From d8d2ff965eb6066162f55e24a717d53288e520f0 Mon Sep 17 00:00:00 2001 From: Jan Synacek Date: Oct 03 2018 11:50:02 +0000 Subject: Fix line_begins() to accept word matching full string (#1631840) Resolves: #1631840 --- diff --git a/0003-bus-socket-Fix-line_begins-to-accept-word-matching-f.patch b/0003-bus-socket-Fix-line_begins-to-accept-word-matching-f.patch new file mode 100644 index 0000000..1b9df6d --- /dev/null +++ b/0003-bus-socket-Fix-line_begins-to-accept-word-matching-f.patch @@ -0,0 +1,48 @@ +From 3f10c66270b74530339b3f466c43874bb40c210f Mon Sep 17 00:00:00 2001 +From: Filipe Brandenburger +Date: Tue, 17 Jul 2018 11:32:40 -0700 +Subject: [PATCH] bus-socket: Fix line_begins() to accept word matching full + string + +The switch to memory_startswith() changed the logic to only look for a space or +NUL byte after the matched word, but matching the full size should also be +acceptable. + +This changed the behavior of parsing of "AUTH\r\n", where m will be set to 4, +since even though the word will match, the check for it being followed by ' ' +or NUL will make line_begins() return false. + +Tested: + +- Using netcat to connect to the private socket directly: + $ echo -ne '\0AUTH\r\n' | sudo nc -U /run/systemd/private + REJECTED EXTERNAL ANONYMOUS + +- Running the Ignition blackbox test: + $ sudo sh -c 'PATH=$PWD/bin/amd64:$PATH ./tests.test' + PASS + +Fixes: d27b725abf64a19a6b2f99332b663f17ad046771 +--- + src/libsystemd/sd-bus/bus-socket.c | 5 +---- + 1 file changed, 1 insertion(+), 4 deletions(-) + +diff --git a/src/libsystemd/sd-bus/bus-socket.c b/src/libsystemd/sd-bus/bus-socket.c +index be491c957..a785a247c 100644 +--- a/src/libsystemd/sd-bus/bus-socket.c ++++ b/src/libsystemd/sd-bus/bus-socket.c +@@ -246,10 +246,7 @@ static bool line_begins(const char *s, size_t m, const char *word) { + const char *p; + + p = memory_startswith(s, m, word); +- if (!p) +- return false; +- +- return IN_SET(*p, 0, ' '); ++ return p && (p == (s + m) || *p == ' '); + } + + static int verify_anonymous_token(sd_bus *b, const char *p, size_t l) { +-- +2.14.4 + diff --git a/systemd.spec b/systemd.spec index 42fb736..6762e2f 100644 --- a/systemd.spec +++ b/systemd.spec @@ -52,6 +52,7 @@ GIT_DIR=../../src/systemd/.git git diffab -M v233..master@{2017-06-15} -- hwdb/[ Patch0001: 0001-build-sys-Detect-whether-struct-statx-is-defined-in-.patch Patch0002: 0002-meson-rename-Ddebug-to-Ddebug-extra.patch +Patch0003: 0003-bus-socket-Fix-line_begins-to-accept-word-matching-f.patch Patch0998: 0998-resolved-create-etc-resolv.conf-symlink-at-runtime.patch @@ -694,6 +695,7 @@ fi %changelog * Wed Oct 3 2018 Jan Synáček - 239-5 - Fix meson using -Ddebug, which results in FTBFS +- Fix line_begins() to accept word matching full string (#1631840) * Mon Sep 10 2018 Zbigniew Jędrzejewski-Szmek - 239-4 - Move /etc/yum/protected.d/systemd.conf to /etc/dnf/ (#1626969)