Accepting request 230417 from home:gary_lin:branches:Base:System

- fix the error handling of reading a hash file

OBS-URL: https://build.opensuse.org/request/show/230417
OBS-URL: https://build.opensuse.org/package/show/Base:System/mokutil?expand=0&rev=24
This commit is contained in:
Gary Ching-Pang Lin 2014-04-17 03:09:48 +00:00 committed by Git OBS Bridge
parent cc67a2e864
commit 8e711b23df
3 changed files with 76 additions and 0 deletions

View File

@ -0,0 +1,67 @@
From 59fb1efb45cc59bfc7a30ade20ef9900c13ec711 Mon Sep 17 00:00:00 2001
From: Gary Ching-Pang Lin <glin@suse.com>
Date: Fri, 11 Apr 2014 11:37:31 +0800
Subject: [PATCH] Fix error handling of reading password hash file
Signed-off-by: Gary Ching-Pang Lin <glin@suse.com>
---
src/mokutil.c | 20 ++++++++++++--------
1 file changed, 12 insertions(+), 8 deletions(-)
diff --git a/src/mokutil.c b/src/mokutil.c
index cdb5739..d9b657b 100644
--- a/src/mokutil.c
+++ b/src/mokutil.c
@@ -87,6 +87,7 @@ EFI_GUID (0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b,
#define DEFAULT_CRYPT_METHOD SHA512_BASED
#define DEFAULT_SALT_SIZE SHA512_SALT_MAX
#define SETTINGS_LEN (DEFAULT_SALT_SIZE*2)
+#define BUF_SIZE 300
static int use_simple_hash;
@@ -779,7 +780,7 @@ generate_hash (pw_crypt_t *pw_crypt, char *password, int pw_len)
static int
get_hash_from_file (const char *file, pw_crypt_t *pw_crypt)
{
- char string[300];
+ char string[BUF_SIZE];
ssize_t read_len = 0;
int fd;
@@ -789,22 +790,25 @@ get_hash_from_file (const char *file, pw_crypt_t *pw_crypt)
return -1;
}
- while (read_len < 300) {
- int rc = read (fd, string + read_len, 300 - read_len);
- if (rc == EAGAIN)
- continue;
+ bzero (string, BUF_SIZE);
+
+ while (read_len < BUF_SIZE) {
+ ssize_t rc = read (fd, string + read_len, BUF_SIZE - read_len);
if (rc < 0) {
+ if (errno == EINTR || errno == EAGAIN)
+ continue;
+
fprintf (stderr, "Failed to read %s: %m\n", file);
close (fd);
return -1;
- }
- if (rc == 0)
+ } else if (rc == 0) {
break;
+ }
read_len += rc;
}
close (fd);
- if (string[read_len-1] != '\0') {
+ if (string[read_len] != '\0') {
fprintf (stderr, "corrupted string\n");
return -1;
}
--
1.8.4.5

View File

@ -1,3 +1,9 @@
-------------------------------------------------------------------
Wed Apr 16 04:11:50 UTC 2014 - glin@suse.com
- Add mokutil-fix-hash-file-read.patch to fix the error handling of
reading a hash file
------------------------------------------------------------------- -------------------------------------------------------------------
Thu Apr 10 04:44:22 UTC 2014 - glin@suse.com Thu Apr 10 04:44:22 UTC 2014 - glin@suse.com

View File

@ -40,6 +40,8 @@ Patch6: mokutil-check-secure-boot-support.patch
Patch7: mokutil-check-corrupted-key-list.patch Patch7: mokutil-check-corrupted-key-list.patch
# PATCH-FIX-UPSTREAM mokutil-no-invalid-x509.patch glin@suse.com -- Don't import an invalid x509 certificate # PATCH-FIX-UPSTREAM mokutil-no-invalid-x509.patch glin@suse.com -- Don't import an invalid x509 certificate
Patch8: mokutil-no-invalid-x509.patch Patch8: mokutil-no-invalid-x509.patch
# PATCH-FIX-UPSTREAM mokutil-fix-hash-file-read.patch glin@suse.com -- Fix the error handling of reading a hash file
Patch9: mokutil-fix-hash-file-read.patch
# PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate # PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate
Patch100: mokutil-support-revoke-builtin-cert.patch Patch100: mokutil-support-revoke-builtin-cert.patch
BuildRequires: autoconf BuildRequires: autoconf
@ -69,6 +71,7 @@ Authors:
%patch6 -p1 %patch6 -p1
%patch7 -p1 %patch7 -p1
%patch8 -p1 %patch8 -p1
%patch9 -p1
%patch100 -p1 %patch100 -p1
%build %build