Backport bunch of bugfixes (asserts, segv, memleaks) from upstream
This commit is contained in:
parent
117b3ffe68
commit
ed724b69dc
@ -0,0 +1,29 @@
|
|||||||
|
From 264148da88b25a0800178f0c33e2b6ae292de455 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Thu, 20 Oct 2016 19:19:46 +0200
|
||||||
|
Subject: [PATCH] logind: don't hit assert when we try to free NULL manager
|
||||||
|
object
|
||||||
|
|
||||||
|
Fixes: #4431
|
||||||
|
(cherry picked from commit 84a4e6608dbda38c724ab196a226db209a50b224)
|
||||||
|
---
|
||||||
|
src/login/logind.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/login/logind.c b/src/login/logind.c
|
||||||
|
index 5ce36d2..e5854db 100644
|
||||||
|
--- a/src/login/logind.c
|
||||||
|
+++ b/src/login/logind.c
|
||||||
|
@@ -125,7 +125,8 @@ static void manager_free(Manager *m) {
|
||||||
|
Inhibitor *i;
|
||||||
|
Button *b;
|
||||||
|
|
||||||
|
- assert(m);
|
||||||
|
+ if (!m)
|
||||||
|
+ return;
|
||||||
|
|
||||||
|
while ((session = hashmap_first(m->sessions)))
|
||||||
|
session_free(session);
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,39 @@
|
|||||||
|
From a30e889de3487c8c478389da0aded6d73f7f4cc7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Fri, 21 Oct 2016 12:27:46 +0200
|
||||||
|
Subject: [PATCH] core: if the start command vanishes during runtime don't hit
|
||||||
|
an assert
|
||||||
|
|
||||||
|
This can happen when the configuration is changed and reloaded while we are
|
||||||
|
executing a service. Let's not hit an assert in this case.
|
||||||
|
|
||||||
|
Fixes: #4444
|
||||||
|
(cherry picked from commit 47fffb3530af3e3ad4048570611685635fde062e)
|
||||||
|
---
|
||||||
|
src/core/service.c | 10 +++++++++-
|
||||||
|
1 file changed, 9 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/service.c b/src/core/service.c
|
||||||
|
index afb1985..537db62 100644
|
||||||
|
--- a/src/core/service.c
|
||||||
|
+++ b/src/core/service.c
|
||||||
|
@@ -1706,7 +1706,15 @@ static void service_enter_start(Service *s) {
|
||||||
|
}
|
||||||
|
|
||||||
|
if (!c) {
|
||||||
|
- assert(s->type == SERVICE_ONESHOT);
|
||||||
|
+ if (s->type != SERVICE_ONESHOT) {
|
||||||
|
+ /* There's no command line configured for the main command? Hmm, that is strange. This can only
|
||||||
|
+ * happen if the configuration changes at runtime. In this case, let's enter a failure
|
||||||
|
+ * state. */
|
||||||
|
+ log_unit_error(UNIT(s), "There's no 'start' task anymore we could start: %m");
|
||||||
|
+ r = -ENXIO;
|
||||||
|
+ goto fail;
|
||||||
|
+ }
|
||||||
|
+
|
||||||
|
service_enter_start_post(s);
|
||||||
|
return;
|
||||||
|
}
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,38 @@
|
|||||||
|
From f1d2c31949a501d919a17e09b0d2a093d93837b4 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Lennart Poettering <lennart@poettering.net>
|
||||||
|
Date: Wed, 2 Nov 2016 12:02:53 -0600
|
||||||
|
Subject: [PATCH] core: don't hit an assert when printing status messages about
|
||||||
|
units with overly long description strings
|
||||||
|
MIME-Version: 1.0
|
||||||
|
Content-Type: text/plain; charset=UTF-8
|
||||||
|
Content-Transfer-Encoding: 8bit
|
||||||
|
|
||||||
|
This essentially reverts one part of d054f0a4d451120c26494263fc4dc175bfd405b1.
|
||||||
|
|
||||||
|
(We might also choose to use proper ellipsation here, but I wasn't sure the
|
||||||
|
memory allocation this requires wouöld be a good idea here...)
|
||||||
|
|
||||||
|
Fixes: #4534
|
||||||
|
(cherry picked from commit 07ecca0dc9d2d8f3b3abd73ab32f254f339fd903)
|
||||||
|
---
|
||||||
|
src/core/job.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/job.c b/src/core/job.c
|
||||||
|
index 7557874..4efcfb8 100644
|
||||||
|
--- a/src/core/job.c
|
||||||
|
+++ b/src/core/job.c
|
||||||
|
@@ -767,8 +767,9 @@ static void job_log_status_message(Unit *u, JobType t, JobResult result) {
|
||||||
|
if (!format)
|
||||||
|
return;
|
||||||
|
|
||||||
|
+ /* The description might be longer than the buffer, but that's OK, we'll just truncate it here */
|
||||||
|
DISABLE_WARNING_FORMAT_NONLITERAL;
|
||||||
|
- xsprintf(buf, format, unit_description(u));
|
||||||
|
+ snprintf(buf, sizeof(buf), format, unit_description(u));
|
||||||
|
REENABLE_WARNING;
|
||||||
|
|
||||||
|
switch (t) {
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,36 @@
|
|||||||
|
From 3c9f8cc10801766fba96459c46e52eaf1f77f16b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Dave Reisner <d@falconindy.com>
|
||||||
|
Date: Sun, 27 Nov 2016 17:05:39 -0500
|
||||||
|
Subject: [PATCH] device: Avoid calling unit_free(NULL) in device setup logic
|
||||||
|
(#4748)
|
||||||
|
|
||||||
|
Since a581e45ae8f9bb5c, there's a few function calls to
|
||||||
|
unit_new_for_name which will unit_free on failure. Prior to this commit,
|
||||||
|
a failure would result in calling unit_free with a NULL unit, and hit an
|
||||||
|
assertion failure, seen at least via device_setup_unit:
|
||||||
|
|
||||||
|
Assertion 'u' failed at src/core/unit.c:519, function unit_free(). Aborting.
