File accountsservice-CVE-2012-2737.patch of Package accountsservice.586
diff -Naurp accountsservice-0.6.15.ori/src/util.c accountsservice-0.6.15/src/util.c
--- accountsservice-0.6.15.ori/src/util.c 2011-10-17 15:56:32.000000000 -0400
+++ accountsservice-0.6.15/src/util.c 2012-06-27 11:40:50.566869367 -0400
@@ -37,11 +37,9 @@
#include "util.h"
-
static gchar *
-_polkit_subject_get_cmdline (PolkitSubject *subject, gint *pid, gint *uid)
+get_cmdline_of_pid (GPid pid)
{
- PolkitSubject *process;
gchar *ret;
gchar *filename;
gchar *contents;
@@ -49,43 +47,7 @@ _polkit_subject_get_cmdline (PolkitSubje
GError *error;
guint n;
- g_return_val_if_fail (subject != NULL, NULL);
-
- error = NULL;
-
- ret = NULL;
- process = NULL;
- filename = NULL;
- contents = NULL;
-
- if (POLKIT_IS_UNIX_PROCESS (subject))
- {
- process = g_object_ref (subject);
- }
- else if (POLKIT_IS_SYSTEM_BUS_NAME (subject))
- {
- process = polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject),
- NULL,
- &error);
- if (process == NULL)
- {
- g_warning ("Error getting process for system bus name `%s': %s",
- polkit_system_bus_name_get_name (POLKIT_SYSTEM_BUS_NAME (subject)),
- error->message);
- g_error_free (error);
- goto out;
- }
- }
- else
- {
- g_warning ("Unknown subject type passed to guess_program_name()");
- goto out;
- }
-
- *pid = polkit_unix_process_get_pid (POLKIT_UNIX_PROCESS (process));
- *uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (process));
-
- filename = g_strdup_printf ("/proc/%d/cmdline", *pid);
+ filename = g_strdup_printf ("/proc/%d/cmdline", (int) pid);
if (!g_file_get_contents (filename,
&contents,
@@ -111,11 +73,65 @@ _polkit_subject_get_cmdline (PolkitSubje
out:
g_free (filename);
g_free (contents);
- if (process != NULL)
- g_object_unref (process);
+
return ret;
}
+static gboolean
+get_caller_pid (DBusGMethodInvocation *context,
+ GPid *pid)
+{
+ DBusGConnection *dbus_conn;
+ DBusGProxy *proxy;
+ gchar *sender;
+ GError *error;
+ guint32 pid_as_int;
+
+ error = NULL;
+ dbus_conn = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
+ if (error) {
+ g_warning ("Could not talk to message bus: %s",
+ error->message);
+ g_error_free (error);
+ return FALSE;
+ }
+
+ proxy = dbus_g_proxy_new_for_name (dbus_conn,
+ "org.freedesktop.DBus",
+ "/org/freedesktop/DBus",
+ "org.freedesktop.DBus");
+
+ if (!proxy) {
+ g_warning ("Could not create D-Bus object proxy.");
+ dbus_g_connection_unref (dbus_conn);
+ return FALSE;
+ }
+
+ sender = dbus_g_method_get_sender (context);
+
+ if (!dbus_g_proxy_call (proxy, "GetConnectionUnixProcessID", &error,
+ G_TYPE_STRING, sender,
+ G_TYPE_INVALID,
+ G_TYPE_UINT, &pid_as_int,
+ G_TYPE_INVALID)) {
+ g_warning ("Could not talk to message bus to find pid of sender %s: %s",
+ sender,
+ error->message);
+ g_free (sender);
+ g_object_unref (proxy);
+ dbus_g_connection_unref (dbus_conn);
+ g_error_free (error);
+ return FALSE;
+ }
+
+ *pid = pid_as_int;
+
+ g_free (sender);
+ g_object_unref (proxy);
+ dbus_g_connection_unref (dbus_conn);
+ return TRUE;
+}
+
void
sys_log (DBusGMethodInvocation *context,
const gchar *format,
@@ -130,21 +146,36 @@ sys_log (DBusGMethodInvocation *context,
if (context) {
PolkitSubject *subject;
- gchar *cmdline;
+ gchar *cmdline = NULL;
gchar *id;
- gint pid = 0;
- gint uid = 0;
+ GPid pid = 0;
+ gint uid = -1;
gchar *tmp;
subject = polkit_system_bus_name_new (dbus_g_method_get_sender (context));
id = polkit_subject_to_string (subject);
