Commit 2aa65581 authored by Simon McVittie's avatar Simon McVittie

Imported Upstream version 1.8.4

parent 56b80e48
D-Bus 1.8.4 (2014-06-10)
==
Security fix:
• Alban Crequy at Collabora Ltd. discovered and fixed a denial-of-service
flaw in dbus-daemon, part of the reference implementation of D-Bus.
Additionally, in highly unusual environments the same flaw could lead to
a side channel between processes that should not be able to communicate.
(CVE-2014-3477, fd.o #78979)
D-Bus 1.8.2 (2014-04-30)
==
......
......@@ -1162,14 +1162,11 @@ bus_activation_service_created (BusActivation *activation,
dbus_bool_t
bus_activation_send_pending_auto_activation_messages (BusActivation *activation,
BusService *service,
BusTransaction *transaction,
DBusError *error)
BusTransaction *transaction)
{
BusPendingActivation *pending_activation;
DBusList *link;
_DBUS_ASSERT_ERROR_IS_CLEAR (error);
/* Check if it's a pending activation */
pending_activation = _dbus_hash_table_lookup_string (activation->pending_activations,
bus_service_get_name (service));
......@@ -1186,6 +1183,9 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation
if (entry->auto_activation && (entry->connection == NULL || dbus_connection_get_is_connected (entry->connection)))
{
DBusConnection *addressed_recipient;
DBusError error;
dbus_error_init (&error);
addressed_recipient = bus_service_get_primary_owners_connection (service);
......@@ -1193,8 +1193,22 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation
if (!bus_dispatch_matches (transaction,
entry->connection,
addressed_recipient,
entry->activation_message, error))
goto error;
entry->activation_message, &error))
{
/* If permission is denied, we just want to return the error
* to the original method invoker; in particular, we don't
* want to make the RequestName call fail with that error
* (see fd.o #78979, CVE-2014-3477). */
if (!bus_transaction_send_error_reply (transaction, entry->connection,
&error, entry->activation_message))
{
bus_connection_send_oom_error (entry->connection,
entry->activation_message);
}
link = next;
continue;
}
}
link = next;
......@@ -1203,7 +1217,6 @@ bus_activation_send_pending_auto_activation_messages (BusActivation *activation
if (!add_restore_pending_to_transaction (transaction, pending_activation))
{
_dbus_verbose ("Could not add cancel hook to transaction to revert removing pending activation\n");
BUS_SET_OOM (error);
goto error;
}
......
......@@ -62,8 +62,7 @@ dbus_bool_t dbus_activation_systemd_failure (BusActivation *activation,
dbus_bool_t bus_activation_send_pending_auto_activation_messages (BusActivation *activation,
BusService *service,
BusTransaction *transaction,
DBusError *error);
BusTransaction *transaction);
#endif /* BUS_ACTIVATION_H */
......@@ -588,8 +588,9 @@ bus_registry_acquire_service (BusRegistry *registry,
activation = bus_context_get_activation (registry->context);
retval = bus_activation_send_pending_auto_activation_messages (activation,
service,
transaction,
error);
transaction);
if (!retval)
BUS_SET_OOM (error);
out:
return retval;
......
#! /bin/sh
# Guess values for system-dependent variables and create Makefiles.
# Generated by GNU Autoconf 2.69 for dbus 1.8.2.
# Generated by GNU Autoconf 2.69 for dbus 1.8.4.
#
# Report bugs to <https://bugs.freedesktop.org/enter_bug.cgi?product=dbus>.
#
......@@ -591,8 +591,8 @@ MAKEFLAGS=
# Identity of this package.
PACKAGE_NAME='dbus'
PACKAGE_TARNAME='dbus'
PACKAGE_VERSION='1.8.2'
PACKAGE_STRING='dbus 1.8.2'
PACKAGE_VERSION='1.8.4'
PACKAGE_STRING='dbus 1.8.4'
PACKAGE_BUGREPORT='https://bugs.freedesktop.org/enter_bug.cgi?product=dbus'
PACKAGE_URL=''
......@@ -1512,7 +1512,7 @@ if test "$ac_init_help" = "long"; then
# Omit some internal or obsolete options to make the list less imposing.
# This message is too long to be a string in the A/UX 3.1 sh.
cat <<_ACEOF
\`configure' configures dbus 1.8.2 to adapt to many kinds of systems.