|
||||||
|
|
||||||
|
Fixes #4747
|
||||||
|
https://bugs.archlinux.org/task/51950
|
||||||
|
(cherry picked from commit d112eae7da77899be245ab52aa1747d4675549f1)
|
||||||
|
---
|
||||||
|
src/core/device.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/device.c b/src/core/device.c
|
||||||
|
index 16e56ef..31724e4 100644
|
||||||
|
--- a/src/core/device.c
|
||||||
|
+++ b/src/core/device.c
|
||||||
|
@@ -369,7 +369,7 @@ static int device_setup_unit(Manager *m, struct udev_device *dev, const char *pa
|
||||||
|
fail:
|
||||||
|
log_unit_warning_errno(u, r, "Failed to set up device unit: %m");
|
||||||
|
|
||||||
|
- if (delete)
|
||||||
|
+ if (delete && u)
|
||||||
|
unit_free(u);
|
||||||
|
|
||||||
|
return r;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,87 @@
|
|||||||
|
From 0360725e0871bf29251636c561bfcd738ac5aba2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Tue, 24 Jan 2017 05:11:59 +0300
|
||||||
|
Subject: [PATCH] sd-network: fix memleak in dhcp6_option_parse_domainname
|
||||||
|
(#5114)
|
||||||
|
|
||||||
|
The simplest way to reproduce:
|
||||||
|
```diff
|
||||||
|
diff --git a/src/libsystemd-network/test-dhcp6-client.c b/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
index bd289fa..7b0a5ef 100644
|
||||||
|
--- a/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
+++ b/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
@@ -168,7 +168,7 @@ static uint8_t msg_advertise[198] = {
|
||||||
|
0x00, 0x17, 0x00, 0x10, 0x20, 0x01, 0x0d, 0xb8,
|
||||||
|
0xde, 0xad, 0xbe, 0xef, 0x00, 0x00, 0x00, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x01, 0x00, 0x18, 0x00, 0x0b,
|
||||||
|
- 0x03, 0x6c, 0x61, 0x62, 0x05, 0x69, 0x6e, 0x74,
|
||||||
|
+ 0x01, 0x6c, 0x01, 0x62, 0x00, 0x0a, 0x6e, 0x74,
|
||||||
|
0x72, 0x61, 0x00, 0x00, 0x1f, 0x00, 0x10, 0x20,
|
||||||
|
0x01, 0x0d, 0xb8, 0xde, 0xad, 0xbe, 0xef, 0x00,
|
||||||
|
0x00, 0x00, 0x00, 0x00, 0x00, 0x00, 0x01, 0x00,
|
||||||
|
@@ -338,9 +338,7 @@ static int test_advertise_option(sd_event *e) {
|
||||||
|
assert_se(!memcmp(addrs, &msg_advertise[124], r * 16));
|
||||||
|
|
||||||
|
r = sd_dhcp6_lease_get_domains(lease, &domains);
|
||||||
|
- assert_se(r == 1);
|
||||||
|
- assert_se(!strcmp("lab.intra", domains[0]));
|
||||||
|
- assert_se(domains[1] == NULL);
|
||||||
|
+ assert_se(r == -ENOENT);
|
||||||
|
|
||||||
|
r = sd_dhcp6_lease_get_ntp_addrs(lease, &addrs);
|
||||||
|
assert_se(r == 1);
|
||||||
|
```
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
```
|
||||||
|
=================================================================
|
||||||
|
==15043==ERROR: LeakSanitizer: detected memory leaks
|
||||||
|
|
||||||
|
Direct leak of 4 byte(s) in 1 object(s) allocated from:
|
||||||
|
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
|
||||||
|
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
|
||||||
|
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
|
||||||
|
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
|
||||||
|
#4 0x55f775774b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
|
||||||
|
#5 0x55f77577883e in main src/libsystemd-network/test-dhcp6-client.c:759
|
||||||
|
#6 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
|
||||||
|
|
||||||
|
Direct leak of 4 byte(s) in 1 object(s) allocated from:
|
||||||
|
#0 0x7f13c8564160 in strdup (/lib64/libasan.so.3+0x5a160)
|
||||||
|
#1 0x7f13c7caaf69 in strv_extend src/basic/strv.c:552
|
||||||
|
#2 0x55f775787230 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
|
||||||
|
#3 0x55f775788b96 in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
|
||||||
|
#4 0x55f775781348 in client_parse_message src/libsystemd-network/sd-dhcp6-client.c:807
|
||||||
|
#5 0x55f775781ba2 in client_receive_advertise src/libsystemd-network/sd-dhcp6-client.c:895
|
||||||
|
#6 0x55f775782453 in client_receive_message src/libsystemd-network/sd-dhcp6-client.c:994
|
||||||
|
#7 0x7f13c7e447f4 in source_dispatch src/libsystemd/sd-event/sd-event.c:2268
|
||||||
|
#8 0x7f13c7e471b0 in sd_event_dispatch src/libsystemd/sd-event/sd-event.c:2627
|
||||||
|
#9 0x7f13c7e47ab3 in sd_event_run src/libsystemd/sd-event/sd-event.c:2686
|
||||||
|
#10 0x7f13c7e47c21 in sd_event_loop src/libsystemd/sd-event/sd-event.c:2706
|
||||||
|
#11 0x55f77577863c in test_client_solicit src/libsystemd-network/test-dhcp6-client.c:737
|
||||||
|
#12 0x55f77577884b in main src/libsystemd-network/test-dhcp6-client.c:760
|
||||||
|
#13 0x7f13c7589400 in __libc_start_main (/lib64/libc.so.6+0x20400)
|
||||||
|
|
||||||
|
SUMMARY: AddressSanitizer: 8 byte(s) leaked in 2 allocation(s).
