← Back to branch summary

~ubuntu-branches/ubuntu/feisty/dbus/feisty-security

« back to all changes in this revision

Viewing changes to debian/patches/82-NULL-policy-bypass.patch

  • Committer: Bazaar Package Importer
  • Author(s): Kees Cook
  • Date: 2008-10-13 19:48:09 UTC
  • mfrom: (42.1.1 feisty-proposed)
  • Revision ID: james.westby@ubuntu.com-20081013194809-ftswg06eb1b6t3xo
Tags: 1.0.2-1ubuntu4.2
* SECURITY UPDATE: policy bypass with NULL interfaces.
  - Add 82-NULL-policy-bypass.patch: upstream fixes.
  - CVE-2008-0595
* SECURITY UPDATE: application crash via corrupt signatures.
  - Add 83-signature-validation.patch: upstream fixes.
  - CVE-2008-3834

Show diffs side-by-side

added added

removed removed

Lines of Context:
debian/patches/82-NULL-policy-bypass.patch
 
1
diff -Nur -x '*.orig' -x '*~' dbus-1.0.2/bus/policy.c dbus-1.0.2.new/bus/policy.c
 
2
--- dbus-1.0.2/bus/policy.c     2006-12-11 11:21:22.000000000 -0800
 
3
+++ dbus-1.0.2.new/bus/policy.c 2008-10-13 19:12:53.000000000 -0700
 
4
@@ -931,9 +931,19 @@
 
5
       
 
6
       if (rule->d.send.interface != NULL)
 
7
         {
 
8
-          if (dbus_message_get_interface (message) != NULL &&
 
9
-              strcmp (dbus_message_get_interface (message),
 
10
-                      rule->d.send.interface) != 0)
 
11
+          /* The interface is optional in messages. For allow rules, if the message
 
12
+           * has no interface we want to skip the rule (and thus not allow);
 
13
+           * for deny rules, if the message has no interface we want to use the
 
14
+           * rule (and thus deny).
 
15
+           */
 
16
+          dbus_bool_t no_interface;
 
17
+
 
18
+          no_interface = dbus_message_get_interface (message) == NULL;
 
19
+          
 
20
+          if ((no_interface && rule->allow) ||
 
21
+              (!no_interface && 
 
22
+               strcmp (dbus_message_get_interface (message),
 
23
+                       rule->d.send.interface) != 0))
 
24
             {
 
25
               _dbus_verbose ("  (policy) skipping rule for different interface\n");
 
26
               continue;
 
27
@@ -1117,9 +1127,19 @@
 
28
       
 
29
       if (rule->d.receive.interface != NULL)
 
30
         {
 
31
-          if (dbus_message_get_interface (message) != NULL &&
 
32
-              strcmp (dbus_message_get_interface (message),
 
33
-                      rule->d.receive.interface) != 0)
 
34
+          /* The interface is optional in messages. For allow rules, if the message
 
35
+           * has no interface we want to skip the rule (and thus not allow);
 
36
+           * for deny rules, if the message has no interface we want to use the
 
37
+           * rule (and thus deny).
 
38
+           */
 
39
+          dbus_bool_t no_interface;
 
40
+
 
41
+          no_interface = dbus_message_get_interface (message) == NULL;
 
42
+          
 
43
+          if ((no_interface && rule->allow) ||
 
44
+              (!no_interface &&
 
45
+               strcmp (dbus_message_get_interface (message),
 
46
+                       rule->d.receive.interface) != 0))
 
47
             {
 
48
               _dbus_verbose ("  (policy) skipping rule for different interface\n");
 
49
               continue;