From 2194a11cb10fd9b997d3f3b63a34702c48ca10b0 Mon Sep 17 00:00:00 2001 From: Jiri Moskovcak Date: Tue, 13 Sep 2011 15:49:22 +0200 Subject: [PATCH] fixed 2 segvs rhbz#737961 and /var/run/privs rhbz#725974 --- abrt.spec | 14 ++++++++++++-- free_space_check.patch | 29 +++++++++++++++++++++++++++++ null_deref.patch | 21 +++++++++++++++++++++ 3 files changed, 62 insertions(+), 2 deletions(-) create mode 100644 free_space_check.patch create mode 100644 null_deref.patch diff --git a/abrt.spec b/abrt.spec index 5424a12..01c625d 100644 --- a/abrt.spec +++ b/abrt.spec @@ -10,7 +10,7 @@ Summary: Automatic bug detection and reporting tool Name: abrt Version: 2.0.4 -Release: 3%{?dist} +Release: 4%{?dist} License: GPLv2+ Group: Applications/System URL: https://fedorahosted.org/abrt/ @@ -24,6 +24,8 @@ Patch1: 0002-gui-split-the-main-window-in-2-panes-reported-not-re.patch Patch2: 0004-install-debuginfo-ask-before-downloading.patch Patch3: blacklist.patch Patch4: enable_bz_for_oops.patch +Patch5: null_deref.patch +Patch6: free_space_check.patch BuildRequires: dbus-devel BuildRequires: gtk2-devel BuildRequires: rpm-devel >= 4.6 @@ -170,6 +172,8 @@ Virtual package to make easy default installation on desktop environments. %patch2 -p1 %patch3 -p1 %patch4 -p1 -b .oops_to_bz +%patch5 -p1 -b .sigsegv +%patch6 -p1 -b .free_space_check %build autoconf @@ -375,7 +379,7 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %config(noreplace) %{_sysconfdir}/libreport/events.d/smolt_event.conf %dir %attr(0755, abrt, abrt) %{_localstatedir}/spool/%{name} %dir %attr(0700, abrt, abrt) %{_localstatedir}/spool/%{name}-upload -%dir %attr(0775, abrt, abrt) %{_localstatedir}/run/%{name} +%dir %attr(0755, root, root) %{_localstatedir}/run/%{name} %ghost %attr(0666, -, -) %{_localstatedir}/run/%{name}/abrt.socket %ghost %attr(0644, -, -) %{_localstatedir}/run/abrtd.pid @@ -471,6 +475,12 @@ gtk-update-icon-cache %{_datadir}/icons/hicolor &>/dev/null || : %defattr(-,root,root,-) %changelog +* Tue Sep 13 2011 Jiri Moskovcak - 2.0.4-4 +- fixed sigsegv in a-a-save-package-data rhbz#737961 +- fixed privs for /var/run/abrt rhbz#725974 +- fixed segv in free space check +- Resolves: #737961 #725974 + * Tue Aug 30 2011 Jiri Moskovcak - 2.0.4-3 - fixed abrt1-abrt2 update diff --git a/free_space_check.patch b/free_space_check.patch new file mode 100644 index 0000000..a268792 --- /dev/null +++ b/free_space_check.patch @@ -0,0 +1,29 @@ +commit e91b22a9654bf9912f3f88c917773a96ff7733a3 +Author: Martin Milata +Date: Thu Sep 8 16:29:01 2011 +0200 + + Fix free space checking + + The g_settings_dump_location was freed before it was passed to the free + space check, thus preventing it from working. + +diff --git a/src/daemon/abrt-server.c b/src/daemon/abrt-server.c +index 983706e..330f85f 100644 +--- a/src/daemon/abrt-server.c ++++ b/src/daemon/abrt-server.c +@@ -143,7 +143,6 @@ static int create_debug_dump() + + /* Trim old crash dumps if necessary */ + load_abrt_conf(); +- free_abrt_conf_data(); /* can do this because we need only g_settings_nMaxCrashReportsSize */ + if (g_settings_nMaxCrashReportsSize > 0) + { + /* x1.25 and round up to 64m: go a bit up, so that usual in-daemon trimming +@@ -154,6 +153,7 @@ static int create_debug_dump() + check_free_space(maxsize); + trim_debug_dumps(DEBUG_DUMPS_DIR, maxsize * (double)(1024*1024), path); + } ++ free_abrt_conf_data(); + + free(path); + diff --git a/null_deref.patch b/null_deref.patch new file mode 100644 index 0000000..4f7df5f --- /dev/null +++ b/null_deref.patch @@ -0,0 +1,21 @@ +commit d2572a98f41df96534f41062b0020ee6a10047ea +Author: Martin Milata +Date: Tue Jul 26 16:49:28 2011 +0200 + + a-a-save-package-data: Fix NULL dereference + + Fixes #324. + +diff --git a/src/daemon/abrt-action-save-package-data.c b/src/daemon/abrt-action-save-package-data.c +index d37a05d..ddcf4ac 100644 +--- a/src/daemon/abrt-action-save-package-data.c ++++ b/src/daemon/abrt-action-save-package-data.c +@@ -160,7 +160,7 @@ static char *get_argv1_if_full_path(const char* cmdline) + * with '/', it is not a full path to script + * and we can't use it to determine the package name + */ +- if (*argv1 != '/') ++ if (argv1 == NULL || *argv1 != '/') + return NULL; + + /* good, it has "/foo/bar" form, return it */