|
||||||
|
```
|
||||||
|
(cherry picked from commit 419eaa8f8d2025bae98c23bdedb434d6dbb025b8)
|
||||||
|
---
|
||||||
|
src/libsystemd-network/dhcp6-option.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/libsystemd-network/dhcp6-option.c b/src/libsystemd-network/dhcp6-option.c
|
||||||
|
index 5462e03..f8056db 100644
|
||||||
|
--- a/src/libsystemd-network/dhcp6-option.c
|
||||||
|
+++ b/src/libsystemd-network/dhcp6-option.c
|
||||||
|
@@ -339,7 +339,7 @@ int dhcp6_option_parse_ip6addrs(uint8_t *optval, uint16_t optlen,
|
||||||
|
|
||||||
|
int dhcp6_option_parse_domainname(const uint8_t *optval, uint16_t optlen, char ***str_arr) {
|
||||||
|
size_t pos = 0, idx = 0;
|
||||||
|
- _cleanup_free_ char **names = NULL;
|
||||||
|
+ _cleanup_strv_free_ char **names = NULL;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
assert_return(optlen > 1, -ENODATA);
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,58 @@
|
|||||||
|
From c0f1299f8dda31ca91e5b7c8a098fad633156960 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Tue, 24 Jan 2017 05:12:58 +0300
|
||||||
|
Subject: [PATCH] sd-network: fix memleak in dhcp6_lease_set_domains (#5113)
|
||||||
|
|
||||||
|
The simplest way to reproduce:
|
||||||
|
```diff
|
||||||
|
diff --git a/src/libsystemd-network/test-dhcp6-client.c b/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
index bd289fa..4e14d8f 100644
|
||||||
|
--- a/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
+++ b/src/libsystemd-network/test-dhcp6-client.c
|
||||||
|
@@ -286,6 +286,8 @@ static int test_advertise_option(sd_event *e) {
|
||||||
|
assert_se(optlen == 11);
|
||||||
|
assert_se(dhcp6_lease_set_domains(lease, optval,
|
||||||
|
optlen) >= 0);
|
||||||
|
+ assert_se(dhcp6_lease_set_domains(lease, optval,
|
||||||
|
+ optlen) >= 0);
|
||||||
|
break;
|
||||||
|
|
||||||
|
case SD_DHCP6_OPTION_SNTP_SERVERS:
|
||||||
|
```
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
```
|
||||||
|
==27369==ERROR: LeakSanitizer: detected memory leaks
|
||||||
|
|
||||||
|
Direct leak of 10 byte(s) in 1 object(s) allocated from:
|
||||||
|
#0 0x7f90e7d21160 in strdup (/lib64/libasan.so.3+0x5a160)
|
||||||
|
#1 0x7f90e7467f69 in strv_extend src/basic/strv.c:552
|
||||||
|
#2 0x5612fcc19379 in dhcp6_option_parse_domainname src/libsystemd-network/dhcp6-option.c:399
|
||||||
|
#3 0x5612fcc1acdf in dhcp6_lease_set_domains src/libsystemd-network/sd-dhcp6-lease.c:225
|
||||||
|
#4 0x5612fcc06b95 in test_advertise_option src/libsystemd-network/test-dhcp6-client.c:287
|
||||||
|
#5 0x5612fcc0a987 in main src/libsystemd-network/test-dhcp6-client.c:761
|
||||||
|
#6 0x7f90e6d46400 in __libc_start_main (/lib64/libc.so.6+0x20400)
|
||||||
|
|
||||||
|
SUMMARY: AddressSanitizer: 10 byte(s) leaked in 1 allocation(s).
|
||||||
|
```
|
||||||
|
(cherry picked from commit 0b75a95ace6e1d82772f6b5f1809f4839b810628)
|
||||||
|
---
|
||||||
|
src/libsystemd-network/sd-dhcp6-lease.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/libsystemd-network/sd-dhcp6-lease.c b/src/libsystemd-network/sd-dhcp6-lease.c
|
||||||
|
index 5c10a63..681384b 100644
|
||||||
|
--- a/src/libsystemd-network/sd-dhcp6-lease.c
|
||||||
|
+++ b/src/libsystemd-network/sd-dhcp6-lease.c
|
||||||
|
@@ -226,7 +226,7 @@ int dhcp6_lease_set_domains(sd_dhcp6_lease *lease, uint8_t *optval,
|
||||||
|
if (r < 0)
|
||||||
|
return 0;
|
||||||
|
|
||||||
|
- free(lease->domains);
|
||||||
|
+ strv_free(lease->domains);
|
||||||
|
lease->domains = domains;
|
||||||
|
lease->domains_count = r;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,57 @@
|
|||||||
|
From b3f8184653e03409669e24c4e42b2aff4ecf00b7 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Franck Bui <fbui@suse.com>
|
||||||
|
Date: Wed, 8 Feb 2017 20:56:22 +0100
|
||||||
|
Subject: [PATCH] sd-event: "when exiting no signal event are pending" is a
|
||||||
|
wrong assertion (#5271)
|
||||||
|
|
||||||
|
The code make the following assertion: when freeing a event loop object
|
||||||
|
(usually it's done after exiting from the main event loop), no signal events
|
||||||
|
are still queued and are pending.
|
||||||
|
|
||||||
|
This assertion can be found in event_unmask_signal_data() with
|
||||||
|
"assert(!d->current);" assertion.
|
||||||
|
|
||||||
|
It appears that this assertion can be wrong at least in a specific case
|
||||||
|
described below.
|
||||||
|
|
||||||
|
Consider the following example which is inspired from udev: a process defines 3
|
||||||
|
source events: 2 are created by sd_event_add_signal() and 1 is created by
|
||||||
|
sd_event_add_post().
|
||||||
|
|
||||||
|
1. the process receives the 2 signals consecutively so that signal 'A' source
|
||||||
|
event is queued and pending. Consequently the post source event is also
|
||||||
|
queued and pending. This is done by sd_event_wait().
|
||||||
|
|
||||||
|
2. The callback for signal 'A' is called by sd_event_dispatch().
|
||||||
|
|
||||||
|
3. The next call to sd_event_wait() will queue signal 'B' source event.
|
||||||
|
|
||||||
|
4. The callback for the post source event is called and calls sd_event_exit().
|
||||||
|
|
||||||
|
5. the event loop is exited.
|
||||||
|
|
||||||
|
6. freeing the event loop object will lead to the assertion failure in
|
||||||
|
event_unmask_signal_data().
|
||||||
|
|
||||||
|
This patch simply removes this assertion as it doesn't seem to be a
|
||||||
|
bug if the signal data still reference a signal source at this point.
