;
+# endif
#endif /* HAVE_LIBZ */
- char *ext;
struct compression *comp;
if (stat (filename, &st) < 0 || S_ISDIR (st.st_mode)) if (stat (filename, &st) < 0 || S_ISDIR (st.st_mode))
return NULL; return NULL;
+#ifdef HAVE_ZIO #ifdef HAVE_LIBZ
+# ifdef HAVE_ZIO
+ ext = strrchr (filename, '.'); + ext = strrchr (filename, '.');
+ if (ext) { + if (ext && (
+ const char *opt; + STREQ (ext, ".gz") ||
+ STREQ (ext, ".z") ||
+ STREQ (ext, ".bz2") ||
+ STREQ (ext, ".xz") ||
+ STREQ (ext, ".lzma") ||
+ STREQ (ext, ".Z")
+ )) {
+# else
filename_len = strlen (filename);
if (filename_len > 3 && STREQ (filename + filename_len - 3, ".gz")) {
+# endif
if (flags & DECOMPRESS_ALLOW_INPROCESS) {
decompress *d = decompress_try_zlib (filename);
if (d)
return d;
}
-
+# ifdef HAVE_ZIO
+ static char opt[2] = {'\0','\0'};
+ char *name = NULL; + char *name = NULL;
+ +
+ if (STREQ (ext, ".gz")) + opt[0] = ext[1];
+ opt = "g";
+ else if (STREQ (ext, ".z"))
+ opt = "z";
+ else if (STREQ (ext, ".bz2"))
+ opt = "b";
+ else if (STREQ (ext, ".xz"))
+ opt = "x";
+ else if (STREQ (ext, ".lzma"))
+ opt = "l";
+ else if (STREQ (ext, ".Z"))
+ opt = "Z";
+ else
+ goto nozio;
+ +
+ /* informational only; no shell quoting concerns */ + /* informational only; no shell quoting concerns */
+ name = appendstr (NULL, "libzio < ", filename, (void *) 0); + name = appendstr (NULL, "libzio < ", filename, (void *) 0);
+ cmd = pipecmd_new_function (name, &decompress_zio, NULL, + cmd = pipecmd_new_function (name, &decompress_zio, NULL,
+ (void *)opt); + (void *)opt);
+ pipecmd_pre_exec (cmd, sandbox_load, sandbox_free, sandbox); +# else
+ p = pipeline_new_commands (cmd, (void *) 0); cmd = pipecmd_new_function ("zcat", &decompress_zlib, NULL,
+ free (name); NULL);
+ goto got_pipeline; +# endif
+ } pipecmd_pre_exec (cmd, sandbox_load, sandbox_free, sandbox);
+#endif /* HAVE_ZIO */ p = pipeline_new_commands (cmd, nullptr);
+ +# ifdef HAVE_ZIO
#ifdef HAVE_LIBZ + free (name);
filename_len = strlen (filename); +# endif
if (filename_len > 3 && STREQ (filename + filename_len - 3, ".gz")) { goto got_pipeline;
@@ -220,7 +283,11 @@ decompress *decompress_open (const char
} }
#endif /* HAVE_LIBZ */ #endif /* HAVE_LIBZ */
@@ -313,7 +393,7 @@ void decompress_inprocess_replace (decom
+#ifdef HAVE_ZIO
+nozio:
+#else
ext = strrchr (filename, '.');
+#endif /* HAVE_LIBZ */
if (ext) {
++ext;
@@ -313,7 +380,7 @@ void decompress_inprocess_replace (decom
void decompress_start (decompress *d) void decompress_start (decompress *d)
{ {

View File

@ -63,7 +63,7 @@ diff --git a/lib/security.c b/lib/security.c
#endif /* MAN_OWNER */ #endif /* MAN_OWNER */
void init_security (void) void init_security (void)
@@ -165,6 +170,31 @@ void regain_effective_privs (void) @@ -166,6 +171,31 @@ void regain_effective_privs (void)
uid = euid; uid = euid;
gid = egid; gid = egid;
} }

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Mon Nov 11 10:37:45 UTC 2024 - Dr. Werner Fink <werner@suse.de>
- Readd patch man-db-2.7.1-zio.dif
* Use also in-memory decompression
- Add patch man-db-2.13.0-no_abort.patch
* Avoid abort of mandb due switching to user man if executed by root
------------------------------------------------------------------- -------------------------------------------------------------------
Fri Nov 8 13:58:23 UTC 2024 - Fabian Vogt <fvogt@suse.com> Fri Nov 8 13:58:23 UTC 2024 - Fabian Vogt <fvogt@suse.com>

View File

@ -43,6 +43,10 @@ Source7: man-db-create.service
Source8: manpath.csh Source8: manpath.csh
Source9: manpath.sh Source9: manpath.sh
Patch0: man-db-2.3.19deb4.0-groff.dif Patch0: man-db-2.3.19deb4.0-groff.dif
# PATCH-FIX-SUSE Fix a crash if mandb is directly executed by root
Patch3: man-db-2.13.0-no_abort.patch
# PATCH-FEATURE-OPENSUSE man-db-2.7.1-zio.dif -- Allow using libzio for decompression
Patch4: man-db-2.7.1-zio.dif
# PATCH-FEATURE-OPENSUSE man-db-2.6.3-listall.dif -- If multiple matching pages are found show a list bnc#786679 # PATCH-FEATURE-OPENSUSE man-db-2.6.3-listall.dif -- If multiple matching pages are found show a list bnc#786679
Patch5: man-db-2.6.3-listall.dif Patch5: man-db-2.6.3-listall.dif
# PATCH-FIX-SUSE Fixes build-compare bnc#971922 # PATCH-FIX-SUSE Fixes build-compare bnc#971922
@ -92,6 +96,8 @@ printer (using groff).
%prep %prep
%setup -q -n man-db-%{version} %setup -q -n man-db-%{version}
%patch -P 0 -b .groff %patch -P 0 -b .groff
%patch -P3 -b .seteuid
%patch -P4 -b .zio
%patch -P5 -b .listall %patch -P5 -b .listall
%patch -P6 -p1 -b .p6 %patch -P6 -p1 -b .p6
%patch -P7 -p1 -b .p7 %patch -P7 -p1 -b .p7
@ -157,6 +163,7 @@ find -name 'Makefile.*' | xargs \
%endif %endif
--enable-cache-owner=man \ --enable-cache-owner=man \
--with-device=utf8 \ --with-device=utf8 \
--with-zio \
--with-gnu-ld \ --with-gnu-ld \
--disable-rpath \ --disable-rpath \
--disable-automatic-create \ --disable-automatic-create \
@ -355,7 +362,9 @@ then
fi fi
%post %post
%if 0%{?suse_version} < 1500
%{fillup_only -an cron} %{fillup_only -an cron}
%endif
/sbin/ldconfig /sbin/ldconfig
%if %{with sdtimer} %if %{with sdtimer}
%service_add_post man-db-create.service %service_add_post man-db-create.service