From 80ca520e5676b05bc53fd22bfb9029a26c17369f Mon Sep 17 00:00:00 2001
From: David Zeuthen <davidz@fedoraproject.org>
Date: Feb 28 2008 04:36:23 +0000
Subject: - CVE-2008-0595


---

diff --git a/dbus-fix-for-cve-2008-0595.patch b/dbus-fix-for-cve-2008-0595.patch
new file mode 100644
index 0000000..da37146
--- /dev/null
+++ b/dbus-fix-for-cve-2008-0595.patch
@@ -0,0 +1,50 @@
+diff --git a/bus/policy.c b/bus/policy.c
+index 383b2b1..caa544e 100644
+--- a/bus/policy.c
++++ b/bus/policy.c
+@@ -942,9 +942,19 @@ bus_client_policy_check_can_send (BusClientPolicy *policy,
+       
+       if (rule->d.send.interface != NULL)
+         {
+-          if (dbus_message_get_interface (message) != NULL &&
+-              strcmp (dbus_message_get_interface (message),
+-                      rule->d.send.interface) != 0)
++          /* The interface is optional in messages. For allow rules, if the message
++           * has no interface we want to skip the rule (and thus not allow);
++           * for deny rules, if the message has no interface we want to use the
++           * rule (and thus deny).
++           */
++          dbus_bool_t no_interface;
++
++          no_interface = dbus_message_get_interface (message) == NULL;
++          
++          if ((no_interface && rule->allow) ||
++              (!no_interface && 
++               strcmp (dbus_message_get_interface (message),
++                       rule->d.send.interface) != 0))
+             {
+               _dbus_verbose ("  (policy) skipping rule for different interface\n");
+               continue;
+@@ -1128,9 +1138,19 @@ bus_client_policy_check_can_receive (BusClientPolicy *policy,
+       
+       if (rule->d.receive.interface != NULL)
+         {
+-          if (dbus_message_get_interface (message) != NULL &&
+-              strcmp (dbus_message_get_interface (message),
+-                      rule->d.receive.interface) != 0)
++          /* The interface is optional in messages. For allow rules, if the message
++           * has no interface we want to skip the rule (and thus not allow);
++           * for deny rules, if the message has no interface we want to use the
++           * rule (and thus deny).
++           */
++          dbus_bool_t no_interface;
++
++          no_interface = dbus_message_get_interface (message) == NULL;
++          
++          if ((no_interface && rule->allow) ||
++              (!no_interface &&
++               strcmp (dbus_message_get_interface (message),
++                       rule->d.receive.interface) != 0))
+             {
+               _dbus_verbose ("  (policy) skipping rule for different interface\n");
+               continue;
diff --git a/dbus.spec b/dbus.spec
index 35789ff..ac8c36f 100644
--- a/dbus.spec
+++ b/dbus.spec
@@ -8,7 +8,7 @@
 Summary: D-BUS message bus
 Name: dbus
 Version: 1.0.2 
-Release: 6%{?dist}
+Release: 7%{?dist}
 URL: http://www.freedesktop.org/software/dbus/
 Source0: http://dbus.freedesktop.org/releases/dbus/%{name}-%{version}.tar.gz
 Source1: doxygen_to_devhelp.xsl
@@ -37,6 +37,8 @@ Patch1: dbus-0.60-start-early.patch
 Patch2: dbus-0.92-audit-system.patch
 Patch4: dbus-1.0.1-generate-xml-docs.patch
 Patch5: dbus-1.0.2-selinux.patch
+# CVE-2008-0595
+Patch6: dbus-fix-for-cve-2008-0595.patch
 
 %description
 
@@ -73,6 +75,7 @@ in this separate package so server systems need not install X.
 %patch2 -p1 -b .audit_system
 %patch4 -p1 -b .generate-xml-docs
 %patch5 -p1 -b .selinux-send-to-audit
+%patch6 -p1 -b .cve-2008-0595
 
 autoreconf -f -i
 
@@ -189,6 +192,9 @@ fi
 %{_datadir}/devhelp/books/dbus
 
 %changelog
+* Wed Feb 27 2008 David Zeuthen <davidz@redhat.com> - 1.0.2-7%{?dist}
+- CVE-2008-0595
+
 * Fri Jun 22 2007 Matthias Clasen <mclasen@redhat.com> - 1.0.2-6
 - Don't require libxml-python needlessly (#245300)