|
||||||
|
(cherry picked from commit 4470860388e12a5dda1d65773e411a349221a3e9)
|
||||||
|
---
|
||||||
|
src/libsystemd/sd-event/sd-event.c | 1 -
|
||||||
|
1 file changed, 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/libsystemd/sd-event/sd-event.c b/src/libsystemd/sd-event/sd-event.c
|
||||||
|
index 9857f8b..41ce91f 100644
|
||||||
|
--- a/src/libsystemd/sd-event/sd-event.c
|
||||||
|
+++ b/src/libsystemd/sd-event/sd-event.c
|
||||||
|
@@ -730,7 +730,6 @@ static void event_unmask_signal_data(sd_event *e, struct signal_data *d, int sig
|
||||||
|
|
||||||
|
/* If all the mask is all-zero we can get rid of the structure */
|
||||||
|
hashmap_remove(e->signal_data, &d->priority);
|
||||||
|
- assert(!d->current);
|
||||||
|
safe_close(d->fd);
|
||||||
|
free(d);
|
||||||
|
return;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,34 @@
|
|||||||
|
From 965082d8f944d96ff1f1f5c5483d2d50215ff1a6 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Yi EungJun <semtlenori@gmail.com>
|
||||||
|
Date: Sun, 7 Aug 2016 05:39:13 +0900
|
||||||
|
Subject: [PATCH] journal-gatewayd: fix segfault with certain request (#3893)
|
||||||
|
|
||||||
|
When client requests to get logs with `follow` and `KEY=match` that
|
||||||
|
doesn't match any log entry, journal-gatewayd segfaulted.
|
||||||
|
|
||||||
|
Make request_reader_entries to return zero in such case to wait for
|
||||||
|
matching entries.
|
||||||
|
|
||||||
|
This fixes https://github.com/systemd/systemd/issues/3873.
|
||||||
|
(cherry picked from commit 3475fc5899db8c8c9198573912429b85213e4862)
|
||||||
|
---
|
||||||
|
src/journal-remote/journal-gatewayd.c | 3 +++
|
||||||
|
1 file changed, 3 insertions(+)
|
||||||
|
|
||||||
|
diff --git a/src/journal-remote/journal-gatewayd.c b/src/journal-remote/journal-gatewayd.c
|
||||||
|
index 4ad9184..e4a8287 100644
|
||||||
|
--- a/src/journal-remote/journal-gatewayd.c
|
||||||
|
+++ b/src/journal-remote/journal-gatewayd.c
|
||||||
|
@@ -239,6 +239,9 @@ static ssize_t request_reader_entries(
|
||||||
|
m->size = (uint64_t) sz;
|
||||||
|
}
|
||||||
|
|
||||||
|
+ if (m->tmp == NULL && m->follow)
|
||||||
|
+ return 0;
|
||||||
|
+
|
||||||
|
if (fseeko(m->tmp, pos, SEEK_SET) < 0) {
|
||||||
|
log_error_errno(errno, "Failed to seek to position: %m");
|
||||||
|
return MHD_CONTENT_READER_END_WITH_ERROR;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
27
0032-boot-fix-bootctl-install-segfault-4404.patch
Normal file
27
0032-boot-fix-bootctl-install-segfault-4404.patch
Normal file
@ -0,0 +1,27 @@
|
|||||||
|
From 293bb90e89dfdfdad1423d0d1a8e1487a95fec46 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Yu Watanabe <watanabe.yu+github@gmail.com>
|
||||||
|
Date: Wed, 19 Oct 2016 20:50:47 +0900
|
||||||
|
Subject: [PATCH] boot: fix `bootctl install` segfault (#4404)
|
||||||
|
|
||||||
|
(cherry picked from commit 9ee051b9c7623e148bf0d768cc2677aecf283fc8)
|
||||||
|
---
|
||||||
|
src/boot/bootctl.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/boot/bootctl.c b/src/boot/bootctl.c
|
||||||
|
index 37fa049..115fe93 100644
|
||||||
|
--- a/src/boot/bootctl.c
|
||||||
|
+++ b/src/boot/bootctl.c
|
||||||
|
@@ -550,7 +550,8 @@ static const char *efi_subdirs[] = {
|
||||||
|
"EFI/systemd",
|
||||||
|
"EFI/BOOT",
|
||||||
|
"loader",
|
||||||
|
- "loader/entries"
|
||||||
|
+ "loader/entries",
|
||||||
|
+ NULL
|
||||||
|
};
|
||||||
|
|
||||||
|
static int create_dirs(const char *esp_path) {
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
38
0033-sysusers-fix-memleak-4430.patch
Normal file
38
0033-sysusers-fix-memleak-4430.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From 8f88b3ca7697acfe79a97d6c7094c277744fd6b2 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Thu, 20 Oct 2016 21:23:32 +0300
|
||||||
|
Subject: [PATCH] sysusers: fix memleak (#4430)
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
```
|
||||||
|
==28075== 64 bytes in 1 blocks are definitely lost in loss record 2 of 3
|
||||||
|
==28075== at 0x4C2BAEE: malloc (vg_replace_malloc.c:298)
|
||||||
|
==28075== by 0x4C2DCA1: realloc (vg_replace_malloc.c:785)
|
||||||
|
==28075== by 0x4ED40A2: greedy_realloc (alloc-util.c:57)
|
||||||
|
==28075== by 0x4E90F87: extract_first_word (extract-word.c:78)
|
||||||
|
==28075== by 0x4E91813: extract_many_words (extract-word.c:270)
|
||||||
|
==28075== by 0x10FE93: parse_line (sysusers.c:1325)
|
||||||
|
==28075== by 0x11198B: read_config_file (sysusers.c:1640)
|
||||||
|
==28075== by 0x111EB8: main (sysusers.c:1773)
|
||||||
|
==28075==
|
||||||
|
```
|
||||||
|
(cherry picked from commit d9b8ea5448ba1e61d681a206d770a4eac39b9936)
|
||||||
|
---
|
||||||
|
src/sysusers/sysusers.c | 1 +
|
||||||
|
1 file changed, 1 insertion(+)
|
||||||
|
|
||||||
|
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
|
||||||
|
index 787d68a..a39a580 100644
|
||||||
|
--- a/src/sysusers/sysusers.c
|
||||||
|
+++ b/src/sysusers/sysusers.c
|
||||||
|
@@ -1189,6 +1189,7 @@ static void item_free(Item *i) {
|
||||||
|
free(i->uid_path);
|
||||||
|
free(i->gid_path);
|
||||||
|
free(i->description);
|
||||||
|
+ free(i->home);
|
||||||
|
free(i);
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
38
0034-sysusers-fix-memleak-4443.patch
