From fd44d4cbece5155e0e662ccd5874266f4b33c0bc Mon Sep 17 00:00:00 2001 From: cenhuilin Date: Mon, 3 Jun 2024 17:17:12 +0800 Subject: [PATCH] udisksctl Guard object lookup --- 0002-udisksctl-Guard-object-lookup.patch | 75 ++++++++++++++++++++++++ udisks2.spec | 6 +- 2 files changed, 80 insertions(+), 1 deletion(-) create mode 100644 0002-udisksctl-Guard-object-lookup.patch diff --git a/0002-udisksctl-Guard-object-lookup.patch b/0002-udisksctl-Guard-object-lookup.patch new file mode 100644 index 0000000..d037230 --- /dev/null +++ b/0002-udisksctl-Guard-object-lookup.patch @@ -0,0 +1,75 @@ +From ad83cfb26c2dd8d4532a634e105baaee76441c8f Mon Sep 17 00:00:00 2001 +From: Tomas Bzatek +Date: Mon, 3 Jun 2024 17:02:15 +0800 +Subject: [PATCH] udisksctl: Guard object lookup + +Added extra checks for object validity when looking up physical +device through a drive. Reproducible e.g. by calling 'power-off' +over a LUKS container. +--- + tools/udisksctl.c | 26 ++++++++++++++++++++++++++ + 1 file changed, 26 insertions(+) + +diff --git a/tools/udisksctl.c b/tools/udisksctl.c +index 7a5de65..349dca3 100644 +--- a/tools/udisksctl.c ++++ b/tools/udisksctl.c +@@ -2003,6 +2003,7 @@ handle_command_smart_simulate (gint *argc, + { + UDisksObject *block_object; + UDisksDrive *drive; ++ + block_object = lookup_object_by_device (opt_smart_simulate_device); + if (block_object == NULL) + { +@@ -2010,7 +2011,19 @@ handle_command_smart_simulate (gint *argc, + goto out; + } + drive = udisks_client_get_drive_for_block (client, udisks_object_peek_block (block_object)); ++ if (drive == NULL) ++ { ++ g_printerr ("Error looking up drive for device %s\n", opt_smart_simulate_device); ++ g_object_unref (block_object); ++ goto out; ++ } + object = (UDisksObject *) g_dbus_interface_dup_object (G_DBUS_INTERFACE (drive)); ++ if (object == NULL) ++ { ++ g_printerr ("Error looking up object for device %s\n", opt_smart_simulate_device); ++ g_object_unref (block_object); ++ goto out; ++ } + g_object_unref (block_object); + } + else +@@ -2244,6 +2257,7 @@ handle_command_power_off (gint *argc, + { + UDisksObject *block_object; + UDisksDrive *drive; ++ + block_object = lookup_object_by_device (opt_power_off_device); + if (block_object == NULL) + { +@@ -2251,7 +2265,19 @@ handle_command_power_off (gint *argc, + goto out; + } + drive = udisks_client_get_drive_for_block (client, udisks_object_peek_block (block_object)); ++ if (drive == NULL) ++ { ++ g_printerr ("Error looking up drive for device %s\n", opt_power_off_device); ++ g_object_unref (block_object); ++ goto out; ++ } + object = (UDisksObject *) g_dbus_interface_dup_object (G_DBUS_INTERFACE (drive)); ++ if (object == NULL) ++ { ++ g_printerr ("Error looking up object for device %s\n", opt_power_off_device); ++ g_object_unref (block_object); ++ goto out; ++ } + g_object_unref (block_object); + } + else +-- +2.33.0 + diff --git a/udisks2.spec b/udisks2.spec index 0346fd0..a0c9a75 100644 --- a/udisks2.spec +++ b/udisks2.spec @@ -58,12 +58,13 @@ Name: udisks2 Summary: Disk Manager Version: 2.9.4 -Release: 4 +Release: 5 License: GPL-2.0+ and LGPL-2.0+ Group: System Environment/Libraries URL: https://github.com/storaged-project/udisks Source0: https://github.com/storaged-project/udisks/releases/download/udisks-%{version}/udisks-%{version}.tar.bz2 Patch1: 0001-udiskslinuxmountoptions-Do-not-free-static-daemon-resources.patch +Patch2: 0002-udisksctl-Guard-object-lookup.patch BuildRequires: glib2-devel >= %{glib2_version} BuildRequires: gobject-introspection-devel >= %{gobject_introspection_version} @@ -436,6 +437,9 @@ udevadm trigger %endif %changelog +* Mon Jun 03 2024 cenhuilin - 2.9.4-5 +- udisksctl: Guard object lookup + * Tue Feb 21 2023 miaoguanqin - 2.9.4-4 - fix coredump while stop udisks2 -- Gitee