kdelibs: add CVE-2017-8422.patch
taken from upstream git commit 264e97625abe2e0334f97de17f6ffb52582888ab KDE security advisory: https://www.kde.org/info/security/advisory-20170510-1.txt
This commit is contained in:
parent
b045ca2897
commit
9531007cf9
2 changed files with 165 additions and 1 deletions
164
srcpkgs/kdelibs/patches/CVE-2017-8422.patch
Normal file
164
srcpkgs/kdelibs/patches/CVE-2017-8422.patch
Normal file
|
@ -0,0 +1,164 @@
|
|||
--- kdecore/auth/AuthBackend.cpp
|
||||
+++ kdecore/auth/AuthBackend.cpp
|
||||
@@ -54,6 +54,11 @@ void AuthBackend::setCapabilities(AuthBackend::Capabilities capabilities)
|
||||
d->capabilities = capabilities;
|
||||
}
|
||||
|
||||
+AuthBackend::ExtraCallerIDVerificationMethod AuthBackend::extraCallerIDVerificationMethod() const
|
||||
+{
|
||||
+ return NoExtraCallerIDVerificationMethod;
|
||||
+}
|
||||
+
|
||||
bool AuthBackend::actionExists(const QString& action)
|
||||
{
|
||||
Q_UNUSED(action);
|
||||
--- kdecore/auth/AuthBackend.h
|
||||
+++ kdecore/auth/AuthBackend.h
|
||||
@@ -43,6 +43,12 @@ public:
|
||||
};
|
||||
Q_DECLARE_FLAGS(Capabilities, Capability)
|
||||
|
||||
+ enum ExtraCallerIDVerificationMethod {
|
||||
+ NoExtraCallerIDVerificationMethod,
|
||||
+ VerifyAgainstDBusServiceName,
|
||||
+ VerifyAgainstDBusServicePid,
|
||||
+ };
|
||||
+
|
||||
AuthBackend();
|
||||
virtual ~AuthBackend();
|
||||
virtual void setupAction(const QString &action) = 0;
|
||||
@@ -50,6 +56,7 @@ public:
|
||||
virtual Action::AuthStatus authorizeAction(const QString &action) = 0;
|
||||
virtual Action::AuthStatus actionStatus(const QString &action) = 0;
|
||||
virtual QByteArray callerID() const = 0;
|
||||
+ virtual ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const;
|
||||
virtual bool isCallerAuthorized(const QString &action, QByteArray callerID) = 0;
|
||||
virtual bool actionExists(const QString &action);
|
||||
|
||||
--- kdecore/auth/backends/dbus/DBusHelperProxy.cpp
|
||||
+++ kdecore/auth/backends/dbus/DBusHelperProxy.cpp
|
||||
@@ -271,6 +271,29 @@ void DBusHelperProxy::performActions(QByteArray blob, const QByteArray &callerID
|
||||
}
|
||||
}
|
||||
|
||||
+bool DBusHelperProxy::isCallerAuthorized(const QString &action, const QByteArray &callerID)
|
||||
+{
|
||||
+ // Check the caller is really who it says it is
|
||||
+ switch (BackendsManager::authBackend()->extraCallerIDVerificationMethod()) {
|
||||
+ case AuthBackend::NoExtraCallerIDVerificationMethod:
|
||||
+ break;
|
||||
+
|
||||
+ case AuthBackend::VerifyAgainstDBusServiceName:
|
||||
+ if (message().service().toUtf8() != callerID) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ break;
|
||||
+
|
||||
+ case AuthBackend::VerifyAgainstDBusServicePid:
|
||||
+ if (connection().interface()->servicePid(message().service()).value() != callerID.toUInt()) {
|
||||
+ return false;
|
||||
+ }
|
||||
+ break;
|
||||
+ }
|
||||
+
|
||||
+ return BackendsManager::authBackend()->isCallerAuthorized(action, callerID);
|
||||
+}
|
||||
+
|
||||
QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArray &callerID, QByteArray arguments)
|
||||
{
|
||||
if (!responder) {
|
||||
@@ -295,7 +318,7 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra
|
||||
QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer*>();
|
||||
timer->stop();
|
||||
|
||||
- if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) {
|
||||
+ if (isCallerAuthorized(action, callerID)) {
|
||||
QString slotname = action;
|
||||
if (slotname.startsWith(m_name + QLatin1Char('.'))) {
|
||||
slotname = slotname.right(slotname.length() - m_name.length() - 1);
|
||||
@@ -338,7 +361,7 @@ uint DBusHelperProxy::authorizeAction(const QString& action, const QByteArray& c
|
||||
QTimer *timer = responder->property("__KAuth_Helper_Shutdown_Timer").value<QTimer*>();
