Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package dbus-1 for openSUSE:Factory checked in at 2023-06-14 16:28:56 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/dbus-1 (Old) and /work/SRC/openSUSE:Factory/.dbus-1.new.15902 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "dbus-1" Wed Jun 14 16:28:56 2023 rev:178 rq:1092691 version:1.14.8 Changes: -------- dbus-1-x11.changes: same change --- /work/SRC/openSUSE:Factory/dbus-1/dbus-1.changes 2023-03-02 23:02:07.718791045 +0100 +++ /work/SRC/openSUSE:Factory/.dbus-1.new.15902/dbus-1.changes 2023-06-14 16:29:18.926459391 +0200 @@ -1,0 +2,16 @@ +Mon Jun 12 21:14:39 UTC 2023 - Dirk Müller <[email protected]> + +- update to 1.14.8 (bsc#1212126, CVE-2023-34969): + * Denial-of-service fixes: + * Fix an assertion failure in dbus-daemon when a privileged + Monitoring connection (dbus-monitor, busctl monitor, gdbus + monitor or similar) is active, and a message from the bus + driver cannot be delivered to a client connection due to + <deny> rules or outgoing message quota. This + is a denial of service if triggered maliciously by a local + attacker. + * Fix compilation on compilers not supporting __FUNCTION__ + * Fix some memory leaks on out-of-memory conditions + * Fix syntax of a code sample in dbus-api-design + +------------------------------------------------------------------- Old: ---- dbus-1.14.6.tar.xz dbus-1.14.6.tar.xz.asc New: ---- dbus-1.14.8.tar.xz dbus-1.14.8.tar.xz.asc ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ dbus-1-devel-doc.spec ++++++ --- /var/tmp/diff_new_pack.o65rc4/_old 2023-06-14 16:29:26.010502933 +0200 +++ /var/tmp/diff_new_pack.o65rc4/_new 2023-06-14 16:29:26.014502957 +0200 @@ -23,7 +23,7 @@ %global _backup %{_sysconfdir}/sysconfig/services.rpmbak.%{name}-%{version}-%{release} %bcond_without selinux Name: dbus-1-devel-doc -Version: 1.14.6 +Version: 1.14.8 Release: 0 Summary: Developer documentation package for D-Bus License: AFL-2.1 OR GPL-2.0-or-later ++++++ dbus-1-x11.spec ++++++ --- /var/tmp/diff_new_pack.o65rc4/_old 2023-06-14 16:29:26.034503081 +0200 +++ /var/tmp/diff_new_pack.o65rc4/_new 2023-06-14 16:29:26.038503105 +0200 @@ -23,7 +23,7 @@ %endif %bcond_without selinux Name: dbus-1-x11 -Version: 1.14.6 +Version: 1.14.8 Release: 0 Summary: D-Bus Message Bus System License: AFL-2.1 OR GPL-2.0-or-later ++++++ dbus-1.spec ++++++ --- /var/tmp/diff_new_pack.o65rc4/_old 2023-06-14 16:29:26.062503253 +0200 +++ /var/tmp/diff_new_pack.o65rc4/_new 2023-06-14 16:29:26.066503277 +0200 @@ -21,7 +21,7 @@ %define _libname libdbus-1-3 %bcond_without selinux Name: dbus-1 -Version: 1.14.6 +Version: 1.14.8 Release: 0 Summary: D-Bus Message Bus System License: AFL-2.1 OR GPL-2.0-or-later ++++++ dbus-1.14.6.tar.xz -> dbus-1.14.8.