diff options
author | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
---|---|---|
committer | takeshi_hoshina <takeshi_hoshina@mail.toyota.co.jp> | 2020-11-02 11:07:33 +0900 |
commit | 1c7d6584a7811b7785ae5c1e378f14b5ba0971cf (patch) | |
tree | cd70a267a5ef105ba32f200aa088e281fbd85747 /external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch | |
parent | 4204309872da5cb401cbb2729d9e2d4869a87f42 (diff) |
basesystem-jjsandbox/ToshikazuOhiwa/master-jj
recipes
Diffstat (limited to 'external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch')
-rw-r--r-- | external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch | 53 |
1 files changed, 0 insertions, 53 deletions
diff --git a/external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch b/external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch deleted file mode 100644 index b97a6b06..00000000 --- a/external/meta-openembedded/meta-oe/recipes-extended/polkit/polkit/CVE-2018-19788_p3.patch +++ /dev/null @@ -1,53 +0,0 @@ -From 0fd5884a943a92aa076fa3276bd83f502dcb934e Mon Sep 17 00:00:00 2001 -From: Matthew Leeds <matthew.leeds@endlessm.com> -Date: Tue, 11 Dec 2018 12:04:26 -0800 -Subject: [PATCH 3/3] Allow uid of -1 for a PolkitUnixProcess - -Commit 2cb40c4d5 changed PolkitUnixUser, PolkitUnixGroup, and -PolkitUnixProcess to allow negative values for their uid/gid properties, -since these are values above INT_MAX which wrap around but are still -valid, with the exception of -1 which is not valid. However, -PolkitUnixProcess allows a uid of -1 to be passed to -polkit_unix_process_new_for_owner() which means polkit is expected to -figure out the uid on its own (this happens in the _constructed -function). So this commit removes the check in -polkit_unix_process_set_property() so that new_for_owner() can be used -as documented without producing a critical error message. - -This does not affect the protection against CVE-2018-19788 which is -based on creating a user with a UID up to but not including 4294967295 -(-1). - -CVE: CVE-2018-19788 -Upstream-Status: Backport -[https://gitlab.freedesktop.org/polkit/polkit/commit/c05472b86222a72505adc5eec460493980224ef8] - -Signed-off-by: Dan Tran <dantran@microsoft.com> ---- - src/polkit/polkitunixprocess.c | 9 ++------- - 1 file changed, 2 insertions(+), 7 deletions(-) - -diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c -index b02b258..e2a3c03 100644 ---- a/src/polkit/polkitunixprocess.c -+++ b/src/polkit/polkitunixprocess.c -@@ -159,14 +159,9 @@ polkit_unix_process_set_property (GObject *object, - polkit_unix_process_set_pid (unix_process, g_value_get_int (value)); - break; - -- case PROP_UID: { -- gint val; -- -- val = g_value_get_int (value); -- g_return_if_fail (val != -1); -- polkit_unix_process_set_uid (unix_process, val); -+ case PROP_UID: -+ polkit_unix_process_set_uid (unix_process, g_value_get_int (value)); - break; -- } - - case PROP_START_TIME: - polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value)); --- -2.22.0.vfs.1.1.57.gbaf16c8 - |