Go to:
Gentoo Home
Documentation
Forums
Lists
Bugs
Planet
Store
Wiki
Get Gentoo!
Gentoo's Bugzilla – Attachment 144644 Details for
Bug 211451
sys-apps/dbus < 1.1.20 Security policy flaw (CVE-2008-0595)
Home
|
New
–
[Ex]
|
Browse
|
Search
|
Privacy Policy
|
[?]
|
Reports
|
Requests
|
Help
|
New Account
|
Log In
[x]
|
Forgot Password
Login:
[x]
[patch]
CVE-2008-0595.patch
CVE-2008-0595.patch (text/plain), 2.19 KB, created by
Sune Kloppenborg Jeppesen (RETIRED)
on 2008-02-25 21:13:03 UTC
(
hide
)
Description:
CVE-2008-0595.patch
Filename:
MIME Type:
Creator:
Sune Kloppenborg Jeppesen (RETIRED)
Created:
2008-02-25 21:13:03 UTC
Size:
2.19 KB
patch
obsolete
>diff --git a/bus/policy.c b/bus/policy.c >index 383b2b1..caa544e 100644 >--- a/bus/policy.c >+++ b/bus/policy.c >@@ -942,9 +942,19 @@ bus_client_policy_check_can_send (BusClientPolicy *policy, > > if (rule->d.send.interface != NULL) > { >- if (dbus_message_get_interface (message) != NULL && >- strcmp (dbus_message_get_interface (message), >- rule->d.send.interface) != 0) >+ /* The interface is optional in messages. For allow rules, if the message >+ * has no interface we want to skip the rule (and thus not allow); >+ * for deny rules, if the message has no interface we want to use the >+ * rule (and thus deny). >+ */ >+ dbus_bool_t no_interface; >+ >+ no_interface = dbus_message_get_interface (message) == NULL; >+ >+ if ((no_interface && rule->allow) || >+ (!no_interface && >+ strcmp (dbus_message_get_interface (message), >+ rule->d.send.interface) != 0)) > { > _dbus_verbose (" (policy) skipping rule for different interface\n"); > continue; >@@ -1128,9 +1138,19 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy, > > if (rule->d.receive.interface != NULL) > { >- if (dbus_message_get_interface (message) != NULL && >- strcmp (dbus_message_get_interface (message), >- rule->d.receive.interface) != 0) >+ /* The interface is optional in messages. For allow rules, if the message >+ * has no interface we want to skip the rule (and thus not allow); >+ * for deny rules, if the message has no interface we want to use the >+ * rule (and thus deny). >+ */ >+ dbus_bool_t no_interface; >+ >+ no_interface = dbus_message_get_interface (message) == NULL; >+ >+ if ((no_interface && rule->allow) || >+ (!no_interface && >+ strcmp (dbus_message_get_interface (message), >+ rule->d.receive.interface) != 0)) > { > _dbus_verbose (" (policy) skipping rule for different interface\n"); > continue;
<b>You cannot view the attachment while viewing its details because your browser does not support IFRAMEs. <a href="attachment.cgi?id=144644">View the attachment on a separate page</a>.</b>
View Attachment As Diff
View Attachment As Raw
Actions:
View
|
Diff
Attachments on
bug 211451
: 144644