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/AUTHORS new/dbus-1.14.8/AUTHORS --- old/dbus-1.14.6/AUTHORS 2022-10-05 12:03:53.000000000 +0200 +++ new/dbus-1.14.8/AUTHORS 2023-06-06 15:00:36.000000000 +0200 @@ -15,6 +15,7 @@ Artem Bityutskiy <[email protected]> Arun Raghavan <[email protected]> Aurelien Jarno <[email protected]> +Barnabás PÅcze <[email protected]> Benedikt Heine <[email protected]> Benjamin Reed <[email protected]> Bertrand SIMONNET <[email protected]> @@ -46,6 +47,7 @@ Daniel Reed <[email protected]> Daniel Wendt <[email protected]> Dan Williams <[email protected]> +Dave Jones <[email protected]> Dave Reisner <[email protected]> David King <[email protected]> David Redondo <[email protected]> @@ -58,6 +60,7 @@ Dmitri Iouchtchenko <[email protected]> DreamNik <[email protected]> Eamon Walsh <[email protected]> +Evgeny Vereshchagin <[email protected]> eXeC001er <[email protected]> Federico Mena Quintero <[email protected]> Felipe Franciosi <[email protected]> @@ -75,6 +78,7 @@ Havoc Pennington <[email protected]> Havoc Pennington <[email protected]> Hendrik Buschmeier <[email protected]> +hongjinghao <[email protected]> hyeric <[email protected]> ilovezfs <[email protected]> Ioan-Adrian Ratiu <[email protected]> @@ -90,6 +94,7 @@ Jean-Louis Fuchs <[email protected]> Jens Granseuer <[email protected]> Jérémie Dimino <[email protected]> +Jeremi Piotrowski <[email protected]> Jesper Dam <[email protected]> JiÅà KlimeÅ¡ <[email protected]> Joe Marcus Clarke <[email protected]> @@ -104,7 +109,9 @@ Jon Trowbridge <[email protected]> Julien Schueller <[email protected]> Justin Lee <[email protected]> +Kai A. Hiller <[email protected]> Kay Sievers <[email protected]> +Khem Raj <[email protected]> Kimmo Hämäläinen <[email protected]> Kir Kolyshkin <[email protected]> Kjartan Maraas <[email protected]> @@ -126,6 +133,7 @@ Marc Brockschmidt <[email protected]> Marc Mutz <[email protected]> Marc Mutz <[email protected]> +Marco Trevisan (Treviño) <[email protected]> Marcus Brinkmann <[email protected]> Mark Brand <[email protected]> Mark McLoughlin <[email protected]> @@ -236,6 +244,7 @@ Wulf C. Krueger <[email protected]> Xan Lopez <[email protected]> Yaakov Selkowitz <[email protected]> +Yen-Chin, Lee <[email protected]> Yiyang Fei <[email protected]> Zack Rusin <[email protected]> Zeeshan Ali <[email protected]> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/Makefile.in new/dbus-1.14.8/Makefile.in --- old/dbus-1.14.6/Makefile.in 2023-02-08 13:04:30.000000000 +0100 +++ new/dbus-1.14.8/Makefile.in 2023-06-06 15:02:00.000000000 +0200 @@ -15,7 +15,7 @@ @SET_MAKE@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Wed Feb 8 12:04:21 GMT 2023 +# from AX_AM_MACROS_STATIC on Tue Jun 6 14:01:59 BST 2023 VPATH = @srcdir@ am__is_gnu_make = { \ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/NEWS new/dbus-1.14.8/NEWS --- old/dbus-1.14.6/NEWS 2023-02-08 13:04:12.000000000 +0100 +++ new/dbus-1.14.8/NEWS 2023-06-06 15:00:36.000000000 +0200 @@ -1,3 +1,32 @@ +dbus 1.14.8 (2023-06-06) +======================== + +Denial-of-service fixes: + +⢠Fix an assertion failure in dbus-daemon when a privileged Monitoring + connection (dbus-monitor, busctl monitor, gdbus monitor or similar) + is active, and a message from the bus driver cannot be delivered to a + client connection due to <deny> rules or outgoing message quota. This + is a denial of service if triggered maliciously by a local attacker. + (dbus#457; hongjinghao, Simon McVittie) + +Other fixes: + +⢠Fix compilation on compilers not supporting __FUNCTION__ + (dbus!404, Barnabás PÅcze) + +⢠Fix some memory leaks on out-of-memory conditions + (dbus!403, Barnabás PÅcze) + +⢠Documentation: + · Fix syntax of a code sample in dbus-api-design + (dbus!396; Yen-Chin, Lee) + +Tests and CI enhancements: + +⢠Fix CI pipelines after freedesktop/freedesktop#540 + (dbus!405, dbus#456; Simon McVittie) + dbus 1.14.6 (2023-02-08) ======================== diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/aminclude_static.am new/dbus-1.14.8/aminclude_static.am --- old/dbus-1.14.6/aminclude_static.am 2023-02-08 13:04:21.000000000 +0100 +++ new/dbus-1.14.8/aminclude_static.am 2023-06-06 15:01:59.000000000 +0200 @@ -1,6 +1,6 @@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Wed Feb 8 12:04:21 GMT 2023 +# from AX_AM_MACROS_STATIC on Tue Jun 6 14:01:59 BST 2023 # Code coverage diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/bus/Makefile.in new/dbus-1.14.8/bus/Makefile.in --- old/dbus-1.14.6/bus/Makefile.in 2023-02-08 13:04:35.000000000 +0100 +++ new/dbus-1.14.8/bus/Makefile.in 2023-06-06 15:02:00.000000000 +0200 @@ -15,7 +15,7 @@ @SET_MAKE@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Wed Feb 8 12:04:21 GMT 2023 +# from AX_AM_MACROS_STATIC on Tue Jun 6 14:01:59 BST 2023 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/bus/connection.c new/dbus-1.14.8/bus/connection.c --- old/dbus-1.14.6/bus/connection.c 2022-10-02 16:06:53.000000000 +0200 +++ new/dbus-1.14.8/bus/connection.c 2023-06-06 15:00:36.000000000 +0200 @@ -2374,6 +2374,21 @@ if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS)) return FALSE; + /* Make sure the message has a non-zero serial number, otherwise + * bus_transaction_capture_error_reply() will not be able to mock up + * a corresponding reply for it. Normally this would be delayed until + * the first time we actually send the message out from a + * connection, when the transaction is committed, but that's too late + * in this case. + */ + if (dbus_message_get_serial (message) == 0) + { + dbus_uint32_t next_serial; + + next_serial = _dbus_connection_get_next_client_serial (connection); + dbus_message_set_serial (message, next_serial); + } + if (bus_connection_is_active (connection)) { if (!dbus_message_set_destination (message, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/cmake/DBus1ConfigVersion.cmake new/dbus-1.14.8/cmake/DBus1ConfigVersion.cmake --- old/dbus-1.14.6/cmake/DBus1ConfigVersion.cmake 2023-02-08 13:04:29.000000000 +0100 +++ new/dbus-1.14.8/cmake/DBus1ConfigVersion.cmake 2023-06-06 15:02:14.000000000 +0200 @@ -1,4 +1,4 @@ -set(PACKAGE_VERSION 1.14.6) +set(PACKAGE_VERSION 1.14.8) # Check whether the requested PACKAGE_FIND_VERSION is compatible if("${PACKAGE_VERSION}" VERSION_LESS "${PACKAGE_FIND_VERSION}") diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/configure new/dbus-1.14.8/configure --- old/dbus-1.14.6/configure 2023-02-08 13:04:21.000000000 +0100 +++ new/dbus-1.14.8/configure 2023-06-06 15:01:59.000000000 +0200 @@ -1,6 +1,6 @@ #! /bin/sh # Guess values for system-dependent variables and create Makefiles. -# Generated by GNU Autoconf 2.71 for dbus 1.14.6. +# Generated by GNU Autoconf 2.71 for dbus 1.14.8. # # Report bugs to <https://gitlab.freedesktop.org/dbus/dbus/issues>. # @@ -621,8 +621,8 @@ # Identity of this