Normal file
38
0034-sysusers-fix-memleak-4443.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From fa36e278e78aea1d23aac18239f928e168223f39 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Fri, 21 Oct 2016 13:30:45 +0300
|
||||||
|
Subject: [PATCH] sysusers: fix memleak (#4443)
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: Direct leak of 20 byte(s) in 1 object(s) allocated from:
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #0 0x7f3565a13e60 in malloc (/lib64/libasan.so.3+0xc6e60)
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #1 0x7f3565526bd0 in malloc_multiply src/basic/alloc-util.h:70
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #2 0x7f356552cb55 in tempfn_xxxxxx src/basic/fileio.c:1116
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #3 0x7f356552c4f0 in fopen_temporary src/basic/fileio.c:1042
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #4 0x7f356555e00e in fopen_temporary_label src/basic/fileio-label.c:63
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #5 0x56197c4a1766 in make_backup src/sysusers/sysusers.c:209
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #6 0x56197c4a6335 in write_files src/sysusers/sysusers.c:710
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #7 0x56197c4ae571 in main src/sysusers/sysusers.c:1817
|
||||||
|
Oct 20 09:10:49 systemd-sysusers[144]: #8 0x7f3564dee730 in __libc_start_main (/lib64/libc.so.6+0x20730)
|
||||||
|
(cherry picked from commit 0a12bb1eaa097dc83018aa034faef113a91e6014)
|
||||||
|
---
|
||||||
|
src/sysusers/sysusers.c | 3 ++-
|
||||||
|
1 file changed, 2 insertions(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/sysusers/sysusers.c b/src/sysusers/sysusers.c
|
||||||
|
index a39a580..dfb708c 100644
|
||||||
|
--- a/src/sysusers/sysusers.c
|
||||||
|
+++ b/src/sysusers/sysusers.c
|
||||||
|
@@ -190,7 +190,8 @@ static int load_group_database(void) {
|
||||||
|
static int make_backup(const char *target, const char *x) {
|
||||||
|
_cleanup_close_ int src = -1;
|
||||||
|
_cleanup_fclose_ FILE *dst = NULL;
|
||||||
|
- char *backup, *temp;
|
||||||
|
+ _cleanup_free_ char *temp = NULL;
|
||||||
|
+ char *backup;
|
||||||
|
struct timespec ts[2];
|
||||||
|
struct stat st;
|
||||||
|
int r;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
43
0035-journalctl-fix-memleak.patch
Normal file
43
0035-journalctl-fix-memleak.patch
Normal file
@ -0,0 +1,43 @@
|
|||||||
|
From 01ad377a1d4029efb083c6a512793ca7b2a58048 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Thu, 3 Nov 2016 21:23:22 +0000
|
||||||
|
Subject: [PATCH] journalctl: fix memleak
|
||||||
|
|
||||||
|
bash-4.3# journalctl --no-hostname >/dev/null
|
||||||
|
|
||||||
|
=================================================================
|
||||||
|
==288==ERROR: LeakSanitizer: detected memory leaks
|
||||||
|
|
||||||
|
Direct leak of 48492 byte(s) in 2694 object(s) allocated from:
|
||||||
|
#0 0x7fb4aba13e60 in malloc (/lib64/libasan.so.3+0xc6e60)
|
||||||
|
#1 0x7fb4ab5b2cc4 in malloc_multiply src/basic/alloc-util.h:70
|
||||||
|
#2 0x7fb4ab5b3194 in parse_field src/shared/logs-show.c:98
|
||||||
|
#3 0x7fb4ab5b4918 in output_short src/shared/logs-show.c:347
|
||||||
|
#4 0x7fb4ab5b7cb7 in output_journal src/shared/logs-show.c:977
|
||||||
|
#5 0x5650e29cd83d in main src/journal/journalctl.c:2581
|
||||||
|
#6 0x7fb4aabdb730 in __libc_start_main (/lib64/libc.so.6+0x20730)
|
||||||
|
|
||||||
|
SUMMARY: AddressSanitizer: 48492 byte(s) leaked in 2694 allocation(s).
|
||||||
|
|
||||||
|
Closes: #4568
|
||||||
|
(cherry picked from commit 12104159ed88324fa95505a6a8b333dd92a80368)
|
||||||
|
---
|
||||||
|
src/shared/logs-show.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/shared/logs-show.c b/src/shared/logs-show.c
|
||||||
|
index d04728f..f347cee 100644
|
||||||
|
--- a/src/shared/logs-show.c
|
||||||
|
+++ b/src/shared/logs-show.c
|
||||||
|
@@ -378,7 +378,7 @@ static int output_short(
|
||||||
|
|
||||||
|
if (hostname && (flags & OUTPUT_NO_HOSTNAME)) {
|
||||||
|
/* Suppress display of the hostname if this is requested. */
|
||||||
|
- hostname = NULL;
|
||||||
|
+ hostname = mfree(hostname);
|
||||||
|
hostname_len = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
59
0036-acl-util-fix-memleak.patch
Normal file
59
0036-acl-util-fix-memleak.patch
Normal file
@ -0,0 +1,59 @@
|
|||||||
|
From 02fc17d4db1f2bc215f7915f4394ea7f4d8d0602 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Thu, 3 Nov 2016 22:04:40 +0000
|
||||||
|
Subject: [PATCH] acl-util: fix memleak
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
$ ./libtool --mode execute valgrind --leak-check=full ./journalctl >/dev/null
|
||||||
|
==22309== Memcheck, a memory error detector
|
||||||
|
==22309== Copyright (C) 2002-2015, and GNU GPL'd, by Julian Seward et al.
|
||||||
|
==22309== Using Valgrind-3.11.0 and LibVEX; rerun with -h for copyright info
|
||||||
|
==22309== Command: /home/vagrant/systemd/.libs/lt-journalctl
|
||||||
|
==22309==
|
||||||
|
Hint: You are currently not seeing messages from other users and the system.
|
||||||
|
Users in groups 'adm', 'systemd-journal', 'wheel' can see all messages.
|
||||||
|
Pass -q to turn off this notice.