\`configure' configures dbus 1.8.4 to adapt to many kinds of systems.
Usage: $0 [OPTION]... [VAR=VALUE]...
......@@ -1586,7 +1586,7 @@ fi
if test -n "$ac_init_help"; then
case $ac_init_help in
short | recursive ) echo "Configuration of dbus 1.8.2:";;
short | recursive ) echo "Configuration of dbus 1.8.4:";;
esac
cat <<\_ACEOF
......@@ -1783,7 +1783,7 @@ fi
test -n "$ac_init_help" && exit $ac_status
if $ac_init_version; then
cat <<\_ACEOF
dbus configure 1.8.2
dbus configure 1.8.4
generated by GNU Autoconf 2.69
Copyright (C) 2012 Free Software Foundation, Inc.
......@@ -2502,7 +2502,7 @@ cat >config.log <<_ACEOF
This file contains any messages produced by compilers while
running configure, to aid debugging if configure makes a mistake.
It was created by dbus $as_me 1.8.2, which was
It was created by dbus $as_me 1.8.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
$ $0 $@
......@@ -3442,7 +3442,7 @@ fi
# Define the identity of the package.
PACKAGE='dbus'
VERSION='1.8.2'
VERSION='1.8.4'
cat >>confdefs.h <<_ACEOF
......@@ -3742,7 +3742,7 @@ LT_CURRENT=11
## increment any time the source changes; set to
## 0 if you increment CURRENT
LT_REVISION=4
LT_REVISION=5
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
......@@ -3755,8 +3755,8 @@ LT_AGE=8
DBUS_MAJOR_VERSION=1
DBUS_MINOR_VERSION=8
DBUS_MICRO_VERSION=2
DBUS_VERSION=1.8.2
DBUS_MICRO_VERSION=4
DBUS_VERSION=1.8.4
......@@ -23266,7 +23266,7 @@ cat >>$CONFIG_STATUS <<\_ACEOF || ac_write_fail=1
# report actual input values of CONFIG_FILES etc. instead of their
# values after options handling.
ac_log="
This file was extended by dbus $as_me 1.8.2, which was
This file was extended by dbus $as_me 1.8.4, which was
generated by GNU Autoconf 2.69. Invocation command line was
CONFIG_FILES = $CONFIG_FILES
......@@ -23332,7 +23332,7 @@ _ACEOF
cat >>$CONFIG_STATUS <<_ACEOF || ac_write_fail=1
ac_cs_config="`$as_echo "$ac_configure_args" | sed 's/^ //; s/[\\""\`\$]/\\\\&/g'`"
ac_cs_version="\\
dbus config.status 1.8.2
dbus config.status 1.8.4
configured by $0, generated by GNU Autoconf 2.69,
with options \\"\$ac_cs_config\\"
......
......@@ -3,7 +3,7 @@ AC_PREREQ([2.63])
m4_define([dbus_major_version], [1])
m4_define([dbus_minor_version], [8])
m4_define([dbus_micro_version], [2])
m4_define([dbus_micro_version], [4])
m4_define([dbus_version],
[dbus_major_version.dbus_minor_version.dbus_micro_version])
AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?product=dbus],[dbus])
......@@ -37,7 +37,7 @@ LT_CURRENT=11
## increment any time the source changes; set to
## 0 if you increment CURRENT
LT_REVISION=4
LT_REVISION=5
## increment if any interfaces have been added; set to 0
## if any interfaces have been changed or removed. removal has
......
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment