diff options
Diffstat (limited to 'meta/recipes-core/systemd/systemd/CVE-2016-7795.patch')
-rw-r--r-- | meta/recipes-core/systemd/systemd/CVE-2016-7795.patch | 69 |
1 files changed, 0 insertions, 69 deletions
diff --git a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch b/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch deleted file mode 100644 index 5ecb9c32de..0000000000 --- a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch +++ /dev/null @@ -1,69 +0,0 @@ -Subject: Fix CVE-2016-7795 - -This undoes 531ac2b. I acked that patch without looking at the code -carefully enough. There are two problems: -- we want to process the fds anyway -- in principle empty notification messages are valid, and we should - process them as usual, including logging using log_unit_debug(). - -Upstream-Status: Backport -CVE: CVE-2016-7795 - -Signed-off-by: Chen Qi <Qi.Chen@windriver.com> ---- - src/core/manager.c | 11 ++++++----- - 1 file changed, 6 insertions(+), 5 deletions(-) - -diff --git a/src/core/manager.c b/src/core/manager.c -index 7838f56..f165d08e 100644 ---- a/src/core/manager.c -+++ b/src/core/manager.c -@@ -1589,13 +1589,12 @@ static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, ui - return 0; - } - --static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, size_t n, FDSet *fds) { -+static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) { - _cleanup_strv_free_ char **tags = NULL; - - assert(m); - assert(u); - assert(buf); -- assert(n > 0); - - tags = strv_split(buf, "\n\r"); - if (!tags) { -@@ -1688,25 +1687,27 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t - return 0; - } - -+ /* The message should be a string. Here we make sure it's NUL-terminated, -+ * but only the part until first NUL will be used anyway. */ - buf[n] = 0; - - /* Notify every unit that might be interested, but try - * to avoid notifying the same one multiple times. */ - u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid); - if (u1) { -- manager_invoke_notify_message(m, u1, ucred->pid, buf, n, fds); -+ manager_invoke_notify_message(m, u1, ucred->pid, buf, fds); - found = true; - } - - u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid)); - if (u2 && u2 != u1) { -- manager_invoke_notify_message(m, u2, ucred->pid, buf, n, fds); -+ manager_invoke_notify_message(m, u2, ucred->pid, buf, fds); - found = true; - } - - u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid)); - if (u3 && u3 != u2 && u3 != u1) { -- manager_invoke_notify_message(m, u3, ucred->pid, buf, n, fds); -+ manager_invoke_notify_message(m, u3, ucred->pid, buf, fds); - found = true; - } - --- -2.8.3 - |