|
||||||
|
==22309==
|
||||||
|
==22309== HEAP SUMMARY:
|
||||||
|
==22309== in use at exit: 8,680 bytes in 4 blocks
|
||||||
|
==22309== total heap usage: 5,543 allocs, 5,539 frees, 9,045,618 bytes allocated
|
||||||
|
==22309==
|
||||||
|
==22309== 488 (56 direct, 432 indirect) bytes in 1 blocks are definitely lost in loss record 2 of 4
|
||||||
|
==22309== at 0x4C2BBAD: malloc (vg_replace_malloc.c:299)
|
||||||
|
==22309== by 0x6F37A0A: __new_var_obj_p (__libobj.c:36)
|
||||||
|
==22309== by 0x6F362F7: __acl_init_obj (acl_init.c:28)
|
||||||
|
==22309== by 0x6F37731: __acl_from_xattr (__acl_from_xattr.c:54)
|
||||||
|
==22309== by 0x6F36087: acl_get_file (acl_get_file.c:69)
|
||||||
|
==22309== by 0x4F15752: acl_search_groups (acl-util.c:172)
|
||||||
|
==22309== by 0x113A1E: access_check_var_log_journal (journalctl.c:1836)
|
||||||
|
==22309== by 0x113D8D: access_check (journalctl.c:1889)
|
||||||
|
==22309== by 0x115681: main (journalctl.c:2236)
|
||||||
|
==22309==
|
||||||
|
==22309== LEAK SUMMARY:
|
||||||
|
==22309== definitely lost: 56 bytes in 1 blocks
|
||||||
|
==22309== indirectly lost: 432 bytes in 1 blocks
|
||||||
|
==22309== possibly lost: 0 bytes in 0 blocks
|
||||||
|
==22309== still reachable: 8,192 bytes in 2 blocks
|
||||||
|
==22309== suppressed: 0 bytes in 0 blocks
|
||||||
|
|
||||||
|
(cherry picked from commit 29d87223d54fc13e16f444677f0a94ed0755bd88)
|
||||||
|
---
|
||||||
|
src/shared/acl-util.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/shared/acl-util.c b/src/shared/acl-util.c
|
||||||
|
index 2aa951f..79a3b95 100644
|
||||||
|
--- a/src/shared/acl-util.c
|
||||||
|
+++ b/src/shared/acl-util.c
|
||||||
|
@@ -162,7 +162,7 @@ int add_base_acls_if_needed(acl_t *acl_p, const char *path) {
|
||||||
|
|
||||||
|
int acl_search_groups(const char *path, char ***ret_groups) {
|
||||||
|
_cleanup_strv_free_ char **g = NULL;
|
||||||
|
- _cleanup_(acl_free) acl_t acl = NULL;
|
||||||
|
+ _cleanup_(acl_freep) acl_t acl = NULL;
|
||||||
|
bool ret = false;
|
||||||
|
acl_entry_t entry;
|
||||||
|
int r;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
@ -0,0 +1,47 @@
|
|||||||
|
From a402c90c369f083d37c65a8ba830e7b123b4278b Mon Sep 17 00:00:00 2001
|
||||||
|
From: Evgeny Vereshchagin <evvers@ya.ru>
|
||||||
|
Date: Wed, 25 Jan 2017 05:53:50 +0300
|
||||||
|
Subject: [PATCH] core: fix memleak in bus_exec_context_set_transient_property
|
||||||
|
(#5143)
|
||||||
|
|
||||||
|
Fixes:
|
||||||
|
```sh
|
||||||
|
systemd-run --property EnvironmentFile=/some/environment/file /bin/sleep 30
|
||||||
|
```
|
||||||
|
```
|
||||||
|
23 bytes in 1 blocks are definitely lost in loss record 1 of 7
|
||||||
|
at 0x4C2DB9D: malloc (vg_replace_malloc.c:299)
|
||||||
|
by 0x4E85488: malloc_multiply (alloc-util.h:70)
|
||||||
|
by 0x4E85F19: strjoin_real (string-util.c:252)
|
||||||
|
by 0x1AF741: bus_exec_context_set_transient_property (dbus-execute.c:1418)
|
||||||
|
by 0x1A907C: bus_service_set_property (dbus-service.c:330)
|
||||||
|
by 0x1A66DD: bus_unit_set_properties (dbus-unit.c:1456)
|
||||||
|
by 0x19CF93: transient_unit_from_message (dbus-manager.c:892)
|
||||||
|
by 0x19D388: method_start_transient_unit (dbus-manager.c:980)
|
||||||
|
by 0x4F60544: method_callbacks_run (bus-objects.c:418)
|
||||||
|
by 0x4F62D9D: object_find_and_run (bus-objects.c:1255)
|
||||||
|
by 0x4F633CE: bus_process_object (bus-objects.c:1371)
|
||||||
|
by 0x4F2CE1D: process_message (sd-bus.c:2563)
|
||||||
|
```
|
||||||
|
Closes: #5142
|
||||||
|
(cherry picked from commit 9b531f04fb16e072100b10b93613abe846140305)
|
||||||
|
---
|
||||||
|
src/core/dbus-execute.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/dbus-execute.c b/src/core/dbus-execute.c
|
||||||
|
index 307c3d8..a1d5523 100644
|
||||||
|
--- a/src/core/dbus-execute.c
|
||||||
|
+++ b/src/core/dbus-execute.c
|
||||||
|
@@ -1224,7 +1224,7 @@ int bus_exec_context_set_transient_property(
|
||||||
|
|
||||||
|
_cleanup_free_ char *joined = NULL;
|
||||||
|
_cleanup_fclose_ FILE *f = NULL;
|
||||||
|
- _cleanup_free_ char **l = NULL;
|
||||||
|
+ _cleanup_strv_free_ char **l = NULL;
|
||||||
|
size_t size = 0;
|
||||||
|
char **i;
|
||||||
|
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
38
0038-core-dbus-fix-two-strv-memleaks.patch
Normal file
38
0038-core-dbus-fix-two-strv-memleaks.patch
Normal file
@ -0,0 +1,38 @@
|
|||||||
|
From 827038487456a5ad249529cb643ec30bcd1dac62 Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Tue, 24 Jan 2017 22:21:16 -0500
|
||||||
|
Subject: [PATCH] core/dbus: fix two strv memleaks
|
||||||
|
|
||||||
|
job_dbus_path and unit_dbus_path both allocate new strings, so we should use
|
||||||
|
strv_free.
|
||||||
|
|
||||||
|
(cherry picked from commit f0c03de85afa93d1df2bb533a46748e7f4264af6)
|
||||||
|
---
|
||||||
|
src/core/dbus.c | 4 ++--
|
||||||
|
1 file changed, 2 insertions(+), 2 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/core/dbus.c b/src/core/dbus.c
|
||||||
|
index 3422a02..5d87bca 100644
|
||||||
|
--- a/src/core/dbus.c
|
||||||
|
+++ b/src/core/dbus.c
|
||||||
|
@@ -477,7 +477,7 @@ static int bus_kill_context_find(sd_bus *bus, const char *path, const char *inte
|
||||||
|
}
|
||||||
|
|
||||||
|
static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
|
||||||
|
- _cleanup_free_ char **l = NULL;
|
||||||
|
+ _cleanup_strv_free_ char **l = NULL;
|
||||||
|
Manager *m = userdata;
|
||||||
|
unsigned k = 0;
|
||||||
|
Iterator i;
|
||||||
|
@@ -504,7 +504,7 @@ static int bus_job_enumerate(sd_bus *bus, const char *path, void *userdata, char
|
||||||
|
}
|
||||||
|
|
||||||
|
static int bus_unit_enumerate(sd_bus *bus, const char *path, void *userdata, char ***nodes, sd_bus_error *error) {
|
||||||
|
- _cleanup_free_ char **l = NULL;
|
||||||
|
+ _cleanup_strv_free_ char **l = NULL;
|
||||||
|
Manager *m = userdata;
|
||||||
|
unsigned k = 0;
|
||||||
|
Iterator i;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
28
0039-resolve-fix-strv-memleak.patch
Normal file
28
0039-resolve-fix-strv-memleak.patch
Normal file
@ -0,0 +1,28 @@
|
|||||||
|
From 610b7bf641e708c95e5ec7e7bd2bc8742a44e86a Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Tue, 24 Jan 2017 22:27:21 -0500
|
||||||
|
Subject: [PATCH] resolve: fix strv memleak
|
||||||
|
|
||||||
|
sd_bus_message_read_strv() returns a normal strv...
|
||||||
|
|
||||||
|
(cherry picked from commit c6d92582205065e4924b9f0cb1428f4a5f210fd4)
|
||||||
|
---
|
||||||
|
src/resolve/resolved-link-bus.c | 2 +-
|
||||||
|
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||||
|
|
||||||
|
diff --git a/src/resolve/resolved-link-bus.c b/src/resolve/resolved-link-bus.c
|
||||||
|
index 3648122..59cd6cf 100644
|
||||||
|
--- a/src/resolve/resolved-link-bus.c
|
||||||
|
+++ b/src/resolve/resolved-link-bus.c
|
||||||
|
@@ -462,7 +462,7 @@ int bus_link_method_set_dnssec(sd_bus_message *message, void *userdata, sd_bus_e
|
||||||
|
|
||||||
|
int bus_link_method_set_dnssec_negative_trust_anchors(sd_bus_message *message, void *userdata, sd_bus_error *error) {
|
||||||
|
_cleanup_set_free_free_ Set *ns = NULL;
|
||||||
|
- _cleanup_free_ char **ntas = NULL;
|
||||||
|
+ _cleanup_strv_free_ char **ntas = NULL;
|
||||||
|
Link *l = userdata;
|
||||||
|
int r;
|
||||||
|
char **i;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
109
0040-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch
Normal file
109
0040-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch
Normal file
@ -0,0 +1,109 @@
|
|||||||
|
From e863293901fc7cfe823c0c0213b86aa5a98b07ba Mon Sep 17 00:00:00 2001
|
||||||
|
From: =?UTF-8?q?Zbigniew=20J=C4=99drzejewski-Szmek?= <zbyszek@in.waw.pl>
|
||||||
|
Date: Sun, 19 Feb 2017 14:17:19 -0500
|
||||||
|
Subject: [PATCH] sd-device: replace lstat() + open() with open(O_NOFOLLOW)
|
||||||
|
|
||||||
|
Coverity was complaining about TOCTOU (CID #745806). Indeed, it seems better
|
||||||
|
to open the file and avoid the stat altogether:
|
||||||
|
|
||||||
|
- O_NOFOLLOW means we'll get ELOOP, which we can translate to EINVAL as before,
|
||||||
|
- similarly, open(O_WRONLY) on a directory will fail with EISDIR,
|
||||||
|
- and finally, it makes no sense to check access mode ourselves: just let
|
||||||
|
the kernel do it and propagate the error.
|
||||||
|
|
||||||
|
v2:
|
||||||
|
- fix memleak, don't clober input arg
|
||||||
|
|
||||||
|
(cherry picked from commit 2fa4861ad5a203bff604cac660136834e3b70108)
|
||||||
|
---
|
||||||
|
src/libsystemd/sd-device/sd-device.c | 43 ++++++++++++++----------------------
|
||||||
|
1 file changed, 16 insertions(+), 27 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/libsystemd/sd-device/sd-device.c b/src/libsystemd/sd-device/sd-device.c
|
||||||
|
index 0c4ad96..1d68fe0 100644
|
||||||
|
--- a/src/libsystemd/sd-device/sd-device.c
|
||||||
|
+++ b/src/libsystemd/sd-device/sd-device.c
|
||||||
|
@@ -1857,8 +1857,7 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
|
||||||
|
_cleanup_free_ char *value = NULL;
|
||||||
|
const char *syspath;
|
||||||
|
char *path;
|
||||||
|
- struct stat statbuf;
|
||||||
|
- size_t value_len = 0;
|
||||||
|
+ size_t len = 0;
|
||||||
|
ssize_t size;
|
||||||
|
int r;
|
||||||
|
|
||||||
|
@@ -1876,8 +1875,14 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
|
||||||
|
return r;
|
||||||
|
|
||||||
|
path = strjoina(syspath, "/", sysattr);
|
||||||
|
- r = lstat(path, &statbuf);
|
||||||
|
- if (r < 0) {
|
||||||
|
+
|
||||||
|
