Skip to content

GitLab

Commit c359201a authored by David Zeuthen's avatar David Zeuthen
Browse files
Options

fix a grave bug where the wrong authorizations were returned 

We were modifying the 'uid' parameter in _authdb_get_auths_for_uid();
I bet that if we had unit tests this bug would have been caught
earlier...
parent ea4910e6
Hide whitespace changes
Inline Side-by-side
Showing with 42 additions and 32 deletions
src/polkit/polkit-authorization-db.c
View file @ c359201a
......@@ -253,7 +253,7 @@ _polkit_authorization_db_invalidate_cache (PolKitAuthorizationDB *authdb)
*/
static KitList *
_authdb_get_auths_for_uid (PolKitAuthorizationDB *authdb,
uid_t uid,
const uid_t uid,
PolKitError **error)
{
KitList *ret;
......@@ -306,41 +306,46 @@ _authdb_get_auths_for_uid (PolKitAuthorizationDB *authdb,
goto out;
}
len = strlen (standard_output);
/* parse one line at a time (modifies standard_output in place) */
n = 0;
while (n < len) {
off_t m;
char *line;
PolKitAuthorization *auth;
m = n;
while (m < len && standard_output[m] != '\0') {
if (standard_output[m] == '\n')
if (standard_output != NULL) {
uid_t uid2;
len = strlen (standard_output);
uid2 = uid;
/* parse one line at a time (modifies standard_output in place) */
n = 0;
while (n < len) {
off_t m;
char *line;
PolKitAuthorization *auth;
m = n;
while (m < len && standard_output[m] != '\0') {
if (standard_output[m] == '\n')
break;
m++;
}
/* check EOF */
if (standard_output[m] == '\0')
break;
m++;
}
/* check EOF */
if (standard_output[m] == '\0')
break;
standard_output[m] = '\0';
line = standard_output + n;
if (strlen (line) >= 2 && strncmp (line, "#uid=", 5) == 0) {
uid = (uid_t) atoi (line + 5);
}
if (strlen (line) >= 2 && line[0] != '#') {
auth = _polkit_authorization_new_for_uid (line, uid);
standard_output[m] = '\0';
line = standard_output + n;
if (strlen (line) >= 2 && strncmp (line, "#uid=", 5) == 0) {
uid2 = (uid_t) atoi (line + 5);
}
if (auth != NULL) {
ret = kit_list_prepend (ret, auth);
if (strlen (line) >= 2 && line[0] != '#') {
auth = _polkit_authorization_new_for_uid (line, uid2);
if (auth != NULL) {
ret = kit_list_prepend (ret, auth);
}
}
n = m + 1;
}
n = m + 1;
}
kit_hash_insert (authdb->uid_to_authlist, (void *) uid, ret);
......@@ -384,6 +389,11 @@ _internal_foreach (PolKitAuthorizationDB *authdb,
for (l = auths; l != NULL; l = l->next) {
PolKitAuthorization *auth = l->data;
//kit_warning ("%d: action_id=%s uid=%d",
// uid,
// polkit_authorization_get_action_id (auth),
// polkit_authorization_get_uid (auth));
if (action_id != NULL) {
if (strcmp (polkit_authorization_get_action_id (auth), action_id) != 0) {
continue;
......
Markdown is supported
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment