GitLab

4.5 years after it was implemented, here is the regression test.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=57952
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Now we can actually notice incorrect format strings in other
translation units.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Unlike the initial mitigation for CVE-2014-8148, we now allow
uid 0 to call UpdateActivationEnvironment. There's no point in root
doing that, but there's also no reason why it's particularly bad -
if an attacker is uid 0 we've already lost - and it simplifies
use of this function for future things that do want to be callable
by root, like BecomeMonitor for #46787.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

This is technical debt from mitigating CVE-2014-8148, which should
really have had a regression test at the time.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

We run each test twice:

* once with the system's session.conf, as an integration test
  (test-cases that need a special configuration are automatically
  skipped)
* once with our special test configuration files, which provide better
  coverage

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

This means we can generate a version that works when installed,
from the same source files.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

In the process, make test_kill_pid() safer: do not try to terminate
more than one pid, or the NULL handle.

Also stop leaking the address_fd in spawn_dbus_daemon, a pre-existing
bug that was spotted by Philip Withnall during review.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

This is for g_close(), which the next commit will use. It also lets us
rely on g_type_init() being a no-op (since 2.32 the type system is
always initialized by a global constructor).

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88810
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88943Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

It seems lcov (or gcc?) has changed its paths since last time this
worked.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall

It has been supported since at least 1.10, and its absence is
deprecated since 1.14.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88808
Reviewed-by: Philip Withnall

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

This fix is required to support at least ipv4 tcp support calling
_dbus_listen_tcp_socket() without family.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87999Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88087Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

pygobject 2 is obsolete and unmaintained, and anyway this is for
optional functionality (full regression test coverage) rather than
anything that will be needed in production builds.
Signed-off-by: Simon McVittie <simon.mcvittie@collabora.co.uk>
Bug: https://bugs.freedesktop.org/show_bug.cgi?id=85969

Otherwise, we get:
dbus/dbus-object-tree.c:323:1: error: 'find_subtree' defined but not used [-Werror=unused-function]

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=87837Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88089

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88089

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88087

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88088

Conflicts:
	NEWS
	configure.ac

dbus-1.9.6

Conflicts:
	NEWS
	configure.ac

dbus-1.8.14

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88010Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

Conflicts:
	NEWS
	configure.ac

We need to include 'test' subdir in any case not only when using glib.

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=88009Reviewed-by: Simon McVittie <simon.mcvittie@collabora.co.uk>

Bug: https://bugs.freedesktop.org/show_bug.cgi?id=71297Reviewed-by: Ralf Habacker <ralf.habacker@freenet.de>

Conflicts:
	NEWS
	configure.ac
	test/dbus-daemon.c

These function calls are not a privilege escalation risk like
UpdateActivationEnvironment, but they might provide sensitive
information or be enhanced to provide sensitive information
in future, so the default system.conf locks them down to root-only.
Apply the same canonical-object-path hardening as for
UpdateActivationEnvironment.

We do not apply the uid check here because they are less dangerous
than UpdateActivationEnvironment, and because the ability to unlock
these function calls for specific uids is a documented configuration
for developers.
Reviewed-by: Thiago Macieira <thiago@kde.org>
[added missing #include; extended commit message -smcv]

Reviewed-by: Thiago Macieira <thiago@kde.org>