Skip to content

Commit

Permalink
archrelease: copy trunk to extra-i686, extra-x86_64
Browse files Browse the repository at this point in the history
git-svn-id: file:///srv/repos/svn-packages/svn@199022 eb2447ed-0c53-47e4-bac8-5bc4a241df78
  • Loading branch information
jgc committed Nov 6, 2013
1 parent cd6e53a commit 09fea33
Show file tree
Hide file tree
Showing 4 changed files with 114 additions and 6 deletions.
13 changes: 10 additions & 3 deletions accountsservice/repos/extra-i686/PKGBUILD
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,22 @@

pkgname=accountsservice
pkgver=0.6.35
pkgrel=1
pkgrel=2
pkgdesc="D-Bus interface for user account query and manipulation"
arch=(i686 x86_64)
url="http://www.freedesktop.org/software/accountsservice/"
license=('GPL3')
depends=('glib2' 'polkit' 'systemd')
makedepends=('intltool' 'gobject-introspection')
source=($url/$pkgname-$pkgver.tar.xz)
md5sums=('3a81133e95faafb603de4475802cb06a')
source=($url/$pkgname-$pkgver.tar.xz
avoid-deleting-the-root-user.patch)
md5sums=('3a81133e95faafb603de4475802cb06a'
'4970e77c3c0d56e513f9a5f29fdacd2c')

prepare() {
cd $pkgname-$pkgver
patch -Np1 -i ../avoid-deleting-the-root-user.patch
}

build() {
cd $pkgname-$pkgver
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001
From: Matthias Clasen <[email protected]>
Date: Fri, 01 Nov 2013 21:09:25 +0000
Subject: Avoid deleting the root user

The check we have in place against deleting the root user can
be tricked by exploiting the fact that we are checking a gint64,
and then later cast it to a uid_t. This can be seen with the
following test, which will delete your root account:

qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \
org.freedesktop.Accounts.DeleteUser -9223372036854775808 true

Found with the dfuzzer tool,
https://github.com/matusmarhefka/dfuzzer
---
diff --git a/src/daemon.c b/src/daemon.c
index ea75190..9c7001b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts,
}

typedef struct {
- gint64 uid;
+ uid_t uid;
gboolean remove_files;
} DeleteUserData;

@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts,
Daemon *daemon = (Daemon*)accounts;
DeleteUserData *data;

- if (uid == 0) {
+ if ((uid_t)uid == 0) {
throw_error (context, ERROR_FAILED, "Refuse to delete root user");
return TRUE;
}

data = g_new0 (DeleteUserData, 1);
- data->uid = uid;
+ data->uid = (uid_t)uid;
data->remove_files = remove_files;

daemon_local_check_auth (daemon,
--
cgit v0.9.0.2-2-gbebe
13 changes: 10 additions & 3 deletions accountsservice/repos/extra-x86_64/PKGBUILD
Original file line number Diff line number Diff line change
Expand Up @@ -3,15 +3,22 @@

pkgname=accountsservice
pkgver=0.6.35
pkgrel=1
pkgrel=2
pkgdesc="D-Bus interface for user account query and manipulation"
arch=(i686 x86_64)
url="http://www.freedesktop.org/software/accountsservice/"
license=('GPL3')
depends=('glib2' 'polkit' 'systemd')
makedepends=('intltool' 'gobject-introspection')
source=($url/$pkgname-$pkgver.tar.xz)
md5sums=('3a81133e95faafb603de4475802cb06a')
source=($url/$pkgname-$pkgver.tar.xz
avoid-deleting-the-root-user.patch)
md5sums=('3a81133e95faafb603de4475802cb06a'
'4970e77c3c0d56e513f9a5f29fdacd2c')

prepare() {
cd $pkgname-$pkgver
patch -Np1 -i ../avoid-deleting-the-root-user.patch
}

build() {
cd $pkgname-$pkgver
Expand Down
Original file line number Diff line number Diff line change
@@ -0,0 +1,47 @@
From 980692e6b9cfe4a34e22f566e0981a8c549e4348 Mon Sep 17 00:00:00 2001
From: Matthias Clasen <[email protected]>
Date: Fri, 01 Nov 2013 21:09:25 +0000
Subject: Avoid deleting the root user

The check we have in place against deleting the root user can
be tricked by exploiting the fact that we are checking a gint64,
and then later cast it to a uid_t. This can be seen with the
following test, which will delete your root account:

qdbus --system org.freedesktop.Accounts /org/freedesktop/Accounts \
org.freedesktop.Accounts.DeleteUser -9223372036854775808 true

Found with the dfuzzer tool,
https://github.com/matusmarhefka/dfuzzer
---
diff --git a/src/daemon.c b/src/daemon.c
index ea75190..9c7001b 100644
--- a/src/daemon.c
+++ b/src/daemon.c
@@ -1227,7 +1227,7 @@ daemon_uncache_user (AccountsAccounts *accounts,
}

typedef struct {
- gint64 uid;
+ uid_t uid;
gboolean remove_files;
} DeleteUserData;

@@ -1309,13 +1309,13 @@ daemon_delete_user (AccountsAccounts *accounts,
Daemon *daemon = (Daemon*)accounts;
DeleteUserData *data;

- if (uid == 0) {
+ if ((uid_t)uid == 0) {
throw_error (context, ERROR_FAILED, "Refuse to delete root user");
return TRUE;
}

data = g_new0 (DeleteUserData, 1);
- data->uid = uid;
+ data->uid = (uid_t)uid;
data->remove_files = remove_files;

daemon_local_check_auth (daemon,
--
cgit v0.9.0.2-2-gbebe

0 comments on commit 09fea33

Please sign in to comment.