package. PACKAGE_NAME='dbus' PACKAGE_TARNAME='dbus' -PACKAGE_VERSION='1.14.6' -PACKAGE_STRING='dbus 1.14.6' +PACKAGE_VERSION='1.14.8' +PACKAGE_STRING='dbus 1.14.8' PACKAGE_BUGREPORT='https://gitlab.freedesktop.org/dbus/dbus/issues' PACKAGE_URL='' @@ -1614,7 +1614,7 @@ # Omit some internal or obsolete options to make the list less imposing. # This message is too long to be a string in the A/UX 3.1 sh. cat <<_ACEOF -\`configure' configures dbus 1.14.6 to adapt to many kinds of systems. +\`configure' configures dbus 1.14.8 to adapt to many kinds of systems. Usage: $0 [OPTION]... [VAR=VALUE]... @@ -1685,7 +1685,7 @@ if test -n "$ac_init_help"; then case $ac_init_help in - short | recursive ) echo "Configuration of dbus 1.14.6:";; + short | recursive ) echo "Configuration of dbus 1.14.8:";; esac cat <<\_ACEOF @@ -1925,7 +1925,7 @@ test -n "$ac_init_help" && exit $ac_status if $ac_init_version; then cat <<\_ACEOF -dbus configure 1.14.6 +dbus configure 1.14.8 generated by GNU Autoconf 2.71 Copyright (C) 2021 Free Software Foundation, Inc. @@ -2611,7 +2611,7 @@ This file contains any messages produced by compilers while running configure, to aid debugging if configure makes a mistake. -It was created by dbus $as_me 1.14.6, which was +It was created by dbus $as_me 1.14.8, which was generated by GNU Autoconf 2.71. Invocation command line was $ $0$ac_configure_args_raw @@ -4223,7 +4223,7 @@ # Define the identity of the package. PACKAGE='dbus' - VERSION='1.14.6' + VERSION='1.14.8' printf "%s\n" "#define PACKAGE \"$PACKAGE\"" >>confdefs.h @@ -4533,7 +4533,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=2 +LT_REVISION=3 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has @@ -4548,8 +4548,8 @@ DBUS_MAJOR_VERSION=1 DBUS_MINOR_VERSION=14 -DBUS_MICRO_VERSION=6 -DBUS_VERSION=1.14.6 +DBUS_MICRO_VERSION=8 +DBUS_VERSION=1.14.8 @@ -29224,7 +29224,7 @@ # report actual input values of CONFIG_FILES etc. instead of their # values after options handling. ac_log=" -This file was extended by dbus $as_me 1.14.6, which was +This file was extended by dbus $as_me 1.14.8, which was generated by GNU Autoconf 2.71. Invocation command line was CONFIG_FILES = $CONFIG_FILES @@ -29292,7 +29292,7 @@ cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1 ac_cs_config='$ac_cs_config_escaped' ac_cs_version="\\ -dbus config.status 1.14.6 +dbus config.status 1.14.8 configured by $0, generated by GNU Autoconf 2.71, with options \\"\$ac_cs_config\\" diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/configure.ac new/dbus-1.14.8/configure.ac --- old/dbus-1.14.6/configure.ac 2023-02-08 13:04:12.000000000 +0100 +++ new/dbus-1.14.8/configure.ac 2023-06-06 15:00:36.000000000 +0200 @@ -3,7 +3,7 @@ m4_define([dbus_major_version], [1]) m4_define([dbus_minor_version], [14]) -m4_define([dbus_micro_version], [6]) +m4_define([dbus_micro_version], [8]) m4_define([dbus_version], [dbus_major_version.dbus_minor_version.dbus_micro_version]) AC_INIT([dbus], [dbus_version], [https://gitlab.freedesktop.org/dbus/dbus/issues], [dbus]) @@ -42,7 +42,7 @@ ## increment any time the source changes; set to ## 0 if you increment CURRENT -LT_REVISION=2 +LT_REVISION=3 ## increment if any interfaces have been added; set to 0 ## if any interfaces have been changed or removed. removal has diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/Makefile.in new/dbus-1.14.8/dbus/Makefile.in --- old/dbus-1.14.6/dbus/Makefile.in 2023-02-08 13:04:30.000000000 +0100 +++ new/dbus-1.14.8/dbus/Makefile.in 2023-06-06 15:02:00.000000000 +0200 @@ -15,7 +15,7 @@ @SET_MAKE@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Wed Feb 8 12:04:21 GMT 2023 +# from AX_AM_MACROS_STATIC on Tue Jun 6 14:01:59 BST 2023 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-connection-internal.h new/dbus-1.14.8/dbus/dbus-connection-internal.h --- old/dbus-1.14.6/dbus/dbus-connection-internal.h 2023-01-30 10:57:39.000000000 +0100 +++ new/dbus-1.14.8/dbus/dbus-connection-internal.h 2023-06-06 15:00:36.000000000 +0200 @@ -55,6 +55,8 @@ DBusConnection * _dbus_connection_ref_unlocked (DBusConnection *connection); DBUS_PRIVATE_EXPORT void _dbus_connection_unref_unlocked (DBusConnection *connection); +DBUS_PRIVATE_EXPORT +dbus_uint32_t _dbus_connection_get_next_client_serial (DBusConnection *connection); void _dbus_connection_queue_received_message_link (DBusConnection *connection, DBusList *link); dbus_bool_t _dbus_connection_has_messages_to_send_unlocked (DBusConnection *connection); diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-connection.c new/dbus-1.14.8/dbus/dbus-connection.c --- old/dbus-1.14.6/dbus/dbus-connection.c 2023-01-30 10:57:39.000000000 +0100 +++ new/dbus-1.14.8/dbus/dbus-connection.c 2023-06-06 15:00:36.000000000 +0200 @@ -1459,7 +1459,16 @@ _dbus_connection_last_unref (connection); } -static dbus_uint32_t +/** + * Allocate and return the next non-zero serial number for outgoing messages. + * + * This method is only valid to call from single-threaded code, such as + * the dbus-daemon, or with the connection lock held. + * + * @param connection the connection + * @returns A suitable serial number for the next message to be sent on the connection. + */ +dbus_uint32_t _dbus_connection_get_next_client_serial (DBusConnection *connection) { dbus_uint32_t serial; diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-internals.h new/dbus-1.14.8/dbus/dbus-internals.h --- old/dbus-1.14.6/dbus/dbus-internals.h 2023-02-08 11:03:39.000000000 +0100 +++ new/dbus-1.14.8/dbus/dbus-internals.h 2023-06-06 11:36:49.000000000 +0200 @@ -104,7 +104,7 @@ DBUS_PRIVATE_EXPORT void _dbus_verbose_real (const char *file, const int line, const char *function, const char *format,...) _DBUS_GNUC_PRINTF (4, 5); -# define _dbus_verbose(fmt,...) _dbus_verbose_real( __FILE__,__LINE__,__FUNCTION__,fmt, ## __VA_ARGS__) +# define _dbus_verbose(fmt,...) _dbus_verbose_real( __FILE__,__LINE__,_DBUS_FUNCTION_NAME,fmt, ## __VA_ARGS__) #else DBUS_PRIVATE_EXPORT void _dbus_verbose_real (const char *format, diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-message.c new/dbus-1.14.8/dbus/dbus-message.c --- old/dbus-1.14.6/dbus/dbus-message.c 2023-01-30 10:57:39.000000000 +0100 +++ new/dbus-1.14.8/dbus/dbus-message.c 2023-06-06 11:36:49.000000000 +0200 @@ -2275,7 +2275,7 @@ { const DBusString *sig; DBusString retstr; - char *ret; + char *ret = NULL; int start, len; DBusMessageRealIter *real = (DBusMessageRealIter *)iter; @@ -2289,9 +2289,13 @@ if (!