forked from gentoo/gentoo
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
sys-apps/util-linux: Revbump to add various upstream fixes
* Erase names in agetty by pressing CTRL-C (#804972) * Fixed user mount of davfs2 filesystems (#805218) * Fixed lscpu segfault on riscv plattform with upstream patch (#802606) + Fixed potential buffer overflow in ipcutils (#806070) (CVE-2021-37600) Bug: https://bugs.gentoo.org/806070 Closes: https://bugs.gentoo.org/804972 Closes: https://bugs.gentoo.org/805218 Closes: https://bugs.gentoo.org/802606 Signed-off-by: Lars Wendler <[email protected]>
- Loading branch information
Lars Wendler
committed
Aug 11, 2021
1 parent
c208118
commit da60551
Showing
5 changed files
with
501 additions
and
0 deletions.
There are no files selected for viewing
50 changes: 50 additions & 0 deletions
50
sys-apps/util-linux/files/util-linux-2.37.1-agetty_ctrl-c_erase.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| From 6eb1c01e9dd25a73100f06db37190c63fd57d4d9 Mon Sep 17 00:00:00 2001 | ||
| From: Karel Zak <[email protected]> | ||
| Date: Fri, 30 Jul 2021 11:50:46 +0200 | ||
| Subject: [PATCH] agetty: use CTRL+C to erase username | ||
|
|
||
| aggety(8) from the beginning ignores ^C (the small exception was | ||
| between 2.32 and 2.34 when this char has been misinterpreted). | ||
|
|
||
| This patch forces agetty to interpret ^C like ^U, it means to | ||
| erase the user's input and wait for a completely new username. | ||
| The small difference is that for ^C it does not set 'kill character'. | ||
|
|
||
| This change does not affect serial lines where ^C is still ignored like | ||
| in previous decades. I'd like to avoid any regression as I have | ||
| no clue if any serial lines do not send this control char in some | ||
| context ... | ||
|
|
||
| Fixes: https://github.com/karelzak/util-linux/issues/1399 | ||
| References: https://github.com/karelzak/util-linux/issues/1046 | ||
| Signed-off-by: Karel Zak <[email protected]> | ||
| --- | ||
| term-utils/agetty.c | 8 +++++--- | ||
| 1 file changed, 5 insertions(+), 3 deletions(-) | ||
|
|
||
| diff --git a/term-utils/agetty.c b/term-utils/agetty.c | ||
| index 3b3d5101a..d072d64d3 100644 | ||
| --- a/term-utils/agetty.c | ||
| +++ b/term-utils/agetty.c | ||
| @@ -2267,6 +2267,11 @@ static char *get_logname(struct issue *ie, struct options *op, struct termios *t | ||
| break; | ||
| case CTL('U'): | ||
| cp->kill = ascval; /* set kill character */ | ||
| + /* fallthrough */ | ||
| + case CTL('C'): | ||
| + if (key == CTL('C') && !(op->flags & F_VCONSOLE)) | ||
| + /* Ignore CTRL+C on serial line */ | ||
| + break; | ||
| while (bp > logname) { | ||
| if ((tp->c_lflag & ECHO) == 0) | ||
| write_all(1, erase[cp->parity], 3); | ||
| @@ -2275,9 +2280,6 @@ static char *get_logname(struct issue *ie, struct options *op, struct termios *t | ||
| break; | ||
| case CTL('D'): | ||
| exit(EXIT_SUCCESS); | ||
| - case CTL('C'): | ||
| - /* Ignore */ | ||
| - break; | ||
| default: | ||
| if ((size_t)(bp - logname) >= sizeof(logname) - 1) | ||
| log_err(_("%s: input overrun"), op->tty); |
25 changes: 25 additions & 0 deletions
25
sys-apps/util-linux/files/util-linux-2.37.1-ipcutils_calloc_check.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,25 @@ | ||
| From 86d5de52d43501711586054e7b601fbc57403085 Mon Sep 17 00:00:00 2001 | ||
| From: Karel Zak <[email protected]> | ||
| Date: Tue, 27 Jul 2021 11:58:31 +0200 | ||
| Subject: [PATCH] sys-utils/ipcutils: be careful when call calloc() for uint64 | ||
| nmembs | ||
|
|
||
| Fix: https://github.com/karelzak/util-linux/issues/1395 | ||
| Signed-off-by: Karel Zak <[email protected]> | ||
| --- | ||
| sys-utils/ipcutils.c | 2 +- | ||
| 1 file changed, 1 insertion(+), 1 deletion(-) | ||
|
|
||
| diff --git a/sys-utils/ipcutils.c b/sys-utils/ipcutils.c | ||
| index e784c4dcb9..18868cfd38 100644 | ||
| --- a/sys-utils/ipcutils.c | ||
| +++ b/sys-utils/ipcutils.c | ||
| @@ -218,7 +218,7 @@ static void get_sem_elements(struct sem_data *p) | ||
