File polkit-CVE-2018-19788.patch of Package polkit.openSUSE_Leap_15.0_Update

Overview Repositories Revisions Requests Users Attributes Meta

File polkit-CVE-2018-19788.patch of Package polkit.openSUSE_Leap_15.0_Update (Revision 4f8cd473eb2e450e8384917f864b340b)

Currently displaying revision 4f8cd473eb2e450e8384917f864b340b , Show latest

commit 2cb40c4d5feeaa09325522bd7d97910f1b59e379
Author: Zbigniew Jędrzejewski-Szmek <zbyszek@in.waw.pl>
Date:   Mon Dec 3 10:28:58 2018 +0100

Allow negative uids/gids in PolkitUnixUser and Group objects
    
    (uid_t) -1 is still used as placeholder to mean "unset". This is OK, since
    there should be no users with such number, see
    https://systemd.io/UIDS-GIDS#special-linux-uids.
    
    (uid_t) -1 is used as the default value in class initialization.
    
    When a user or group above INT32_MAX is created, the numeric uid or
    gid wraps around to negative when the value is assigned to gint, and
    polkit gets confused. Let's accept such gids, except for -1.
    
    A nicer fix would be to change the underlying type to e.g. uint32 to
    not have negative values. But this cannot be done without breaking the
    API, so likely new functions will have to be added (a
    polkit_unix_user_new variant that takes a unsigned, and the same for
    _group_new, _set_uid, _get_uid, _set_gid, _get_gid, etc.). This will
    require a bigger patch.
    
    Fixes https://gitlab.freedesktop.org/polkit/polkit/issues/74.

diff --git a/src/polkit/polkitunixgroup.c b/src/polkit/polkitunixgroup.c
index c57a1aa..309f689 100644
--- a/src/polkit/polkitunixgroup.c
+++ b/src/polkit/polkitunixgroup.c
@@ -71,6 +71,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixGroup, polkit_unix_group, G_TYPE_OBJECT,
 static void
 polkit_unix_group_init (PolkitUnixGroup *unix_group)
 {
+  unix_group->gid = -1; /* (git_t) -1 is not a valid GID under Linux */
 }
 
 static void
@@ -100,11 +101,14 @@ polkit_unix_group_set_property (GObject      *object,
                                GParamSpec   *pspec)
 {
   PolkitUnixGroup *unix_group = POLKIT_UNIX_GROUP (object);
+  gint val;
 
   switch (prop_id)
     {
     case PROP_GID:
-      unix_group->gid = g_value_get_int (value);
+      val = g_value_get_int (value);
+      g_return_if_fail (val != -1);
+      unix_group->gid = val;
       break;
 
     default:
@@ -131,9 +135,9 @@ polkit_unix_group_class_init (PolkitUnixGroupClass *klass)
                                    g_param_spec_int ("gid",
                                                      "Group ID",
                                                      "The UNIX group ID",
-                                                     0,
+                                                     G_MININT,
                                                      G_MAXINT,
-                                                     0,
+                                                     -1,
                                                      G_PARAM_CONSTRUCT |
                                                      G_PARAM_READWRITE |
                                                      G_PARAM_STATIC_NAME |
@@ -166,9 +170,10 @@ polkit_unix_group_get_gid (PolkitUnixGroup *group)
  */
 void
 polkit_unix_group_set_gid (PolkitUnixGroup *group,
-                          gint gid)
+                           gint gid)
 {
   g_return_if_fail (POLKIT_IS_UNIX_GROUP (group));
+  g_return_if_fail (gid != -1);
   group->gid = gid;
 }
 
@@ -183,6 +188,8 @@ polkit_unix_group_set_gid (PolkitUnixGroup *group,
 PolkitIdentity *
 polkit_unix_group_new (gint gid)
 {
+  g_return_val_if_fail (gid != -1, NULL);
+
   return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_GROUP,
                                        "gid", gid,
                                        NULL));
diff --git a/src/polkit/polkitunixprocess.c b/src/polkit/polkitunixprocess.c
index 972b777..b02b258 100644
--- a/src/polkit/polkitunixprocess.c
+++ b/src/polkit/polkitunixprocess.c
@@ -159,9 +159,14 @@ polkit_unix_process_set_property (GObject      *object,
       polkit_unix_process_set_pid (unix_process, g_value_get_int (value));
       break;
 
-    case PROP_UID:
-      polkit_unix_process_set_uid (unix_process, g_value_get_int (value));
+    case PROP_UID: {
+      gint val;
+
+      val = g_value_get_int (value);
+      g_return_if_fail (val != -1);
+      polkit_unix_process_set_uid (unix_process, val);
       break;
+    }
 
     case PROP_START_TIME:
       polkit_unix_process_set_start_time (unix_process, g_value_get_uint64 (value));
@@ -239,7 +244,7 @@ polkit_unix_process_class_init (PolkitUnixProcessClass *klass)
                                    g_param_spec_int ("uid",
                                                      "User ID",
                                                      "The UNIX user ID",
-                                                     -1,
+                                                     G_MININT,
                                                      G_MAXINT,
                                                      -1,
                                                      G_PARAM_CONSTRUCT |
@@ -303,7 +308,6 @@ polkit_unix_process_set_uid (PolkitUnixProcess *process,
                              gint               uid)
 {
   g_return_if_fail (POLKIT_IS_UNIX_PROCESS (process));
-  g_return_if_fail (uid >= -1);
   process->uid = uid;
 }
 
diff --git a/src/polkit/polkitunixuser.c b/src/polkit/polkitunixuser.c
index 8bfd3a1..234a697 100644
--- a/src/polkit/polkitunixuser.c
+++ b/src/polkit/polkitunixuser.c
@@ -72,6 +72,7 @@ G_DEFINE_TYPE_WITH_CODE (PolkitUnixUser, polkit_unix_user, G_TYPE_OBJECT,
 static void
 polkit_unix_user_init (PolkitUnixUser *unix_user)
 {
+  unix_user->uid = -1;  /* (uid_t) -1 is not a valid UID under Linux */
   unix_user->name = NULL;
 }
 
@@ -112,11 +113,14 @@ polkit_unix_user_set_property (GObject      *object,
                                GParamSpec   *pspec)
 {
   PolkitUnixUser *unix_user = POLKIT_UNIX_USER (object);
+  gint val;
 
   switch (prop_id)
     {
     case PROP_UID:
-      unix_user->uid = g_value_get_int (value);
+      val = g_value_get_int (value);
+      g_return_if_fail (val != -1);
+      unix_user->uid = val;
       break;
 
     default:
@@ -144,9 +148,9 @@ polkit_unix_user_class_init (PolkitUnixUserClass *klass)
                                    g_param_spec_int ("uid",
                                                      "User ID",
                                                      "The UNIX user ID",
-                                                     0,
+                                                     G_MININT,
                                                      G_MAXINT,
-                                                     0,
+                                                     -1,
                                                      G_PARAM_CONSTRUCT |
                                                      G_PARAM_READWRITE |
                                                      G_PARAM_STATIC_NAME |
@@ -182,6 +186,7 @@ polkit_unix_user_set_uid (PolkitUnixUser *user,
                           gint uid)
 {
   g_return_if_fail (POLKIT_IS_UNIX_USER (user));
+  g_return_if_fail (uid != -1);
   user->uid = uid;
 }
 
@@ -196,6 +201,8 @@ polkit_unix_user_set_uid (PolkitUnixUser *user,
 PolkitIdentity *
 polkit_unix_user_new (gint uid)
 {
+  g_return_val_if_fail (uid != -1, NULL);
+
   return POLKIT_IDENTITY (g_object_new (POLKIT_TYPE_UNIX_USER,
                                         "uid", uid,
                                         NULL));

Places

File polkit-CVE-2018-19788.patch of Package polkit.openSUSE_Leap_15.0_Update (Revision 4f8cd473eb2e450e8384917f864b340b)

Places