Fix string format vulnerability
This commit is contained in:
parent
87f3a8f090
commit
4a53f248c1
|
@ -0,0 +1,35 @@
|
|||
From 0ffc76e7fa0cb668d3d2daed13f233f3e6e5c624 Mon Sep 17 00:00:00 2001
|
||||
From: =?UTF-8?q?Kai=20L=C3=BCke?= <kailueke@riseup.net>
|
||||
Date: Tue, 18 Sep 2018 13:12:14 +0200
|
||||
Subject: [PATCH] Fix string format vulnerability
|
||||
|
||||
If the message in g_log_structured itself
|
||||
contained format sequences like %d or %n they
|
||||
were applied again, leading to leaked stack contents
|
||||
and possibly memory corruption. It can be triggered
|
||||
e.g. by a volume label containing format sequences.
|
||||
|
||||
Print the message argument itself into a "%s" string
|
||||
to avoid intepreting format sequences.
|
||||
|
||||
https://github.com/storaged-project/udisks/issues/578
|
||||
---
|
||||
src/udiskslogging.c | 2 +-
|
||||
1 file changed, 1 insertion(+), 1 deletion(-)
|
||||
|
||||
diff --git a/src/udiskslogging.c b/src/udiskslogging.c
|
||||
index ab49fcbf..47a3af23 100644
|
||||
--- a/src/udiskslogging.c
|
||||
+++ b/src/udiskslogging.c
|
||||
@@ -60,7 +60,7 @@ udisks_log (UDisksLogLevel level,
|
||||
|
||||
#if GLIB_CHECK_VERSION(2, 50, 0)
|
||||
g_log_structured ("udisks", (GLogLevelFlags) level,
|
||||
- "MESSAGE", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid),
|
||||
+ "MESSAGE", "%s", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid),
|
||||
"CODE_FUNC", function, "CODE_FILE", location);
|
||||
#else
|
||||
g_log ("udisks", level, "[%d]: %s [%s, %s()]", (gint) syscall (SYS_gettid), message, location, function);
|
||||
--
|
||||
2.17.1
|
||||
|
10
udisks2.spec
10
udisks2.spec
|
@ -15,11 +15,12 @@
|
|||
Name: udisks2
|
||||
Summary: Disk Manager
|
||||
Version: 2.7.6
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: GPLv2+
|
||||
Group: System Environment/Libraries
|
||||
URL: https://github.com/storaged-project/udisks
|
||||
Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2
|
||||
Patch0: 0001-Fix-string-format-vulnerability.patch
|
||||
|
||||
BuildRequires: glib2-devel >= %{glib2_version}
|
||||
BuildRequires: gobject-introspection-devel >= %{gobject_introspection_version}
|
||||
|
@ -203,6 +204,7 @@ This package contains module for ZRAM configuration.
|
|||
|
||||
%prep
|
||||
%setup -q -n udisks-%{version}
|
||||
%patch0 -p1
|
||||
|
||||
%build
|
||||
autoreconf -ivf
|
||||
|
@ -350,6 +352,12 @@ udevadm trigger
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Sep 26 2018 Vojtech Trefny <vtrefny@redhat.com> - 2.7.6-2
|
||||
- Fix string format vulnerability
|
||||
|
||||
* Thu Feb 08 2018 Vojtech Trefny <vtrefny@redhat.com> - 2.7.6-1
|
||||
- Version 2.7.6
|
||||
|
||||
* Mon Dec 04 2017 Vojtech Trefny <vtrefny@redhat.com> - 2.7.5-1
|
||||
- Version 2.7.5
|
||||
|
||||
|
|
Loading…
Reference in New Issue