MFH: r363621
Add upstream patch for CVE-2014-5033. Security: 2f90556f-18c6-11e4-9cc4-5453ed2e2b49 Approved by: portmgr (erwin)
This commit is contained in:
Raphael Kubo da Costa
parent
bb3b5bca79
commit
c277663656
Notes:
svn2git
2021-03-31 03:12:20 +00:00
svn path=/branches/2014Q3/; revision=363628
@ -3,7 +3,7 @@
|
||||
|
||||
PORTNAME= kdelibs
|
||||
PORTVERSION= ${KDE4_VERSION}
|
||||
PORTREVISION= 2
|
||||
PORTREVISION= 3
|
||||
CATEGORIES= x11 kde
|
||||
MASTER_SITES= KDE/${KDE4_BRANCH}/${PORTVERSION}/src
|
||||
DIST_SUBDIR= KDE/${PORTVERSION}
|
||||
|
||||
48
x11/kdelibs4/files/patch-CVE-2014-5033
Normal file
48
x11/kdelibs4/files/patch-CVE-2014-5033
Normal file
@ -0,0 +1,48 @@
|
||||
commit e4e7b53b71e2659adaf52691d4accc3594203b23
|
||||
Author: Martin T. H. Sandsmark <martin.sandsmark@kde.org>
|
||||
Date: Mon Jul 21 22:52:40 2014 +0200
|
||||
|
||||
Use dbus system bus name instead of PID for authentication.
|
||||
|
||||
Using the PID for authentication is prone to a PID reuse
|
||||
race condition, and a security issue.
|
||||
|
||||
REVIEW: 119323
|
||||
|
||||
diff --git a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
|
||||
index cd7f6f3..732d2cb 100644
|
||||
--- kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
|
||||
+++ kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
|
||||
@@ -144,7 +144,7 @@ void Polkit1Backend::setupAction(const QString &action)
|
||||
|
||||
Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
|
||||
{
|
||||
- PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
|
||||
+ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
|
||||
PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
|
||||
PolkitQt1::Authority::None);
|
||||
switch (r) {
|
||||
@@ -160,21 +160,12 @@ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
|
||||
|
||||
QByteArray Polkit1Backend::callerID() const
|
||||
{
|
||||
- QByteArray a;
|
||||
- QDataStream s(&a, QIODevice::WriteOnly);
|
||||
- s << QCoreApplication::applicationPid();
|
||||
-
|
||||
- return a;
|
||||
+ return QDBusConnection::systemBus().baseService().toUtf8();
|
||||
}
|
||||
|
||||
bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
|
||||
{
|
||||
- QDataStream s(&callerID, QIODevice::ReadOnly);
|
||||
- qint64 pid;
|
||||
-
|
||||
- s >> pid;
|
||||
-
|
||||
- PolkitQt1::UnixProcessSubject subject(pid);
|
||||
+ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
|
||||
PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
|
||||
|
||||
PolkitResultEventLoop e;
|
||||
Loading…
Reference in New Issue
Block a user