diff options
| author | Simon McVittie <smcv@debian.org> | 2014-06-05 15:11:57 +0100 |
|---|---|---|
| committer | Simon McVittie <smcv@debian.org> | 2014-06-05 15:11:57 +0100 |
| commit | 2aa6558146965f91878fe7db131593a02736158e (patch) | |
| tree | bd1745de9188bc183926e32f2d64b6ca95a191db | |
| parent | 56b80e4831471edfa3edcfd114374016941ed52e (diff) | |
| download | dbus-2aa6558146965f91878fe7db131593a02736158e.tar.gz | |
Imported Upstream version 1.8.4upstream/1.8.4
| -rw-r--r-- | NEWS | 11 | ||||
| -rw-r--r-- | bus/activation.c | 27 | ||||
| -rw-r--r-- | bus/activation.h | 3 | ||||
| -rw-r--r-- | bus/services.c | 5 | ||||
| -rwxr-xr-x | configure | 26 | ||||
| -rw-r--r-- | configure.ac | 4 |
6 files changed, 50 insertions, 26 deletions
@@ -1,3 +1,14 @@ +D-Bus 1.8.4 (2014-06-10) +== + +Security fix: + +• Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service + flaw in dbus-daemon, part of the reference implementation of D-Bus. + Additionally, in highly unusual environments the same flaw could lead to + a side channel between processes that should not be able to communicate. + (CVE-2014-3477, fd.o #78979) + D-Bus 1.8.2 (2014-04-30) == diff --git a/bus/activation.c b/bus/activation.c index fa6c1568..149cca8a 100644 --- a/bus/activation.c +++ b/bus/activation.c @@ -1162,14 +1162,11 @@ bus_activation_service_created (BusActivation *activation, dbus_bool_t bus_activation_send_pending_auto_activation_messages (BusActivation *activation, BusService *service, - BusTransaction *transaction, - DBusError *error) + BusTransaction *transaction) { BusPendingActivation *pending_activation; DBusList *link; - _DBUS_ASSERT_ERROR_IS_CLEAR (error); - /* Check if it's a pending activation */ pending_activation = _dbus_hash_table_lookup_string (activation->pending_activations, bus_service_get_name (service)); @@ -1186,6 +1183,9 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation if (entry->auto_activation && (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection))) { DBusConnection *addressed_recipient; + DBusError error; + + dbus_error_init (&error); addressed_recipient = bus_service_get_primary_owners_connection (service); @@ -1193,8 +1193,22 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation if (!bus_dispatch_matches (transaction, entry->connection, addressed_recipient, - entry->activation_message, error)) - goto error; + entry->activation_message, &error)) + { + /* If permission is denied, we just want to return the error + * to the original method invoker; in particular, we don't + * want to make the RequestName call fail with that error + * (see fd.o #78979, CVE-2014-3477). */ + if (!bus_transaction_send_error_reply (transaction, entry->connection, + &error, entry->activation_message)) + { + bus_connection_send_oom_error (entry->connection, + entry->activation_message); + } + + link = next; + continue; + } } link = next; @@ -1203,7 +1217,6 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation if (!add_restore_pending_to_transaction (transaction, pending_activation)) { _dbus_verbose ("Could not add cancel hook to transaction to revert removing pending activation\n"); - BUS_SET_OOM (error); goto error; } diff --git a/bus/activation.h b/bus/activation.h index 97f25b1f..fc5d426f 100644 --- a/bus/activation.h +++ b/bus/activation.h @@ -62,8 +62,7 @@ dbus_bool_t dbus_activation_systemd_failure (BusActivation *activation, dbus_bool_t bus_activation_send_pending_auto_activation_messages (BusActivation *activation, BusService *service, - BusTransaction *transaction, - DBusError *error); + BusTransaction *transaction); #endif /* BUS_ACTIVATION_H */ diff --git a/bus/services.c b/bus/services.c index 01a720ed..584485b1 100644 --- a/bus/services.c +++ b/bus/services.c @@ -588,8 +588,9 @@ bus_registry_acquire_service (BusRegistry *registry, activation = bus_context_get_activation (registry->context); retval = bus_activation_send_pending_auto_activation_messages (activation, service, - transaction, - error); + transaction); + if (!retval) + BUS_SET_OOM (error); out: return retval; @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.69 for dbus 1.8.2. +# Generated by GNU Autoconf 2.69 for dbus 1.8.4. # # Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>. # @@ -591,8 +591,8 @@ MAKEFLAGS= # Identity of this package. PACKAGE_NAME='dbus' PACKAGE_TARNAME='dbus' -PACKAGE_VERSION='1.8.2' -PACKAGE_STRING='dbus 1.8.2' +PACKAGE_VERSION='1.8.4' +PACKAGE_STRING='dbus 1.8.4' PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus' PACKAGE_URL='' @@ -1512,7 +1512,7 @@ if test "$ac_init_help" = "long"; then # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dbus 1.8.2 to adapt to many kinds of systems. +\`configure' configures dbus 1.8.4 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1586,7 +1586,7 @@ fi if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dbus 1.8.2:";; + short | recursive ) echo "Configuration of dbus 1.8.4:";; esac cat <<\_ACEOF @@ -1783,7 +1783,7 @@ fi test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -dbus configure 1.8.2 +dbus configure 1.8.4 generated by GNU Autoconf 2.69 Copyright (C) 2012 Free Software Foundation, Inc. @@ -2502,7 +2502,7 @@ cat >config.log <<_ACEOF This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dbus $as_me 1.8.2, which was +It was created by dbus $as_me 1.8.4, which was generated by GNU Autoconf 2.69. Invocation command line was $ $0 $@ @@ -3442,7 +3442,7 @@ fi # Define the identity of the package. PACKAGE='dbus' - VERSION='1.8.2' + VERSION='1.8.4' cat >>confdefs.h <<_ACEOF @@ -3742,7 +3742,7 @@ LT_CURRENT=11 ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=4 +LT_REVISION=5 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has @@ -3755,8 +3755,8 @@ LT_AGE=8 DBUS_MAJOR_VERSION=1 DBUS_MINOR_VERSION=8 -DBUS_MICRO_VERSION=2 -DBUS_VERSION=1.8.2 +DBUS_MICRO_VERSION=4 +DBUS_VERSION=1.8.4 @@ -23266,7 +23266,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1 # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by dbus $as_me 1.8.2, which was +This file was extended by dbus $as_me 1.8.4, which was generated by GNU Autoconf 2.69. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -23332,7 +23332,7 @@ _ACEOF cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`" ac_cs_version="\\ -dbus config.status 1.8.2 +dbus config.status 1.8.4 configured by $0, generated by GNU Autoconf 2.69, with options \\"\$ac_cs_config\\" diff --git a/configure.ac b/configure.ac index eccdd30f..034388ac 100644 --- a/configure.ac +++ b/configure.ac @@ -3,7 +3,7 @@ AC_PREREQ([2.63]) m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [8]) -m4_define([dbus_micro_version], [2]) +m4_define([dbus_micro_version], [4]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus]) @@ -37,7 +37,7 @@ LT_CURRENT=11 ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=4 +LT_REVISION=5 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has |