SHA256
1
0
forked from pool/grub2

Accepting request 345139 from Base:System

1

OBS-URL: https://build.opensuse.org/request/show/345139
OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/grub2?expand=0&rev=127
This commit is contained in:
Stephan Kulow 2015-11-24 21:30:32 +00:00 committed by Git OBS Bridge
parent 73eef36369
commit 15b0fc1ff0
3 changed files with 52 additions and 0 deletions

View File

@ -0,0 +1,42 @@
From 6a46cbcc5c1c746562fd7181bf0f2337db065201 Mon Sep 17 00:00:00 2001
From: Andrei Borzenkov <arvidjaar@gmail.com>
Date: Wed, 18 Nov 2015 22:23:58 +0300
Subject: [PATCH] unix: do not close stdin in grub_passwd_get
This makes it impossible to read from stdin without controlling tty:
10:/mnt # echo -e passwd\\npasswd | setsid ./grub-mkpasswd-pbkdf2
Enter password:
Reenter password: ./grub-mkpasswd-pbkdf2: error: failure to read password.
10:/mnt
---
grub-core/osdep/unix/password.c | 6 ++++--
1 file changed, 4 insertions(+), 2 deletions(-)
diff --git a/grub-core/osdep/unix/password.c b/grub-core/osdep/unix/password.c
index 4b9507b..9996b24 100644
--- a/grub-core/osdep/unix/password.c
+++ b/grub-core/osdep/unix/password.c
@@ -54,7 +54,8 @@ grub_password_get (char buf[], unsigned buf_size)
grub_memset (buf, 0, buf_size);
if (!fgets (buf, buf_size, stdin))
{
- fclose (in);
+ if (in != stdin)
+ fclose (in);
return 0;
}
ptr = buf + strlen (buf) - 1;
@@ -67,7 +68,8 @@ grub_password_get (char buf[], unsigned buf_size)
grub_xputs ("\n");
grub_refresh ();
- fclose (in);
+ if (in != stdin)
+ fclose (in);
return 1;
}
--
1.9.1

View File

@ -1,3 +1,10 @@
-------------------------------------------------------------------
Wed Nov 18 19:33:42 UTC 2015 - arvidjaar@gmail.com
- Add 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch
Fix reading password by grub2-mkpasswd-pbdk2 without controlling
tty, e.g. when called from Xfce menu (boo#954519)
-------------------------------------------------------------------
Mon Nov 1 21:30:02 UTC 2015 - arvidjaar@gmail.com

View File

@ -260,6 +260,8 @@ Patch261: 0002-linux-getroot-fix-descriptor-leak.patch
Patch262: 0003-util-grub-mount-fix-descriptor-leak.patch
Patch263: 0004-linux-ofpath-fix-descriptor-leak.patch
Patch264: 0005-grub-fstest-fix-descriptor-leak.patch
# Upstream patch to fix patch 0001-unix-password-Fix-file-descriptor-leak.patch
Patch265: 0001-unix-do-not-close-stdin-in-grub_passwd_get.patch
Requires: gettext-runtime
%if 0%{?suse_version} >= 1140
@ -530,6 +532,7 @@ mv po/grub.pot po/%{name}.pot
%patch262 -p1
%patch263 -p1
%patch264 -p1
%patch265 -p1
# Generate po/LINGUAS for message catalogs ...
./linguas.sh