|
||||
timer->stop();
|
||||
|
||||
- if (BackendsManager::authBackend()->isCallerAuthorized(action, callerID)) {
|
||||
+ if (isCallerAuthorized(action, callerID)) {
|
||||
retVal = static_cast<uint>(Action::Authorized);
|
||||
} else {
|
||||
retVal = static_cast<uint>(Action::Denied);
|
||||
--- kdecore/auth/backends/dbus/DBusHelperProxy.h
|
||||
+++ kdecore/auth/backends/dbus/DBusHelperProxy.h
|
||||
@@ -21,6 +21,7 @@
|
||||
#ifndef DBUS_HELPER_PROXY_H
|
||||
#define DBUS_HELPER_PROXY_H
|
||||
|
||||
+#include <QDBusContext>
|
||||
#include <QVariant>
|
||||
#include "HelperProxy.h"
|
||||
#include "kauthactionreply.h"
|
||||
@@ -28,7 +29,7 @@
|
||||
namespace KAuth
|
||||
{
|
||||
|
||||
-class DBusHelperProxy : public HelperProxy
|
||||
+class DBusHelperProxy : public HelperProxy, protected QDBusContext
|
||||
{
|
||||
Q_OBJECT
|
||||
Q_INTERFACES(KAuth::HelperProxy)
|
||||
@@ -73,6 +74,9 @@ signals:
|
||||
|
||||
private slots:
|
||||
void remoteSignalReceived(int type, const QString &action, QByteArray blob);
|
||||
+
|
||||
+private:
|
||||
+ bool isCallerAuthorized(const QString &action, const QByteArray &callerID);
|
||||
};
|
||||
|
||||
} // namespace Auth
|
||||
--- kdecore/auth/backends/policykit/PolicyKitBackend.cpp
|
||||
+++ kdecore/auth/backends/policykit/PolicyKitBackend.cpp
|
||||
@@ -78,6 +78,11 @@ QByteArray PolicyKitBackend::callerID() const
|
||||
return a;
|
||||
}
|
||||
|
||||
+AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const
|
||||
+{
|
||||
+ return VerifyAgainstDBusServicePid;
|
||||
+}
|
||||
+
|
||||
bool PolicyKitBackend::isCallerAuthorized(const QString &action, QByteArray callerID)
|
||||
{
|
||||
QDataStream s(&callerID, QIODevice::ReadOnly);
|
||||
--- kdecore/auth/backends/policykit/PolicyKitBackend.h
|
||||
+++ kdecore/auth/backends/policykit/PolicyKitBackend.h
|
||||
@@ -40,6 +40,7 @@ public:
|
||||
virtual Action::AuthStatus authorizeAction(const QString&);
|
||||
virtual Action::AuthStatus actionStatus(const QString&);
|
||||
virtual QByteArray callerID() const;
|
||||
+ virtual ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const;
|
||||
virtual bool isCallerAuthorized(const QString &action, QByteArray callerID);
|
||||
|
||||
private Q_SLOTS:
|
||||
--- kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
|
||||
+++ kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
|
||||
@@ -163,6 +163,11 @@ QByteArray Polkit1Backend::callerID() const
|
||||
return QDBusConnection::systemBus().baseService().toUtf8();
|
||||
}
|
||||
|
||||
+AuthBackend::ExtraCallerIDVerificationMethod Polkit1Backend::extraCallerIDVerificationMethod() const
|
||||
+{
|
||||
+ return VerifyAgainstDBusServiceName;
|
||||
+}
|
||||
+
|
||||
bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
|
||||
{
|
||||
PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
|
||||
--- kdecore/auth/backends/polkit-1/Polkit1Backend.h
|
||||
+++ kdecore/auth/backends/polkit-1/Polkit1Backend.h
|
||||
@@ -48,6 +48,7 @@ public:
|
||||
virtual Action::AuthStatus authorizeAction(const QString&);
|
||||
virtual Action::AuthStatus actionStatus(const QString&);
|
||||
virtual QByteArray callerID() const;
|
||||
+ virtual ExtraCallerIDVerificationMethod extraCallerIDVerificationMethod() const;
|
||||
virtual bool isCallerAuthorized(const QString &action, QByteArray callerID);
|
||||
virtual bool actionExists(const QString& action);
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'kdelibs'
|
||||
pkgname=kdelibs
|
||||
version=4.14.3
|
||||
revision=8
|
||||
revision=9
|
||||
short_desc="KDE core libraries"
|
||||
maintainer="Juan RP <xtraeme@voidlinux.eu>"
|
||||
license="GPL-2.0, LGPL-2.1, FDL"
|
||||
|
|
Loading…
Reference in a new issue