_dbus_string_append_len (&retstr, _dbus_string_get_const_data (sig) + start, len)) - return NULL; - if (!_dbus_string_steal_data (&retstr, &ret)) - return NULL; + goto oom; + + /* This is correct whether it succeeds or fails: on success it sets `ret`, + * and on failure it leaves `ret` set to NULL. */ + _dbus_string_steal_data (&retstr, &ret); + +oom: _dbus_string_free (&retstr); return ret; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-spawn-win.c new/dbus-1.14.8/dbus/dbus-spawn-win.c --- old/dbus-1.14.6/dbus/dbus-spawn-win.c 2022-10-02 16:06:53.000000000 +0200 +++ new/dbus-1.14.8/dbus/dbus-spawn-win.c 2023-06-06 11:36:49.000000000 +0200 @@ -5,7 +5,7 @@ #if !defined(SPAWN_DEBUG) || defined(_MSC_VER) #define PING() #else -#define PING() fprintf (stderr, "%s:%s:%d\n", __FILE__, __FUNCTION__, __LINE__); fflush (stderr) +#define PING() fprintf (stderr, "%s:%s:%d\n", __FILE__, _DBUS_FUNCTION_NAME, __LINE__); fflush (stderr) #endif #include <stdio.h> @@ -105,7 +105,7 @@ old_refcount = _dbus_atomic_inc (&sitter->refcount); - _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount+1, __FUNCTION__); + _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount+1, _DBUS_FUNCTION_NAME); sitter->child_handle = NULL; @@ -139,7 +139,7 @@ old_refcount = _dbus_atomic_inc (&sitter->refcount); _dbus_assert (old_refcount > 0); - _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount+1, __FUNCTION__); + _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount+1, _DBUS_FUNCTION_NAME); return sitter; } @@ -180,7 +180,7 @@ old_refcount = _dbus_atomic_dec (&sitter->refcount); _dbus_assert (old_refcount > 0); - _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount-1, __FUNCTION__); + _dbus_babysitter_trace_ref (sitter, old_refcount, old_refcount-1, _DBUS_FUNCTION_NAME); if (old_refcount == 1) { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/dbus/dbus-sysdeps-win.c new/dbus-1.14.8/dbus/dbus-sysdeps-win.c --- old/dbus-1.14.6/dbus/dbus-sysdeps-win.c 2022-10-02 16:06:53.000000000 +0200 +++ new/dbus-1.14.8/dbus/dbus-sysdeps-win.c 2023-06-06 11:36:49.000000000 +0200 @@ -1012,12 +1012,12 @@ psid = token_user->User.Sid; if (!IsValidSid (psid)) { - _dbus_verbose("%s invalid sid\n",__FUNCTION__); + _dbus_verbose("invalid sid\n"); goto failed; } if (!ConvertSidToStringSidA (psid, sid)) { - _dbus_verbose("%s invalid sid\n",__FUNCTION__); + _dbus_verbose("invalid sid\n"); goto failed; } //okay: diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/doc/dbus-api-design.duck new/dbus-1.14.8/doc/dbus-api-design.duck --- old/dbus-1.14.6/doc/dbus-api-design.duck 2022-10-02 16:06:53.000000000 +0200 +++ new/dbus-1.14.8/doc/dbus-api-design.duck 2023-06-06 11:36:49.000000000 +0200 @@ -320,7 +320,7 @@ --> <signal name="ProgressNotification"> <arg name="progress_message" type="s" /> - </method> + </signal> The progress should be reported as an enumerated value: [code style="valid" mime="application/xml"] @@ -335,7 +335,7 @@ --> <signal name="ProgressNotification"> <arg name="progress_state" type="u" /> - </method> + </signal> D-Bus has none of the problems of signed versus unsigned integers which C has (specifically, it does not do implicit