systemd/1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch
Stephan Kulow e7c96ab7f3 Accepting request 250254 from Base:System
- Add patch 0001-bnc888612-logind-polkit-acpi.patch from Frederic
  to solve bnc#888612 - AUDIT-0: Power button press at gdm login
  should not prompt for credentials 

- Add upstream bugfix patches
  0001-journal-Do-not-count-on-the-compiler-initializing-fo.patch
  0002-include-fcntl.h-rather-than-sys-fcntl.h.patch
  0003-mount-order-options-before-other-arguments-to-mount.patch
  0004-shared-wtmp-utmp-don-t-clear-store_wtmp-in-utmp_put_.patch
  0005-shared-label.h-add-missing-stdio.h-include.patch
  0006-shared-sparse-endian.h-add-missing-byteswap.h-includ.patch
  0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch
  0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patch
  1080-udevd-parse_argv-warn-if-argumens-are-invalid.patch
  1081-udevd-check-return-of-various-functions.patch
  1082-udevadm-hwdb-check-return-value-of-fseeko.patch
  1083-udev-node-warn-if-chmod-chown-fails.patch
  1084-udev-ctrl-log-if-setting-SO_PASSCRED-fails.patch
  1085-udev-fix-typos.patch
  1086-udevd-don-t-fail-if-run-udev-exists.patch

- Add upstream bugfix patches
  0001-core-fix-resource-leak-in-manager_environment_add.patch
  0002-util-remove-a-unnecessary-check.patch
  0003-udev-event-explicitly-don-t-read-from-invalid-fd.patch
  0004-shared-conf-parser.patch
  0005-logind-fix-typo.patch
  0006-systemctl-fix-resource-leak-CID-1237747.patch
  0007-libudev-monitor-warn-if-we-fail-to-request-SO_PASSCR.patch
  0008-shared-conf-parser-don-t-leak-memory-on-error-in-DEF.patc

OBS-URL: https://build.opensuse.org/request/show/250254
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/systemd?expand=0&rev=207
2014-09-20 13:51:16 +00:00

74 lines
3.6 KiB
Diff

Based on 6f5cf8a8b1de763383f7382821147e538b7dbd6d Mon Sep 17 00:00:00 2001
From: Tom Gundersen <teg@jklm.no>
Date: Thu, 18 Sep 2014 19:02:03 +0200
Subject: [PATCH] udevd: parse_argv - warn if argumens are invalid
Found by Coverity. Fixes CID #1238780.
---
src/udev/udevd.c | 34 ++++++++++++++++++++++++++--------
1 file changed, 26 insertions(+), 8 deletions(-)
--- src/udev/udevd.c
+++ src/udev/udevd.c 2014-09-19 10:36:25.602735652 +0000
@@ -1002,11 +1002,20 @@ static void kernel_cmdline_options(struc
log_set_max_level(prio);
udev_set_log_priority(udev, prio);
} else if (startswith(opt, "udev.children-max=")) {
- children_max = strtoul(opt + 18, NULL, 0);
+ r = safe_atoi(opt + 18, &children_max);
+ if (r < 0)
+ log_warning("Invalid udev.children-max ignored: %s", opt + 18);
} else if (startswith(opt, "udev.exec-delay=")) {
- exec_delay = strtoul(opt + 16, NULL, 0);
+ r = safe_atoi(opt + 16, &exec_delay);
+ if (r < 0)
+ log_warning("Invalid udev.exec-delay ignored: %s", opt + 16);
} else if (startswith(opt, "udev.event-timeout=")) {
- event_timeout_usec = strtoul(opt + 16, NULL, 0) * USEC_PER_SEC;
+ r = safe_atou64(opt + 16, &event_timeout_usec);
+ if (r < 0) {
+ log_warning("Invalid udev.event-timeout ignored: %s", opt + 16);
+ break;
+ }
+ event_timeout_usec *= USEC_PER_SEC;
event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1;
}
@@ -1052,7 +1061,7 @@ int main(int argc, char *argv[]) {
label_init("/dev");
for (;;) {
- int option;
+ int option, r;
option = getopt_long(argc, argv, "c:de:DtN:hV", options, NULL);
if (option == -1)
@@ -1063,14 +1072,23 @@ int main(int argc, char *argv[]) {
daemonize = true;
break;
case 'c':
- children_max = strtoul(optarg, NULL, 0);
+ r = safe_atoi(optarg, &children_max);
+ if (r < 0)
+ log_warning("Invalid --children-max ignored: %s", optarg);
break;
case 'e':
- exec_delay = strtoul(optarg, NULL, 0);
+ r = safe_atoi(optarg, &exec_delay);
+ if (r < 0)
+ log_warning("Invalid --exec-delay ignored: %s", optarg);
break;
case 't':
- event_timeout_usec = strtoul(optarg, NULL, 0) * USEC_PER_SEC;
- event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1;
+ r = safe_atou64(optarg, &event_timeout_usec);
+ if (r < 0)
+ log_warning("Invalig --event-timeout ignored: %s", optarg);
+ else {
+ event_timeout_usec *= USEC_PER_SEC;
+ event_timeout_warn_usec = (event_timeout_usec / 3) ? : 1;
+ }
break;
case 'D':
debug = true;