- 29 Nov, 2016 9 commits
-
-
Simon McVittie authored
set -u forces us to set all variables that we use (for example with the ${foo:=bar} syntax to take an existing value or set a default), or use the ${foo:-bar} syntax to make it explicit that the variable might be unset. set -o pipefail (which is a bash feature) detects failure in non-last elements of a pipeline. Signed-off-by:Simon McVittie <simon.mcvittie@collabora.co.uk> Reviewed-by:
Philip Withnall <philip.withnall@collabora.co.uk> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98889
-
Simon McVittie authored
Signed-off-by:
-
Simon McVittie authored
This aligns it with the more generic script based on this one that I sent to OSTree. Signed-off-by:
-
Simon McVittie authored
This realigns it with the script loosely based on this one that I sent to OSTree. Signed-off-by:
-
Simon McVittie authored
Signed-off-by:
-
Simon McVittie authored
This avoids confusion with the meaning of "release" used by AX_IS_RELEASE. AX_IS_RELEASE is about facts about the source tree, namely the distinction between releases (tags) and random snapshots. The build variants in .travis.yml are about facts about the build being done, namely the distinction between production and debug/developer builds. Production builds are sometimes referred to as "release builds", for example in typical CMake and MSVC build environments, but a different term seems better here. Signed-off-by:
Simon McVittie <smcv@debian.org> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97357 [smcv: cherry-picked from master to dbus-1.10 to get the Travis-CI setup consistent between the two branches]
-
Simon McVittie authored
This way the link won't expire in future. Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
Signed-off-by:
-
- 28 Nov, 2016 5 commits
-
-
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
We are not going to fix the inconsistent tab/space indentation in a stable branch just to keep gcc happy. Signed-off-by: -
Simon McVittie authored
This is a workaround for <https://bugs.freedesktop.org/show_bug.cgi?id=95263>. If a service sends a file descriptor sufficiently frequently that its queue of messages never goes down to 0 fds pending, then it will eventually be disconnected. logind is one such service. We do not currently have a good solution for this: the proposed patches either don't work, or reintroduce a denial of service security vulnerability (CVE-2014-3637). Neither seems desirable. However, we can avoid the worst symptoms by trusting uid 0 not to be malicious. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=95263 Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/systemd/+bug/1591411 Reviewed-by: Łukasz Zemczak Tested-by: Ivan Kozik Tested-by: Finn Herpich Tested-by: autostatic Tested-by: Ben Parafina Signed-off-by:
-
Simon McVittie authored
This is either a denial-of-service attempt, a pathological performance problem or a dbus-daemon bug. Sysadmins should be told about any of these. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=86442 [smcv: add units to timeout: it is in milliseconds] Signed-off-by:
-
- 22 Nov, 2016 4 commits
-
-
Simon McVittie authored
This avoids installing the build-dependencies for dbus and its tests, then uninstalling them all because they rely on libraries whose versions are older than the ones needed by wine:i386 (and apparently apt prefers to remove those libraries rather than upgrade them). Doing it this way round seems to convince apt to do the right thing. Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
Signed-off-by:
-
- 10 Oct, 2016 5 commits
-
-
Simon McVittie authored
-
Simon McVittie authored
We're not going to replace deprecated functions here. Signed-off-by:
Colin Walters <walters@verbum.org> Bug: https://bugs.freedesktop.org/show_bug.cgi?id=98157
-
Simon McVittie authored
This isn't security-related, just defensive programming: if dbus-daemon wasn't run with --systemd-activation, then there is no reason why systemd would legitimately send us this signal, and if it does we should just ignore it. Signed-off-by:
-
Simon McVittie authored
Specifically, this will allow ActivationFailure messages from our own uid or from root, but reject them otherwise, even if the bus configuration for who can own org.freedesktop.systemd1 is entirely wrong due to something like CVE-2014-8148. Signed-off-by:
-
Simon McVittie authored