| { | ||
| size_t i; | ||
|
|
||
| - if (!p || !p->sem_nsems || p->sem_perm.id < 0) | ||
| + if (!p || !p->sem_nsems || p->sem_nsems > SIZE_MAX || p->sem_perm.id < 0) | ||
| return; | ||
|
|
||
| p->elements = xcalloc(p->sem_nsems, sizeof(struct sem_elem)); |
38 changes: 38 additions & 0 deletions
38
sys-apps/util-linux/files/util-linux-2.37.1-libmount_setgroups_fix.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,38 @@ | ||
| From 420e914c4cc4c2ba34fd75790ea194d7f4a47d2c Mon Sep 17 00:00:00 2001 | ||
| From: Karel Zak <[email protected]> | ||
| Date: Thu, 29 Jul 2021 11:50:48 +0200 | ||
| Subject: [PATCH] libmount: fix setgroups() use | ||
|
|
||
| * keep process in single supplementary group, which is the real group ID for the process | ||
|
|
||
| * make sure we have rights to call setgroups(), requires group permissions | ||
|
|
||
| Fixes: https://github.com/karelzak/util-linux/issues/1398 | ||
| Signed-off-by: Karel Zak <[email protected]> | ||
| --- | ||
| include/c.h | 6 ++++-- | ||
| 1 file changed, 4 insertions(+), 2 deletions(-) | ||
|
|
||
| diff --git a/include/c.h b/include/c.h | ||
| index c1e4c5ffc..a4504e3ba 100644 | ||
| --- a/include/c.h | ||
| +++ b/include/c.h | ||
| @@ -340,14 +340,16 @@ static inline size_t get_hostname_max(void) | ||
|
|
||
| static inline int drop_permissions(void) | ||
| { | ||
| + gid_t newgid = getgid(); | ||
| + | ||
| errno = 0; | ||
|
|
||
| /* drop supplementary groups */ | ||
| - if (setgroups(0, NULL) != 0) | ||
| + if (geteuid() == 0 && setgroups(1, &newgid) != 0) | ||
| goto fail; | ||
|
|
||
| /* drop GID */ | ||
| - if (setgid(getgid()) < 0) | ||
| + if (setgid(newgid) < 0) | ||
| goto fail; | ||
|
|
||
| /* drop UID */ |
50 changes: 50 additions & 0 deletions
50
sys-apps/util-linux/files/util-linux-2.37.1-lscpu_NULL_dereference_fix.patch
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,50 @@ | ||
| From 0d7cef3ddbd2aacbea8c11e8524a3de68dfb8ff6 Mon Sep 17 00:00:00 2001 | ||
| From: Karel Zak <[email protected]> | ||
| Date: Fri, 30 Jul 2021 14:35:25 +0200 | ||
| Subject: [PATCH] lscpu: fix NULL dereference | ||
|
|
||
| Fixes: https://github.com/karelzak/util-linux/issues/1401 | ||
| Signed-off-by: Karel Zak <[email protected]> | ||
| --- | ||
| sys-utils/lscpu-cputype.c | 2 +- | ||
| sys-utils/lscpu.c | 6 +++--- | ||
| 2 files changed, 4 insertions(+), 4 deletions(-) | ||
|
|
||
| diff --git a/sys-utils/lscpu-cputype.c b/sys-utils/lscpu-cputype.c | ||
| index 795a4acf5..be16199e0 100644 | ||
| --- a/sys-utils/lscpu-cputype.c | ||
| +++ b/sys-utils/lscpu-cputype.c | ||
| @@ -569,7 +569,7 @@ int lscpu_read_cpuinfo(struct lscpu_cxt *cxt) | ||
| /* Set the default type to CPUs which are missing (or not parsed) | ||
| * in cpuinfo */ | ||
| ct = lscpu_cputype_get_default(cxt); | ||
| - for (i = 0; i < cxt->npossibles; i++) { | ||
| + for (i = 0; ct && i < cxt->npossibles; i++) { | ||
| struct lscpu_cpu *cpu = cxt->cpus[i]; | ||
|
|
||
| if (cpu && !cpu->type) | ||
| diff --git a/sys-utils/lscpu.c b/sys-utils/lscpu.c | ||
| index 827e84a6d..e11b2f42f 100644 | ||
| --- a/sys-utils/lscpu.c | ||
| +++ b/sys-utils/lscpu.c | ||
| @@ -991,7 +991,7 @@ static void print_summary(struct lscpu_cxt *cxt) | ||
| *(p - 2) = '\0'; | ||
| add_summary_s(tb, sec, _("CPU op-mode(s):"), buf); | ||
| } | ||
| - if (ct->addrsz) | ||
| + if (ct && ct->addrsz) | ||
| add_summary_s(tb, sec, _("Address sizes:"), ct->addrsz); | ||
| #if !defined(WORDS_BIGENDIAN) | ||
| add_summary_s(tb, sec, _("Byte Order:"), "Little Endian"); | ||
| @@ -1033,9 +1033,9 @@ static void print_summary(struct lscpu_cxt *cxt) | ||
| sec = NULL; | ||
|
|
||
| /* Section: cpu type description */ | ||
| - if (ct->vendor) | ||
| + if (ct && ct->vendor) | ||
| sec = add_summary_s(tb, NULL, _("Vendor ID:"), ct->vendor); | ||
| - if (ct->bios_vendor) | ||
| + if (ct && ct->bios_vendor) | ||
| add_summary_s(tb, sec, _("BIOS Vendor ID:"), ct->bios_vendor); | ||
|
|
||
| for (i = 0; i < cxt->ncputypes; i++) |
Oops, something went wrong.