mirrors/aports
1
0
Fork 0
mirror of https://gitlab.alpinelinux.org/alpine/aports.git synced 2026-01-10 03:01:44 +01:00
Code Issues Packages Projects Releases Wiki Activity
aports/main/polkit/CVE-2015-3255.patch
Natanael Copa a215f1937c main/polkit: various security fixes 
CVE-2015-3218
CVE-2015-3255
CVE-2015-4625

ref #4411
2015-07-08 09:02:13 +00:00

68 lines
2.4 KiB
Diff
Raw Blame History

From 9f5e0c731784003bd4d6fc75ab739ff8b2ea269f Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Miloslav=20Trma=C4=8D?= <mitr@redhat.com>
Date: Wed, 1 Apr 2015 05:22:37 +0200
Subject: CVE-2015-3255 Fix GHashTable usage.
Don't assume that the hash table with free both the key and the value
at the same time, supply proper deallocation functions for the key
and value separately.
Then drop ParsedAction::action_id which is no longer used for anything.
https://bugs.freedesktop.org/show_bug.cgi?id=69501
and
https://bugs.freedesktop.org/show_bug.cgi?id=83590
CVE: CVE-2015-3255
diff --git a/src/polkitbackend/polkitbackendactionpool.c b/src/polkitbackend/polkitbackendactionpool.c
index bc14381..3894fe9 100644
--- a/src/polkitbackend/polkitbackendactionpool.c
+++ b/src/polkitbackend/polkitbackendactionpool.c
@@ -40,7 +40,6 @@
typedef struct
{
- gchar *action_id;
gchar *vendor_name;
gchar *vendor_url;
gchar *icon_name;
@@ -62,7 +61,6 @@ typedef struct
static void
parsed_action_free (ParsedAction *action)
{
- g_free (action->action_id);
g_free (action->vendor_name);
g_free (action->vendor_url);
g_free (action->icon_name);
@@ -134,7 +132,7 @@ polkit_backend_action_pool_init (PolkitBackendActionPool *pool)
priv->parsed_actions = g_hash_table_new_full (g_str_hash,
g_str_equal,
- NULL,
+ g_free,
(GDestroyNotify) parsed_action_free);
priv->parsed_files = g_hash_table_new_full (g_str_hash,
@@ -988,7 +986,6 @@ _end (void *data, const char *el)
icon_name = pd->global_icon_name;
action = g_new0 (ParsedAction, 1);
- action->action_id = g_strdup (pd->action_id);
action->vendor_name = g_strdup (vendor);
action->vendor_url = g_strdup (vendor_url);
action->icon_name = g_strdup (icon_name);
@@ -1003,7 +1000,8 @@ _end (void *data, const char *el)
action->implicit_authorization_inactive = pd->implicit_authorization_inactive;
action->implicit_authorization_active = pd->implicit_authorization_active;
- g_hash_table_insert (priv->parsed_actions, action->action_id, action);
+ g_hash_table_insert (priv->parsed_actions, g_strdup (pd->action_id),
+ action);
/* we steal these hash tables */
pd->annotations = NULL;
--
cgit v0.10.2
Reference in New Issue View Git Blame Copy Permalink