diff --git a/0001-Fix-string-format-vulnerability.patch b/0001-Fix-string-format-vulnerability.patch new file mode 100644 index 0000000..3cda298 --- /dev/null +++ b/0001-Fix-string-format-vulnerability.patch @@ -0,0 +1,35 @@ +From 0ffc76e7fa0cb668d3d2daed13f233f3e6e5c624 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Kai=20L=C3=BCke?= +Date: Tue, 18 Sep 2018 13:12:14 +0200 +Subject: [PATCH] Fix string format vulnerability + +If the message in g_log_structured itself +contained format sequences like %d or %n they +were applied again, leading to leaked stack contents +and possibly memory corruption. It can be triggered +e.g. by a volume label containing format sequences. + +Print the message argument itself into a "%s" string +to avoid intepreting format sequences. + +https://github.com/storaged-project/udisks/issues/578 +--- + src/udiskslogging.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/src/udiskslogging.c b/src/udiskslogging.c +index ab49fcbf..47a3af23 100644 +--- a/src/udiskslogging.c ++++ b/src/udiskslogging.c +@@ -60,7 +60,7 @@ udisks_log (UDisksLogLevel level, + + #if GLIB_CHECK_VERSION(2, 50, 0) + g_log_structured ("udisks", (GLogLevelFlags) level, +- "MESSAGE", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid), ++ "MESSAGE", "%s", message, "THREAD_ID", "%d", (gint) syscall (SYS_gettid), + "CODE_FUNC", function, "CODE_FILE", location); + #else + g_log ("udisks", level, "[%d]: %s [%s, %s()]", (gint) syscall (SYS_gettid), message, location, function); +-- +2.17.1 + diff --git a/udisks2.spec b/udisks2.spec index f1af4cd..10d6596 100644 --- a/udisks2.spec +++ b/udisks2.spec @@ -15,11 +15,12 @@ Name: udisks2 Summary: Disk Manager Version: 2.7.6 -Release: 1%{?dist} +Release: 2%{?dist} License: GPLv2+ Group: System Environment/Libraries URL: https://github.com/storaged-project/udisks Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2 +Patch0: 0001-Fix-string-format-vulnerability.patch BuildRequires: glib2-devel >= %{glib2_version} BuildRequires: gobject-introspection-devel >= %{gobject_introspection_version} @@ -203,6 +204,7 @@ This package contains module for ZRAM configuration. %prep %setup -q -n udisks-%{version} +%patch0 -p1 %build autoreconf -ivf @@ -350,6 +352,12 @@ udevadm trigger %endif %changelog +* Wed Sep 26 2018 Vojtech Trefny - 2.7.6-2 +- Fix string format vulnerability + +* Thu Feb 08 2018 Vojtech Trefny - 2.7.6-1 +- Version 2.7.6 + * Mon Dec 04 2017 Vojtech Trefny - 2.7.5-1 - Version 2.7.5