sign conversion), so integer types should diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/test/Makefile.in new/dbus-1.14.8/test/Makefile.in --- old/dbus-1.14.6/test/Makefile.in 2023-02-08 13:04:39.000000000 +0100 +++ new/dbus-1.14.8/test/Makefile.in 2023-06-06 15:02:00.000000000 +0200 @@ -15,7 +15,7 @@ @SET_MAKE@ # aminclude_static.am generated automatically by Autoconf -# from AX_AM_MACROS_STATIC on Wed Feb 8 12:04:21 GMT 2023 +# from AX_AM_MACROS_STATIC on Tue Jun 6 14:01:59 BST 2023 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/test/data/valid-config-files/forbidding.conf.in new/dbus-1.14.8/test/data/valid-config-files/forbidding.conf.in --- old/dbus-1.14.6/test/data/valid-config-files/forbidding.conf.in 2022-02-23 15:39:11.000000000 +0100 +++ new/dbus-1.14.8/test/data/valid-config-files/forbidding.conf.in 2023-06-06 15:00:36.000000000 +0200 @@ -24,5 +24,8 @@ <allow send_interface="com.example.CannotUnicast2" send_broadcast="true"/> <deny receive_interface="com.example.CannotReceive"/> + + <!-- Used to reproduce dbus#457 --> + <deny receive_interface="org.freedesktop.DBus" receive_member="NameAcquired"/> </policy> </busconfig> diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/dbus-1.14.6/test/monitor.c new/dbus-1.14.8/test/monitor.c --- old/dbus-1.14.6/test/monitor.c 2023-01-30 10:57:39.000000000 +0100 +++ new/dbus-1.14.8/test/monitor.c 2023-06-06 15:00:36.000000000 +0200 @@ -157,6 +157,21 @@ TRUE }; +static dbus_bool_t +config_forbids_name_acquired_signal (const Config *config) +{ + if (config == NULL) + return FALSE; + + if (config->config_file == NULL) + return FALSE; + + if (strcmp (config->config_file, forbidding_config.config_file) == 0) + return TRUE; + + return FALSE; +} + static inline const char * not_null2 (const char *x, const char *fallback) @@ -198,6 +213,10 @@ not_null (dbus_message_get_signature (m))); g_test_message ("\terror name: %s", not_null (dbus_message_get_error_name (m))); + g_test_message ("\tserial number: %u", + dbus_message_get_serial (m)); + g_test_message ("\tin reply to: %u", + dbus_message_get_reply_serial (m)); if (strcmp ("s", dbus_message_get_signature (m)) == 0) { @@ -251,9 +270,6 @@ #define assert_name_acquired(m) \ do { \ - DBusError _e = DBUS_ERROR_INIT; \ - const char *_s; \ - \ g_assert_cmpstr (dbus_message_type_to_string (dbus_message_get_type (m)), \ ==, dbus_message_type_to_string (DBUS_MESSAGE_TYPE_SIGNAL)); \ g_assert_cmpstr (dbus_message_get_sender (m), ==, DBUS_SERVICE_DBUS); \ @@ -263,7 +279,14 @@ g_assert_cmpstr (dbus_message_get_signature (m), ==, "s"); \ g_assert_cmpint (dbus_message_get_serial (m), !=, 0); \ g_assert_cmpint (dbus_message_get_reply_serial (m), ==, 0); \ +} while (0) + +#define assert_unique_name_acquired(m) \ +do { \ + DBusError _e = DBUS_ERROR_INIT; \ + const char *_s; \ \ + assert_name_acquired (m); \ dbus_message_get_args (m, &_e, \ DBUS_TYPE_STRING, &_s, \ DBUS_TYPE_INVALID); \ @@ -331,6 +354,21 @@ g_assert_cmpint (dbus_message_get_reply_serial (m), !