+ fd = open(path, O_WRONLY | O_CLOEXEC | O_NOFOLLOW);
|
||||||
|
+ if (fd < 0) {
|
||||||
|
+ if (errno == ELOOP)
|
||||||
|
+ return -EINVAL;
|
||||||
|
+ if (errno == EISDIR)
|
||||||
|
+ return -EISDIR;
|
||||||
|
+
|
||||||
|
value = strdup("");
|
||||||
|
if (!value)
|
||||||
|
return -ENOMEM;
|
||||||
|
@@ -1889,46 +1894,30 @@ _public_ int sd_device_set_sysattr_value(sd_device *device, const char *sysattr,
|
||||||
|
return -ENXIO;
|
||||||
|
}
|
||||||
|
|
||||||
|
- if (S_ISLNK(statbuf.st_mode))
|
||||||
|
- return -EINVAL;
|
||||||
|
-
|
||||||
|
- /* skip directories */
|
||||||
|
- if (S_ISDIR(statbuf.st_mode))
|
||||||
|
- return -EISDIR;
|
||||||
|
-
|
||||||
|
- /* skip non-readable files */
|
||||||
|
- if ((statbuf.st_mode & S_IRUSR) == 0)
|
||||||
|
- return -EACCES;
|
||||||
|
-
|
||||||
|
- value_len = strlen(_value);
|
||||||
|
+ len = strlen(_value);
|
||||||
|
|
||||||
|
/* drop trailing newlines */
|
||||||
|
- while (value_len > 0 && _value[value_len - 1] == '\n')
|
||||||
|
- _value[--value_len] = '\0';
|
||||||
|
+ while (len > 0 && _value[len - 1] == '\n')
|
||||||
|
+ len --;
|
||||||
|
|
||||||
|
/* value length is limited to 4k */
|
||||||
|
- if (value_len > 4096)
|
||||||
|
+ if (len > 4096)
|
||||||
|
return -EINVAL;
|
||||||
|
|
||||||
|
- fd = open(path, O_WRONLY | O_CLOEXEC);
|
||||||
|
- if (fd < 0)
|
||||||
|
- return -errno;
|
||||||
|
-
|
||||||
|
- value = strdup(_value);
|
||||||
|
+ value = strndup(_value, len);
|
||||||
|
if (!value)
|
||||||
|
return -ENOMEM;
|
||||||
|
|
||||||
|
- size = write(fd, value, value_len);
|
||||||
|
+ size = write(fd, value, len);
|
||||||
|
if (size < 0)
|
||||||
|
return -errno;
|
||||||
|
|
||||||
|
- if ((size_t)size != value_len)
|
||||||
|
+ if ((size_t)size != len)
|
||||||
|
return -EIO;
|
||||||
|
|
||||||
|
r = device_add_sysattr_value(device, sysattr, value);
|
||||||
|
if (r < 0)
|
||||||
|
return r;
|
||||||
|
-
|
||||||
|
value = NULL;
|
||||||
|
|
||||||
|
return 0;
|
||||||
|
--
|
||||||
|
2.9.3
|
||||||
|
|
18
systemd.spec
18
systemd.spec
@ -60,6 +60,23 @@ Patch0020: 0020-Various-simplifications.patch
|
|||||||
Patch0021: 0021-build-sys-check-for-lz4-in-the-old-and-new-numbering.patch
|
Patch0021: 0021-build-sys-check-for-lz4-in-the-old-and-new-numbering.patch
|
||||||
Patch0022: 0022-pid1-do-not-use-mtime-0-as-sign-of-masking-4388.patch
|
Patch0022: 0022-pid1-do-not-use-mtime-0-as-sign-of-masking-4388.patch
|
||||||
Patch0023: 0023-udev-net_id-add-support-for-phys_port_name-attribute.patch
|
Patch0023: 0023-udev-net_id-add-support-for-phys_port_name-attribute.patch
|
||||||
|
Patch0024: 0024-logind-don-t-hit-assert-when-we-try-to-free-NULL-man.patch
|
||||||
|
Patch0025: 0025-core-if-the-start-command-vanishes-during-runtime-do.patch
|
||||||
|
Patch0026: 0026-core-don-t-hit-an-assert-when-printing-status-messag.patch
|
||||||
|
Patch0027: 0027-device-Avoid-calling-unit_free-NULL-in-device-setup-.patch
|
||||||
|
Patch0028: 0028-sd-network-fix-memleak-in-dhcp6_option_parse_domainn.patch
|
||||||
|
Patch0029: 0029-sd-network-fix-memleak-in-dhcp6_lease_set_domains-51.patch
|
||||||
|
Patch0030: 0030-sd-event-when-exiting-no-signal-event-are-pending-is.patch
|
||||||
|
Patch0031: 0031-journal-gatewayd-fix-segfault-with-certain-request-3.patch
|
||||||
|
Patch0032: 0032-boot-fix-bootctl-install-segfault-4404.patch
|
||||||
|
Patch0033: 0033-sysusers-fix-memleak-4430.patch
|
||||||
|
Patch0034: 0034-sysusers-fix-memleak-4443.patch
|
||||||
|
Patch0035: 0035-journalctl-fix-memleak.patch
|
||||||
|
Patch0036: 0036-acl-util-fix-memleak.patch
|
||||||
|
Patch0037: 0037-core-fix-memleak-in-bus_exec_context_set_transient_p.patch
|
||||||
|
Patch0038: 0038-core-dbus-fix-two-strv-memleaks.patch
|
||||||
|
Patch0039: 0039-resolve-fix-strv-memleak.patch
|
||||||
|
Patch0040: 0040-sd-device-replace-lstat-open-with-open-O_NOFOLLOW.patch
|
||||||
|
|
||||||
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch
|
||||||
|
|
||||||
@ -960,6 +977,7 @@ getent passwd systemd-journal-upload >/dev/null 2>&1 || useradd -r -l -g systemd
|
|||||||
%changelog
|
%changelog
|
||||||
* Wed Feb 22 2017 Michal Sekletar <msekleta@redhat.com> - 231-14
|
* Wed Feb 22 2017 Michal Sekletar <msekleta@redhat.com> - 231-14
|
||||||
- Backport support for phys_port_name to net_id (#1425737)
|
- Backport support for phys_port_name to net_id (#1425737)
|
||||||
|
- Backport bunch of bugfixes (asserts, segv, memleaks) from upstream
|
||||||
|
|
||||||
* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 231-13
|
* Tue Jan 17 2017 Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl> - 231-13
|
||||||
- Backport mtime==0 fix (#1384150)
|
- Backport mtime==0 fix (#1384150)
|
||||||
|
Loading…
Reference in New Issue
Block a user