From 8e711b23dffe3c700c0c550973735c51a8875a0cca4e7fe1e3a99004b942bdf9 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin Date: Thu, 17 Apr 2014 03:09:48 +0000 Subject: [PATCH] Accepting request 230417 from home:gary_lin:branches:Base:System - fix the error handling of reading a hash file OBS-URL: https://build.opensuse.org/request/show/230417 OBS-URL: https://build.opensuse.org/package/show/Base:System/mokutil?expand=0&rev=24 --- mokutil-fix-hash-file-read.patch | 67 ++++++++++++++++++++++++++++++++ mokutil.changes | 6 +++ mokutil.spec | 3 ++ 3 files changed, 76 insertions(+) create mode 100644 mokutil-fix-hash-file-read.patch diff --git a/mokutil-fix-hash-file-read.patch b/mokutil-fix-hash-file-read.patch new file mode 100644 index 0000000..e4ca3e5 --- /dev/null +++ b/mokutil-fix-hash-file-read.patch @@ -0,0 +1,67 @@ +From 59fb1efb45cc59bfc7a30ade20ef9900c13ec711 Mon Sep 17 00:00:00 2001 +From: Gary Ching-Pang Lin +Date: Fri, 11 Apr 2014 11:37:31 +0800 +Subject: [PATCH] Fix error handling of reading password hash file + +Signed-off-by: Gary Ching-Pang Lin +--- + src/mokutil.c | 20 ++++++++++++-------- + 1 file changed, 12 insertions(+), 8 deletions(-) + +diff --git a/src/mokutil.c b/src/mokutil.c +index cdb5739..d9b657b 100644 +--- a/src/mokutil.c ++++ b/src/mokutil.c +@@ -87,6 +87,7 @@ EFI_GUID (0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, + #define DEFAULT_CRYPT_METHOD SHA512_BASED + #define DEFAULT_SALT_SIZE SHA512_SALT_MAX + #define SETTINGS_LEN (DEFAULT_SALT_SIZE*2) ++#define BUF_SIZE 300 + + static int use_simple_hash; + +@@ -779,7 +780,7 @@ generate_hash (pw_crypt_t *pw_crypt, char *password, int pw_len) + static int + get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) + { +- char string[300]; ++ char string[BUF_SIZE]; + ssize_t read_len = 0; + int fd; + +@@ -789,22 +790,25 @@ get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) + return -1; + } + +- while (read_len < 300) { +- int rc = read (fd, string + read_len, 300 - read_len); +- if (rc == EAGAIN) +- continue; ++ bzero (string, BUF_SIZE); ++ ++ while (read_len < BUF_SIZE) { ++ ssize_t rc = read (fd, string + read_len, BUF_SIZE - read_len); + if (rc < 0) { ++ if (errno == EINTR || errno == EAGAIN) ++ continue; ++ + fprintf (stderr, "Failed to read %s: %m\n", file); + close (fd); + return -1; +- } +- if (rc == 0) ++ } else if (rc == 0) { + break; ++ } + read_len += rc; + } + close (fd); + +- if (string[read_len-1] != '\0') { ++ if (string[read_len] != '\0') { + fprintf (stderr, "corrupted string\n"); + return -1; + } +-- +1.8.4.5 + diff --git a/mokutil.changes b/mokutil.changes index f2a4854..a6d4da8 100644 --- a/mokutil.changes +++ b/mokutil.changes @@ -1,3 +1,9 @@ +------------------------------------------------------------------- +Wed Apr 16 04:11:50 UTC 2014 - glin@suse.com + +- Add mokutil-fix-hash-file-read.patch to fix the error handling of + reading a hash file + ------------------------------------------------------------------- Thu Apr 10 04:44:22 UTC 2014 - glin@suse.com diff --git a/mokutil.spec b/mokutil.spec index 8d1b3c5..0d9dcd0 100644 --- a/mokutil.spec +++ b/mokutil.spec @@ -40,6 +40,8 @@ Patch6: mokutil-check-secure-boot-support.patch Patch7: mokutil-check-corrupted-key-list.patch # PATCH-FIX-UPSTREAM mokutil-no-invalid-x509.patch glin@suse.com -- Don't import an invalid x509 certificate Patch8: mokutil-no-invalid-x509.patch +# PATCH-FIX-UPSTREAM mokutil-fix-hash-file-read.patch glin@suse.com -- Fix the error handling of reading a hash file +Patch9: mokutil-fix-hash-file-read.patch # PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate Patch100: mokutil-support-revoke-builtin-cert.patch BuildRequires: autoconf @@ -69,6 +71,7 @@ Authors: %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %patch100 -p1 %build