=, 0); \ } while (0) +/* forbidding.conf does not allow receiving NameAcquired, so if we are in + * that configuration, then dbus-daemon synthesizes an error reply to itself + * and sends that to monitors */ +#define expect_name_acquired_error(queue, in_reply_to) \ +do { \ + DBusMessage *message; \ + \ + message = g_queue_pop_head (queue); \ + assert_error_reply (message, DBUS_SERVICE_DBUS, DBUS_SERVICE_DBUS, \ + DBUS_ERROR_ACCESS_DENIED); \ + g_assert_cmpint (dbus_message_get_reply_serial (message), ==, \ + dbus_message_get_serial (in_reply_to)); \ + dbus_message_unref (message); \ +} while (0) + /* This is called after processing pending replies to our own method * calls, but before anything else. */ @@ -341,6 +379,9 @@ { Fixture *f = user_data; + g_test_message ("Monitor received message:"); + log_message (message); + g_assert_cmpstr (dbus_message_get_interface (message), !=, "com.example.Tedious"); @@ -722,6 +763,11 @@ test_assert_no_error (&f->e); g_assert_cmpint (ret, ==, DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER); + /* If the policy forbids receiving NameAcquired, then we'll never + * receive it, so behave as though we had */ + if (config_forbids_name_acquired_signal (f->config)) + got_unique = got_a = got_b = got_c = TRUE; + while (!got_unique || !got_a || !got_b || !got_c) { if (g_queue_is_empty (&f->monitored)) @@ -1373,6 +1419,7 @@ { DBusMessage *m; int res; + size_t n_expected; if (f->address == NULL) return; @@ -1388,7 +1435,12 @@ test_assert_no_error (&f->e); g_assert_cmpint (res, ==, DBUS_RELEASE_NAME_REPLY_RELEASED); - while (g_queue_get_length (&f->monitored) < 8) + n_expected = 8; + + if (config_forbids_name_acquired_signal (context)) + n_expected += 1; + + while (g_queue_get_length (&f->monitored) < n_expected) test_main_context_iterate (f->ctx, TRUE); m = g_queue_pop_head (&f->monitored); @@ -1401,10 +1453,12 @@ "NameOwnerChanged", "sss", NULL); dbus_message_unref (m); - /* FIXME: should we get this? */ m = g_queue_pop_head (&f->monitored); - assert_signal (m, DBUS_SERVICE_DBUS, DBUS_PATH_DBUS, DBUS_INTERFACE_DBUS, - "NameAcquired", "s", f->sender_name); + assert_name_acquired (m); + + if (config_forbids_name_acquired_signal (f->config)) + expect_name_acquired_error (&f->monitored, m); + dbus_message_unref (m); m = g_queue_pop_head (&f->monitored); @@ -1626,8 +1680,14 @@ expect_new_connection (Fixture *f) { DBusMessage *m; + size_t n_expected; - while (g_queue_get_length (&f->monitored) < 4) + n_expected = 4; + + if (config_forbids_name_acquired_signal (f->config)) + n_expected += 1; + + while (g_queue_get_length (&f->monitored) < n_expected) test_main_context_iterate (f->ctx, TRUE); m = g_queue_pop_head (&f->monitored); @@ -1644,7 +1704,11 @@ dbus_message_unref (m); m = g_queue_pop_head (&f->monitored); - assert_name_acquired (m); + assert_unique_name_acquired (m); + + if (config_forbids_name_acquired_signal (f->config)) + expect_name_acquired_error (&f->monitored, m); + dbus_message_unref (m); } @@ -1983,6 +2047,8 @@ setup, test_method_call, teardown); g_test_add ("/monitor/forbidden-method", Fixture, &forbidding_config, setup, test_forbidden_method_call, teardown); + g_test_add ("/monitor/forbidden-reply", Fixture, &forbidding_config, + setup, test_dbus_daemon, teardown); g_test_add ("/monitor/dbus-daemon", Fixture, NULL, setup, test_dbus_daemon, teardown); g_test_add ("/monitor/selective", Fixture, &selective_config,
