From 826637b716a2c26c5230021e24ce6a6ef1bd73e7 Mon Sep 17 00:00:00 2001 From: Matthias Clasen Date: Jun 27 2009 23:09:29 +0000 Subject: don't leak inotify fd --- diff --git a/dbus-inotify-fd-leak.patch b/dbus-inotify-fd-leak.patch new file mode 100644 index 0000000..99b30e2 --- /dev/null +++ b/dbus-inotify-fd-leak.patch @@ -0,0 +1,27 @@ +diff -u -r dbus-1.2.14/bus/dir-watch-inotify.c dbus-1.2.14.fd-leak/bus/dir-watch-inotify.c +--- dbus-1.2.14/bus/dir-watch-inotify.c 2009-04-17 15:45:29.000000000 -0400 ++++ dbus-1.2.14.fd-leak/bus/dir-watch-inotify.c 2009-06-27 18:38:54.966881736 -0400 +@@ -98,7 +98,11 @@ + _dbus_assert (dir != NULL); + + if (inotify_fd == -1) { ++#ifdef HAVE_INOTIFY_INIT1 ++ inotify_fd = inotify_init1 (IN_CLOEXEC); ++#else + inotify_fd = inotify_init (); ++#endif + if (inotify_fd <= 0) { + _dbus_warn ("Cannot initialize inotify\n"); + goto out; +diff -u -r dbus-1.2.14/configure.in dbus-1.2.14.fd-leak/configure.in +--- dbus-1.2.14/configure.in 2009-05-06 12:51:19.000000000 -0400 ++++ dbus-1.2.14.fd-leak/configure.in 2009-06-27 18:37:10.787645299 -0400 +@@ -983,7 +983,7 @@ + dnl check if inotify backend is enabled + if test x$have_inotify = xyes; then + AC_DEFINE(DBUS_BUS_ENABLE_INOTIFY,1,[Use inotify]) +- ++ AC_CHECK_FUNCS(inotify_init1) + fi + + AM_CONDITIONAL(DBUS_BUS_ENABLE_INOTIFY, test x$have_inotify = xyes) diff --git a/dbus.spec b/dbus.spec index bc6c0d7..a8c04b5 100644 --- a/dbus.spec +++ b/dbus.spec @@ -9,7 +9,7 @@ Summary: D-BUS message bus Name: dbus Epoch: 1 Version: 1.2.4 -Release: 3%{?dist} +Release: 4%{?dist} URL: http://www.freedesktop.org/software/dbus/ Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz Source1: doxygen_to_devhelp.xsl @@ -43,6 +43,8 @@ Patch1: dbus-1.0.1-generate-xml-docs.patch Patch6: dbus-1.2.1-increase-timeout.patch Patch10: 0001-Bug-17803-Fix-both-test-case-and-validation-logic.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=22516 +Patch11: dbus-inotify-fd-leak.patch %description D-BUS is a system for sending messages between applications. It is @@ -99,6 +101,7 @@ in this separate package so server systems need not install X. %patch6 -p1 -b .increase-timeout %patch10 -p1 -b .cve-2009-1189 +%patch11 -p1 -b .inotify-fd-leak autoreconf -f -i @@ -230,6 +233,9 @@ fi %{_includedir}/* %changelog +* Sat Jun 27 2009 Matthias Clasen - 1.2.4-4 +- Don't leak inotify fd (#505338) + * Thu May 07 2009 Colin Walters - 1.2.4-3 - Add patch for CVE-2009-1189