libvirt/e4697b92-CVE-2013-4311.patch

commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a
Author: Daniel P. Berrange <berrange@redhat.com>
Date:   Mon Sep 23 12:46:25 2013 +0100

    Fix typo in identity code which is pre-requisite for CVE-2013-4311
    
    The fix for CVE-2013-4311 had a pre-requisite enhancement
    to the identity code
    
      commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176
      Author: Daniel P. Berrange <berrange@redhat.com>
      Date:   Thu Aug 22 16:00:01 2013 +0100
    
        Also store user & group ID values in virIdentity
    
    This had a typo which caused the group ID to overwrite the
    user ID string. This meant any checks using this would have
    the wrong ID value. This only affected the ACL code, not the
    initial polkit auth. It also leaked memory.
    
    Signed-off-by: Daniel P. Berrange <berrange@redhat.com>

Index: libvirt-1.1.2/src/rpc/virnetserverclient.c
===================================================================
--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c
+++ libvirt-1.1.2/src/rpc/virnetserverclient.c
@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetS
             goto cleanup;
         if (!(groupname = virGetGroupName(gid)))
             goto cleanup;
-        if (virAsprintf(&userid, "%d", (int)gid) < 0)
+        if (virAsprintf(&groupid, "%d", (int)gid) < 0)
             goto cleanup;
         if (virAsprintf(&processid, "%llu",
                         (unsigned long long)pid) < 0)
- Add support for using 3-arg pkcheck syntax for process db7a5688-CVE-2013-4311.patch, e65667c0-CVE-2013-4311.patch, 922b7fda-CVE-2013-4311.patch, e4697b92-CVE-2013-4311.patch bnc#836931 - CVE-2013-4296: Fix crash in remoteDispatchDomainMemoryStats e7f400a1-CVE-2013-4296.patch bnc#838638 - CVE-2013-4297: Fix crash in virFileNBDDeviceAssociate 2dba0323-CVE-2013-4297.patch bnc#838642 OBS-URL: https://build.opensuse.org/package/show/Virtualization/libvirt?expand=0&rev=299 2013-10-02 18:20:46 +02:00			`commit e4697b92abaad16e8e6b41a1e55be9b084d48d5a`
			`Author: Daniel P. Berrange <berrange@redhat.com>`
			`Date: Mon Sep 23 12:46:25 2013 +0100`

			`Fix typo in identity code which is pre-requisite for CVE-2013-4311`

			`The fix for CVE-2013-4311 had a pre-requisite enhancement`
			`to the identity code`

			`commit db7a5688c05f3fd60d9d2b74c72427eb9ee9c176`
			`Author: Daniel P. Berrange <berrange@redhat.com>`
			`Date: Thu Aug 22 16:00:01 2013 +0100`

			`Also store user & group ID values in virIdentity`

			`This had a typo which caused the group ID to overwrite the`
			`user ID string. This meant any checks using this would have`
			`the wrong ID value. This only affected the ACL code, not the`
			`initial polkit auth. It also leaked memory.`

			`Signed-off-by: Daniel P. Berrange <berrange@redhat.com>`

			`Index: libvirt-1.1.2/src/rpc/virnetserverclient.c`
			`===================================================================`
			`--- libvirt-1.1.2.orig/src/rpc/virnetserverclient.c`
			`+++ libvirt-1.1.2/src/rpc/virnetserverclient.c`
			`@@ -678,7 +678,7 @@ virNetServerClientCreateIdentity(virNetS`
			`goto cleanup;`
			`if (!(groupname = virGetGroupName(gid)))`
			`goto cleanup;`
			`- if (virAsprintf(&userid, "%d", (int)gid) < 0)`
			`+ if (virAsprintf(&groupid, "%d", (int)gid) < 0)`
			`goto cleanup;`
			`if (virAsprintf(&processid, "%llu",`
			`(unsigned long long)pid) < 0)`