diff options
author | Pacho Ramos <pacho@gentoo.org> | 2023-02-11 09:19:41 +0100 |
---|---|---|
committer | Pacho Ramos <pacho@gentoo.org> | 2023-02-11 09:21:51 +0100 |
commit | 781974523e0ffd324258a2db97100c5594ac8f57 (patch) | |
tree | 26610309a1a147fce4a69ae6aed47a26ee9f1773 /net-libs/rest/files | |
parent | profiles: last-rite unused java libraries (diff) | |
download | gentoo-781974523e0ffd324258a2db97100c5594ac8f57.tar.gz gentoo-781974523e0ffd324258a2db97100c5594ac8f57.tar.bz2 gentoo-781974523e0ffd324258a2db97100c5594ac8f57.zip |
net-libs/rest: Fix some crash paths exposed by the libsoup3 port
Fixes were submitted months ago to upstream but it is pretty unresponsive,
they are being used for a long time in Fedora without issues.
Signed-off-by: Pacho Ramos <pacho@gentoo.org>
Diffstat (limited to 'net-libs/rest/files')
-rw-r--r-- | net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch | 40 | ||||
-rw-r--r-- | net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch | 52 |
2 files changed, 92 insertions, 0 deletions
diff --git a/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch b/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch new file mode 100644 index 000000000000..14e41ba17174 --- /dev/null +++ b/net-libs/rest/files/0001-rest_proxy_call_sync-bail-out-if-no-payload.patch @@ -0,0 +1,40 @@ +From fbad64abe28a96f591a30e3a5d3189c10172a414 Mon Sep 17 00:00:00 2001 +From: Adam Williamson <awilliam@redhat.com> +Date: Tue, 30 Aug 2022 10:03:57 -0700 +Subject: [PATCH 1/2] rest_proxy_call_sync: bail out if no payload + +goa-daemon is crashing on suspend/resume with a traceback that +points here: it calls rest_proxy_call_sync, that calls +_rest_proxy_send_message, assumes it gets a `payload` back, +and calls `finish_call` with it. However, it's not actually +guaranteed that `_rest_proxy_send_message` will return a payload +(a `GBytes`). There are three ways it can return `NULL` instead: +if it's passed a wrong proxy or message, or - when built against +libsoup3 - if there is an error sending the message (it passes +through the return value of `soup_session_send_and_read`, and +that's documented to be `NULL` on error). + +If `payload` comes back `NULL`, let's just return `FALSE`, like +we do if there's a problem with the call or message. + +Signed-off-by: Adam Williamson <awilliam@redhat.com> +--- + rest/rest-proxy-call.c | 2 ++ + 1 file changed, 2 insertions(+) + +diff --git a/rest/rest-proxy-call.c b/rest/rest-proxy-call.c +index 851b397..07b8b49 100644 +--- a/rest/rest-proxy-call.c ++++ b/rest/rest-proxy-call.c +@@ -1428,6 +1428,8 @@ rest_proxy_call_sync (RestProxyCall *call, + return FALSE; + + payload = _rest_proxy_send_message (priv->proxy, message, priv->cancellable, error_out); ++ if (!payload) ++ return FALSE; + + ret = finish_call (call, message, payload, error_out); + +-- +2.37.1 + diff --git a/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch b/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch new file mode 100644 index 000000000000..f437c7d9e74d --- /dev/null +++ b/net-libs/rest/files/0002-Handle-some-potential-problems-in-parsing-oauth2-acc.patch @@ -0,0 +1,52 @@ +From 49c2d0ac00b959ce53cc00ca4e7758c21085722f Mon Sep 17 00:00:00 2001 +From: Adam Williamson <awilliam@redhat.com> +Date: Tue, 30 Aug 2022 10:59:01 -0700 +Subject: [PATCH 2/2] Handle some potential problems in parsing oauth2 access + tokens + +It's possible for `_rest_proxy_send_message` to return `NULL`, +which would mean the `payload` here would be `NULL`. If so, +we're not going to be able to do anything, so we should just +bail out. + +It's also possible for `json_parser_load_from_data` to return +`FALSE` without setting an error. The most obvious way would be +if `data` was `NULL`, which the bailout avoids, but it could +also happen if we pass an invalid parser somehow. Let's just +handle that too, to be safe. + +Signed-off-by: Adam Williamson <awilliam@redhat.com> +--- + rest/rest-oauth2-proxy.c | 5 ++++- + 1 file changed, 4 insertions(+), 1 deletion(-) + +diff --git a/rest/rest-oauth2-proxy.c b/rest/rest-oauth2-proxy.c +index 9511f97..a715b2b 100644 +--- a/rest/rest-oauth2-proxy.c ++++ b/rest/rest-oauth2-proxy.c +@@ -68,18 +68,21 @@ rest_oauth2_proxy_parse_access_token (RestOAuth2Proxy *self, + gsize size; + gint expires_in; + gint created_at; ++ gboolean ret; + + g_return_if_fail (REST_IS_OAUTH2_PROXY (self)); ++ g_return_if_fail (payload); + + data = g_bytes_get_data (payload, &size); + + parser = json_parser_new (); +- json_parser_load_from_data (parser, data, size, &error); ++ ret = json_parser_load_from_data (parser, data, size, &error); + if (error != NULL) + { + g_task_return_error (task, error); + return; + } ++ g_return_if_fail (ret); + + root = json_parser_get_root (parser); + root_object = json_node_get_object (root); +-- +2.37.1 + |