加入 Gitee
与超过 1200万 开发者一起发现、参与优秀开源项目,私有仓库也完全免费 :)
免费加入
文件
该仓库未声明开源许可证文件(LICENSE),使用请关注具体项目描述及其代码上游依赖。
克隆/下载
CVE-2020-1712-2.patch 2.56 KB
一键复制 编辑 原始数据 按行查看 历史
syyhao 提交于 2020-03-10 09:45 . fix CVE 2020 1712 and backport a patch
From 1068447e6954dc6ce52f099ed174c442cb89ed54 Mon Sep 17 00:00:00 2001
From: Lennart Poettering <lennart@poettering.net>
Date: Wed, 22 Jan 2020 17:05:17 +0100
Subject: [PATCH 1612/1760] sd-bus: introduce API for re-enqueuing incoming
messages
When authorizing via PolicyKit we want to process incoming method calls
twice: once to process and figure out that we need PK authentication,
and a second time after we aquired PK authentication to actually execute
the operation. With this new call sd_bus_enqueue_for_read() we have a
way to put an incoming message back into the read queue for this
purpose.
This might have other uses too, for example debugging.
https://github.com/systemd/systemd/commit/1068447e6954dc6ce52f099ed174c442cb89ed54
---
src/libsystemd/sd-bus/sd-bus.c | 25 +++++++++++++++++++++++++
src/systemd/sd-bus.h | 1 +
2 files changed, 26 insertions(+)
diff --git a/src/libsystemd/sd-bus/sd-bus.c b/src/libsystemd/sd-bus/sd-bus.c
index 615346d..05593d1 100644
--- a/src/libsystemd/sd-bus/sd-bus.c
+++ b/src/libsystemd/sd-bus/sd-bus.c
@@ -4198,3 +4198,28 @@ _public_ int sd_bus_get_close_on_exit(sd_bus *bus) {
return bus->close_on_exit;
}
+
+
+_public_ int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m) {
+ int r;
+
+ assert_return(bus, -EINVAL);
+ assert_return(bus = bus_resolve(bus), -ENOPKG);
+ assert_return(m, -EINVAL);
+ assert_return(m->sealed, -EINVAL);
+ assert_return(!bus_pid_changed(bus), -ECHILD);
+
+ if (!BUS_IS_OPEN(bus->state))
+ return -ENOTCONN;
+
+ /* Re-enqeue a message for reading. This is primarily useful for PolicyKit-style authentication,
+ * where we want accept a message, then determine we need to interactively authenticate the user, and
+ * when we have that process the message again. */
+
+ r = bus_rqueue_make_room(bus);
+ if (r < 0)
+ return r;
+
+ bus->rqueue[bus->rqueue_size++] = bus_message_ref_queued(m, bus);
+ return 0;
+}
diff --git a/src/systemd/sd-bus.h b/src/systemd/sd-bus.h
index 84ceb62..2e104f8 100644
--- a/src/systemd/sd-bus.h
+++ b/src/systemd/sd-bus.h
@@ -201,6 +201,7 @@ int sd_bus_process(sd_bus *bus, sd_bus_message **r);
int sd_bus_process_priority(sd_bus *bus, int64_t max_priority, sd_bus_message **r);
int sd_bus_wait(sd_bus *bus, uint64_t timeout_usec);
int sd_bus_flush(sd_bus *bus);
+int sd_bus_enqeue_for_read(sd_bus *bus, sd_bus_message *m);
sd_bus_slot* sd_bus_get_current_slot(sd_bus *bus);
sd_bus_message* sd_bus_get_current_message(sd_bus *bus);
--
2.19.1
马建仓 AI 助手
尝试更多
代码解读
代码找茬
代码优化