In principle this could lead to arbitrary memory overwrite via a format string attack in the message received from systemd, resulting in arbitrary code execution. This is not believed to be an exploitable security vulnerability on the system bus in practice: it can only be exploited by the owner of the org.freedesktop.systemd1 bus name, which is restricted to uid 0, so if systemd is attacker-controlled then the system is already doomed. Similarly, if a systemd system unit mentioned in the activation failure message has an attacker-controlled name, then the attacker likely already has sufficient access to execute arbitrary code as root in any case. However, prior to dbus 1.8.16 and 1.9.10, due to a missing check for systemd's identity, unprivileged processes could forge activation failure messages which would have gone through this code path. We thought at the time that this was a denial of service vulnerability (CVE-2015-0245); this bug means that it was in fact potentially an arbitrary code execution vulnerability. Bug found using -Wsuggest-attribute=format and -Wformat-security. Signed-off-by:
-
- 04 Oct, 2016 2 commits
-
-
Simon McVittie authored
-
Marc Mutz authored
The const void* 'value' pointer that is passed the address of a uint32_t here eventually ends up in _dbus_marshal_write_basic(), which casts it to a DBusBasicValue, a union type that has an alignment of eight on 64-bit platforms and is therefore more-aligned than the uint32. The read of a value of a more-aligned type through a pointer to a less -aligned type is undefined behaviour. Fix by storing the uint32 in a DBusBasicValue and passing that instead. Found by UBSan: dbus/dbus/dbus-marshal-basic.c:832:14: runtime error: member access within misaligned address 0x7fdb8dac3a04 for type 'const union DBusBasicValue', which requires 8 byte alignment 0x7fdb8dac3a04: note: pointer points here 4a 87 b5 71 01 00 00 00 40 7d 01 00 00 61 00 00 10 3b ac 8d db 7f 00 00 2c 2a 3e 94 db 7f 00 00 ^ #0 0x7fdb9444a2c3 in _dbus_marshal_write_basic dbus/dbus/dbus-marshal-basic.c:832 #1 0x7fdb943d22fb in _dbus_type_writer_write_basic_no_typecode dbus/dbus/dbus-marshal-recursive.c:1605 #2 0x7fdb943d64e9 in _dbus_type_writer_write_basic dbus/dbus/dbus-marshal-recursive.c:2327 #3 0x7fdb943c52a6 in write_basic_field dbus/dbus/dbus-marshal-header.c:318 #4 0x7fdb943c919e in _dbus_header_set_field_basic dbus/dbus/dbus-marshal-header.c:1321 #5 0x7fdb943e1349 in dbus_message_set_reply_serial dbus/dbus/dbus-message.c:1173 Signed-off-by:Marc Mutz <marc@kdab.net> Reviewed-by:
-
- 03 Oct, 2016 2 commits
-
-
Simon McVittie authored
-
Simon McVittie authored
Signed-off-by:
-
- 15 Aug, 2016 2 commits
-
-
Simon McVittie authored
-
Simon McVittie authored
Signed-off-by:
-
- 12 Aug, 2016 10 commits
-
-
Simon McVittie authored
[Modified for the dbus-1.10 branch: DBUS_USE_TEST_BINARY is needed.] Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
Signed-off-by: -
Simon McVittie authored
[Modified for the dbus-1.10 branch: DBUS_USE_TEST_BINARY is needed.] Signed-off-by: -
Simon McVittie authored
[Modified for the dbus-1.10 branch: DBUS_USE_TEST_BINARY is needed.] Signed-off-by: -
Simon McVittie authored
In Debian bug <https://bugs.debian.org/829348>, lightdm appears to have been starting dbus-launch with at least one of the three standard fds 0, 1, 2 (stdin, stdout, stderr) closed. This resulted in the dbus-daemon's epoll_create1() returning a fd less than 3. Later, _dbus_become_daemon() replaces fds 0-2 with /dev/null. As a result, a subsequent call to _dbus_loop_add_watch() for the reload pipe resulted in calling epoll_ctl on the non-epoll fd pointing to /dev/null, which fails with EINVAL, resulting in the dbus-daemon exiting unsuccessfully. Unix programs are not normally expected to behave correctly when launched with the standard fds not already open; but at the same time, X11 autolaunching means that dbus-launch (and hence the dbus-daemon) can get started from an arbitrarily precarious situation. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97008Signed-off-by:
Thiago Macieira <thiago@kde.org> (cherry picked from commit c8f73a2a)
-
Simon McVittie authored
This function opens stdin, stdout, stderr pointing to /dev/null if they aren't already open. Optionally, it can also replace whatever is available on those fds with /dev/null. To allow for use in contexts where only async-signal-safe functions should be used, such as between fork() and a following exec(), this function does not use conventional libdbus error handling (which would require malloc). Instead, it sets errno and returns an explanatory string. Bug: https://bugs.freedesktop.org/show_bug.cgi?id=97008Signed-off-by:
-
Simon McVittie authored
-
Simon McVittie authored
It should probably be used (see #97298) but the fact that it isn't is breaking compatibility with gcc 6, so apply a quick workaround while we look into what's wrong here. Signed-off-by:
-
Simon McVittie authored
If dbus-daemon or systemd replied to our method call with an error, we would report it as "invalid arguments" instead of the true error name and message. Same root cause as <https://bugs.freedesktop.org/show_bug.cgi?id=96653>. Signed-off-by:
-
- 29 Jul, 2016 1 commit
-
-
Simon McVittie authored
-