- cmdline = _polkit_subject_get_cmdline (subject, &pid, &uid);
- if (cmdline == NULL) {
- tmp = g_strdup_printf ("request by %s: %s", id, msg);
+ if (get_caller_pid (context, &pid)) {
+ cmdline = get_cmdline_of_pid (pid);
+ } else {
+ pid = 0;
+ cmdline = NULL;
}
- else {
- tmp = g_strdup_printf ("request by %s [%s pid:%d uid:%d]: %s", id, cmdline, pid, uid, msg);
+
+ if (cmdline != NULL) {
+ if (get_caller_uid (context, &uid)) {
+ tmp = g_strdup_printf ("request by %s [%s pid:%d uid:%d]: %s", id, cmdline, (int) pid, uid, msg);
+ } else {
+ tmp = g_strdup_printf ("request by %s [%s pid:%d]: %s", id, cmdline, (int) pid, msg);
+ }
+ } else {
+ if (get_caller_uid (context, &uid) && pid != 0) {
+ tmp = g_strdup_printf ("request by %s [pid:%d uid:%d]: %s", id, (int) pid, uid, msg);
+ } else if (pid != 0) {
+ tmp = g_strdup_printf ("request by %s [pid:%d]: %s", id, (int) pid, msg);
+ } else {
+ tmp = g_strdup_printf ("request by %s: %s", id, msg);
+ }
}
g_free (msg);
@@ -163,20 +194,22 @@ sys_log (DBusGMethodInvocation *context,
static void
get_caller_loginuid (DBusGMethodInvocation *context, gchar *loginuid, gint size)
{
- PolkitSubject *subject;
- gchar *cmdline;
- gint pid;
+ GPid pid;
gint uid;
gchar *path;
gchar *buf;
- subject = polkit_system_bus_name_new (dbus_g_method_get_sender (context));
- cmdline = _polkit_subject_get_cmdline (subject, &pid, &uid);
- g_free (cmdline);
- g_object_unref (subject);
+ if (!get_caller_uid (context, &uid)) {
+ uid = getuid ();
+ }
- path = g_strdup_printf ("/proc/%d/loginuid", pid);
- if (g_file_get_contents (path, &buf, NULL, NULL)) {
+ if (get_caller_pid (context, &pid)) {
+ path = g_strdup_printf ("/proc/%d/loginuid", (int) pid);
+ } else {
+ path = NULL;
+ }
+
+ if (path != NULL && g_file_get_contents (path, &buf, NULL, NULL)) {
strncpy (loginuid, buf, size);
g_free (buf);
}
@@ -256,20 +289,49 @@ get_user_groups (const gchar *user,
gboolean
get_caller_uid (DBusGMethodInvocation *context, gint *uid)
{
- PolkitSubject *subject;
- PolkitSubject *process;
+ DBusGConnection *dbus_conn;
+ DBusGProxy *proxy;
+ gchar *sender;
+ GError *error = NULL;
+
+ dbus_conn = dbus_g_bus_get (DBUS_BUS_SYSTEM, &error);
+ if (error) {
+ g_warning ("Could not talk to message bus: %s",
+ error->message);
+ g_error_free (error);
+ return FALSE;
+ }
- subject = polkit_system_bus_name_new (dbus_g_method_get_sender (context));
- process = polkit_system_bus_name_get_process_sync (POLKIT_SYSTEM_BUS_NAME (subject), NULL, NULL);
- if (!process) {
- g_object_unref (subject);
+ proxy = dbus_g_proxy_new_for_name (dbus_conn,
+ "org.freedesktop.DBus",
+ "/org/freedesktop/DBus",
+ "org.freedesktop.DBus");
+
+ if (!proxy) {
+ g_warning ("Could not create D-Bus object proxy.");
+ dbus_g_connection_unref (dbus_conn);
return FALSE;
}
- *uid = polkit_unix_process_get_uid (POLKIT_UNIX_PROCESS (process));
+ sender = dbus_g_method_get_sender (context);
- g_object_unref (subject);
- g_object_unref (process);
+ if (!dbus_g_proxy_call (proxy, "GetConnectionUnixUser", &error,
+ G_TYPE_STRING, sender,
+ G_TYPE_INVALID,
+ G_TYPE_UINT, uid,
+ G_TYPE_INVALID)) {
+ g_warning ("Could not talk to message bus to find uid of sender %s: %s",
+ sender,
+ error->message);
+ g_free (sender);
+ g_object_unref (proxy);
+ dbus_g_connection_unref (dbus_conn);
+ g_error_free (error);
+ return FALSE;
+ }
+ g_free (sender);
+ g_object_unref (proxy);
+ dbus_g_connection_unref (dbus_conn);
return TRUE;
}
