From 8f5a6af3500b25641625eb8a1d4300d8ca287c19 Mon Sep 17 00:00:00 2001 From: Michael Mair-Keimberger Date: Sun, 7 Jul 2019 11:21:52 +0200 Subject: [PATCH] sys-apps/systemd: remove unused patch Closes: https://github.com/gentoo/gentoo/pull/12399 Signed-off-by: Michael Mair-Keimberger Signed-off-by: Mike Gilbert --- sys-apps/systemd/files/CVE-2019-6454.patch | 198 --------------------- 1 file changed, 198 deletions(-) delete mode 100644 sys-apps/systemd/files/CVE-2019-6454.patch diff --git a/sys-apps/systemd/files/CVE-2019-6454.patch b/sys-apps/systemd/files/CVE-2019-6454.patch deleted file mode 100644 index 97b7d635e7d6..000000000000 --- a/sys-apps/systemd/files/CVE-2019-6454.patch +++ /dev/null @@ -1,198 +0,0 @@ ---- a/src/libsystemd/sd-bus/bus-internal.c -+++ b/src/libsystemd/sd-bus/bus-internal.c -@@ -45,7 +45,7 @@ - if (slash) - return false; - -- return true; -+ return (q - p) <= BUS_PATH_SIZE_MAX; - } - - char* object_path_startswith(const char *a, const char *b) { ---- a/src/libsystemd/sd-bus/bus-internal.h -+++ b/src/libsystemd/sd-bus/bus-internal.h -@@ -333,6 +333,10 @@ - - #define BUS_MESSAGE_SIZE_MAX (128*1024*1024) - #define BUS_AUTH_SIZE_MAX (64*1024) -+/* Note that the D-Bus specification states that bus paths shall have no size limit. We enforce here one -+ * anyway, since truly unbounded strings are a security problem. The limit we pick is relatively large however, -+ * to not clash unnecessarily with real-life applications. */ -+#define BUS_PATH_SIZE_MAX (64*1024) - - #define BUS_CONTAINER_DEPTH 128 - ---- a/src/libsystemd/sd-bus/bus-objects.c -+++ b/src/libsystemd/sd-bus/bus-objects.c -@@ -1134,7 +1134,8 @@ - const char *path, - sd_bus_error *error) { - -- char *prefix; -+ _cleanup_free_ char *prefix = NULL; -+ size_t pl; - int r; - - assert(bus); -@@ -1150,7 +1151,12 @@ - return 0; - - /* Second, add fallback vtables registered for any of the prefixes */ -- prefix = alloca(strlen(path) + 1); -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; -+ - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - r = object_manager_serialize_path(bus, reply, prefix, path, true, error); - if (r < 0) -@@ -1346,6 +1352,7 @@ - } - - int bus_process_object(sd_bus *bus, sd_bus_message *m) { -+ _cleanup_free_ char *prefix = NULL; - int r; - size_t pl; - bool found_object = false; -@@ -1370,9 +1377,12 @@ - assert(m->member); - - pl = strlen(m->path); -- do { -- char prefix[pl+1]; -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; - -+ do { - bus->nodes_modified = false; - - r = object_find_and_run(bus, m, m->path, false, &found_object); -@@ -1499,9 +1509,15 @@ - - n = hashmap_get(bus->nodes, path); - if (!n) { -- char *prefix; -+ _cleanup_free_ char *prefix = NULL; -+ size_t pl; -+ -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; - -- prefix = alloca(strlen(path) + 1); - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - n = hashmap_get(bus->nodes, prefix); - if (n) -@@ -2091,8 +2107,9 @@ - char **names) { - - BUS_DONT_DESTROY(bus); -+ _cleanup_free_ char *prefix = NULL; - bool found_interface = false; -- char *prefix; -+ size_t pl; - int r; - - assert_return(bus, -EINVAL); -@@ -2111,6 +2128,12 @@ - if (names && names[0] == NULL) - return 0; - -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; -+ - do { - bus->nodes_modified = false; - -@@ -2120,7 +2143,6 @@ - if (bus->nodes_modified) - continue; - -- prefix = alloca(strlen(path) + 1); - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - r = emit_properties_changed_on_interface(bus, prefix, path, interface, true, &found_interface, names); - if (r != 0) -@@ -2252,7 +2274,8 @@ - - static int object_added_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { - _cleanup_set_free_ Set *s = NULL; -- char *prefix; -+ _cleanup_free_ char *prefix = NULL; -+ size_t pl; - int r; - - assert(bus); -@@ -2297,7 +2320,12 @@ - if (bus->nodes_modified) - return 0; - -- prefix = alloca(strlen(path) + 1); -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; -+ - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - r = object_added_append_all_prefix(bus, m, s, prefix, path, true); - if (r < 0) -@@ -2436,7 +2464,8 @@ - - static int object_removed_append_all(sd_bus *bus, sd_bus_message *m, const char *path) { - _cleanup_set_free_ Set *s = NULL; -- char *prefix; -+ _cleanup_free_ char *prefix = NULL; -+ size_t pl; - int r; - - assert(bus); -@@ -2468,7 +2497,12 @@ - if (bus->nodes_modified) - return 0; - -- prefix = alloca(strlen(path) + 1); -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; -+ - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - r = object_removed_append_all_prefix(bus, m, s, prefix, path, true); - if (r < 0) -@@ -2618,7 +2652,8 @@ - const char *path, - const char *interface) { - -- char *prefix; -+ _cleanup_free_ char *prefix = NULL; -+ size_t pl; - int r; - - assert(bus); -@@ -2632,7 +2667,12 @@ - if (bus->nodes_modified) - return 0; - -- prefix = alloca(strlen(path) + 1); -+ pl = strlen(path); -+ assert(pl <= BUS_PATH_SIZE_MAX); -+ prefix = new(char, pl + 1); -+ if (!prefix) -+ return -ENOMEM; -+ - OBJECT_PATH_FOREACH_PREFIX(prefix, path) { - r = interfaces_added_append_one_prefix(bus, m, prefix, path, interface, true); - if (r != 0) - - - -- 2.26.2