commit sddm for openSUSE:Factory

Sun, 24 Feb 2019 09:03:03 -0800 

Hello community,

here is the log from the commit of package sddm for openSUSE:Factory checked in 
at 2019-02-24 18:02:17
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/sddm (Old)
 and      /work/SRC/openSUSE:Factory/.sddm.new.28833 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Package is "sddm"

Sun Feb 24 18:02:17 2019 rev:44 rq:676938 version:0.18.0

Changes:
--------
--- /work/SRC/openSUSE:Factory/sddm/sddm.changes        2019-02-11 
21:18:52.875289558 +0100
+++ /work/SRC/openSUSE:Factory/.sddm.new.28833/sddm.changes     2019-02-24 
18:02:25.247794621 +0100
@@ -1,0 +2,6 @@
+Mon Feb 18 08:00:42 UTC 2019 - Fabian Vogt <[email protected]>
+
+- Add patch to fix reading garbage from getpwnam (boo#1125624):
+  * 0001-Use-C-scoping-for-handling-buffer-deletion.patch
+
+-------------------------------------------------------------------

New:
----
  0001-Use-C-scoping-for-handling-buffer-deletion.patch

++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++

Other differences:
------------------
++++++ sddm.spec ++++++
--- /var/tmp/diff_new_pack.vilvgx/_old  2019-02-24 18:02:25.987794369 +0100
+++ /var/tmp/diff_new_pack.vilvgx/_new  2019-02-24 18:02:25.991794368 +0100
@@ -31,6 +31,8 @@
 # Patch0-100: PATCH-FIX-UPSTREAM
 # Merged: https://github.com/sddm/sddm/pull/1062
 Patch0:         0001-Session-reuse-Only-consider-online-sessions.patch
+# No PR, committed directly
+Patch1:         0001-Use-C-scoping-for-handling-buffer-deletion.patch
 # Not merged yet: https://github.com/sddm/sddm/pull/997
 Patch50:        0001-Remove-suffix-for-Wayland-session.patch
 # Not merged yet: https://github.com/sddm/sddm/pull/1017

++++++ 0001-Use-C-scoping-for-handling-buffer-deletion.patch ++++++
>From 047ef56e5cfa757ebfcb03a248edad579564b5f3 Mon Sep 17 00:00:00 2001
From: David Edmundson <[email protected]>
Date: Thu, 7 Feb 2019 13:35:41 +0000
Subject: [PATCH] Use C++ scoping for handling buffer deletion

---
 src/helper/UserSession.cpp | 17 +++++------------
 1 file changed, 5 insertions(+), 12 deletions(-)

diff --git a/src/helper/UserSession.cpp b/src/helper/UserSession.cpp
index d4fd2cf..b3aec35 100644
--- a/src/helper/UserSession.cpp
+++ b/src/helper/UserSession.cpp
@@ -135,21 +135,19 @@ namespace SDDM {
         long bufsize = sysconf(_SC_GETPW_R_SIZE_MAX);
         if (bufsize == -1)
             bufsize = 16384;
-        char *buffer = (char *)malloc(bufsize);
-        if (buffer == NULL)
+        QScopedPointer<char, QScopedPointerPodDeleter> 
buffer(static_cast<char*>(malloc(bufsize)));
+        if (buffer.isNull())
             exit(Auth::HELPER_OTHER_ERROR);
-        int err = getpwnam_r(username.constData(), &pw, buffer, bufsize, &rpw);
+        int err = getpwnam_r(username.constData(), &pw, buffer.data(), 
bufsize, &rpw);
         if (rpw == NULL) {
             if (err == 0)
                 qCritical() << "getpwnam_r(" << username << ") username not 
found!";
             else
                 qCritical() << "getpwnam_r(" << username << ") failed with 
error: " << strerror(err);
-            free(buffer);
             exit(Auth::HELPER_OTHER_ERROR);
         }
         if (setgid(pw.pw_gid) != 0) {
             qCritical() << "setgid(" << pw.pw_gid << ") failed for user: " << 
username;
-            free(buffer);
             exit(Auth::HELPER_OTHER_ERROR);
         }
 
@@ -181,7 +179,6 @@ namespace SDDM {
                                               &n_user_groups)) == -1 ) {
                 qCritical() << "getgrouplist(" << username << ", " << pw.pw_gid
                             << ") failed";
-                free(buffer);
                 exit(Auth::HELPER_OTHER_ERROR);
             }
         }
@@ -198,7 +195,6 @@ namespace SDDM {
             // setgroups(2) handles duplicate groups
             if (setgroups(n_groups, groups) != 0) {
                 qCritical() << "setgroups() failed for user: " << username;
-                free(buffer);
                 exit (Auth::HELPER_OTHER_ERROR);
             }
             delete[] groups;
@@ -210,7 +206,6 @@ namespace SDDM {
 
         if (initgroups(pw.pw_name, pw.pw_gid) != 0) {
             qCritical() << "initgroups(" << pw.pw_name << ", " << pw.pw_gid << 
") failed for user: " << username;
-            free(buffer);
             exit(Auth::HELPER_OTHER_ERROR);
         }
 
@@ -218,23 +213,21 @@ namespace SDDM {
 
         if (setuid(pw.pw_uid) != 0) {
             qCritical() << "setuid(" << pw.pw_uid << ") failed for user: " << 
username;
-            free(buffer);
             exit(Auth::HELPER_OTHER_ERROR);
         }
         if (chdir(pw.pw_dir) != 0) {
             qCritical() << "chdir(" << pw.pw_dir << ") failed for user: " << 
username;
             qCritical() << "verify directory exist and has sufficient 
permissions";
-            free(buffer);
             exit(Auth::HELPER_OTHER_ERROR);
         }
-        free(buffer);
+        const QString homeDir = QString::fromLocal8Bit(pw.pw_dir);
 
         //we cannot use setStandardError file as this code is run in the child 
process
         //we want to redirect after we setuid so that the log file is owned by 
the user
 
         // determine stderr log file based on session type
         QString sessionLog = QStringLiteral("%1/%2")
-                .arg(QString::fromLocal8Bit(pw.pw_dir))
+                .arg(homeDir)
                 .arg(sessionType == QLatin1String("x11")
                      ? mainConfig.X11.SessionLogFile.get()
                      : mainConfig.Wayland.SessionLogFile.get());
-- 
2.20.1

Reply via email to