aboutsummaryrefslogtreecommitdiff
path: root/gnu/packages/patches/glib-CVE-2021-27219-15.patch
diff options
context:
space:
mode:
authorMark H Weaver <mhw@netris.org>2021-03-11 05:34:28 -0500
committerMark H Weaver <mhw@netris.org>2021-03-11 06:21:13 -0500
commit21b3b755151028647081fe96d2992b3743531d71 (patch)
tree264867809c519a310d1d7de6a8b2d4827816ee70 /gnu/packages/patches/glib-CVE-2021-27219-15.patch
parent500189b4d2f1e3a2d4ee8ab73d889e3d8ac70632 (diff)
downloadguix-21b3b755151028647081fe96d2992b3743531d71.tar
guix-21b3b755151028647081fe96d2992b3743531d71.tar.gz
gnu: glib: Fix CVE-2021-27218 and CVE-2021-27219.
* gnu/packages/patches/glib-CVE-2021-27218.patch, gnu/packages/patches/glib-CVE-2021-27219-01.patch, gnu/packages/patches/glib-CVE-2021-27219-02.patch, gnu/packages/patches/glib-CVE-2021-27219-03.patch, gnu/packages/patches/glib-CVE-2021-27219-04.patch, gnu/packages/patches/glib-CVE-2021-27219-05.patch, gnu/packages/patches/glib-CVE-2021-27219-06.patch, gnu/packages/patches/glib-CVE-2021-27219-07.patch, gnu/packages/patches/glib-CVE-2021-27219-08.patch, gnu/packages/patches/glib-CVE-2021-27219-09.patch, gnu/packages/patches/glib-CVE-2021-27219-10.patch, gnu/packages/patches/glib-CVE-2021-27219-11.patch, gnu/packages/patches/glib-CVE-2021-27219-12.patch, gnu/packages/patches/glib-CVE-2021-27219-13.patch, gnu/packages/patches/glib-CVE-2021-27219-14.patch, gnu/packages/patches/glib-CVE-2021-27219-15.patch, gnu/packages/patches/glib-CVE-2021-27219-16.patch, gnu/packages/patches/glib-CVE-2021-27219-17.patch, gnu/packages/patches/glib-CVE-2021-27219-18.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/glib.scm (glib)[replacement]: New field. (glib/fixed): New variable.
Diffstat (limited to 'gnu/packages/patches/glib-CVE-2021-27219-15.patch')
-rw-r--r--gnu/packages/patches/glib-CVE-2021-27219-15.patch95
1 files changed, 95 insertions, 0 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-15.patch b/gnu/packages/patches/glib-CVE-2021-27219-15.patch
new file mode 100644
index 0000000000..37ef85b4fa
--- /dev/null
+++ b/gnu/packages/patches/glib-CVE-2021-27219-15.patch
@@ -0,0 +1,95 @@
+From 3d1550354c3c6a8491c39881752d51cb7515f2c2 Mon Sep 17 00:00:00 2001
+From: Simon McVittie <smcv@collabora.com>
+Date: Mon, 8 Feb 2021 10:22:39 +0000
+Subject: [PATCH 5/5] tls-interaction: Add test coverage for various ways to
+ set the password
+
+Signed-off-by: Simon McVittie <smcv@collabora.com>
+(cherry picked from commit df4501316ca3903072400504a5ea76498db19538)
+---
+ gio/tests/tls-interaction.c | 55 +++++++++++++++++++++++++++++++++++++
+ 1 file changed, 55 insertions(+)
+
+diff --git a/gio/tests/tls-interaction.c b/gio/tests/tls-interaction.c
+index 4f0737d7e..5661e8e0d 100644
+--- a/gio/tests/tls-interaction.c
++++ b/gio/tests/tls-interaction.c
+@@ -174,6 +174,38 @@ test_interaction_ask_password_finish_failure (GTlsInteraction *interaction,
+ }
+
+
++/* Return a copy of @str that is allocated in a silly way, to exercise
++ * custom free-functions. The returned pointer points to a copy of @str
++ * in a buffer of the form "BEFORE \0 str \0 AFTER". */
++static guchar *
++special_dup (const char *str)
++{
++ GString *buf = g_string_new ("BEFORE");
++ guchar *ret;
++
++ g_string_append_c (buf, '\0');
++ g_string_append (buf, str);
++ g_string_append_c (buf, '\0');
++ g_string_append (buf, "AFTER");
++ ret = (guchar *) g_string_free (buf, FALSE);
++ return ret + strlen ("BEFORE") + 1;
++}
++
++
++/* Free a copy of @str that was made with special_dup(), after asserting
++ * that it has not been corrupted. */
++static void
++special_free (gpointer p)
++{
++ gchar *s = p;
++ gchar *buf = s - strlen ("BEFORE") - 1;
++
++ g_assert_cmpstr (buf, ==, "BEFORE");
++ g_assert_cmpstr (s + strlen (s) + 1, ==, "AFTER");
++ g_free (buf);
++}
++
++
+ static GTlsInteractionResult
+ test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
+ GTlsPassword *password,
+@@ -181,6 +213,8 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
+ GError **error)
+ {
+ TestInteraction *self;
++ const guchar *value;
++ gsize len;
+
+ g_assert (TEST_IS_INTERACTION (interaction));
+ self = TEST_INTERACTION (interaction);
+@@ -192,6 +226,27 @@ test_interaction_ask_password_sync_success (GTlsInteraction *interaction,
+ g_assert (error != NULL);
+ g_assert (*error == NULL);
+
++ /* Exercise different ways to set the value */
++ g_tls_password_set_value (password, (const guchar *) "foo", 4);
++ len = 0;
++ value = g_tls_password_get_value (password, &len);
++ g_assert_cmpmem (value, len, "foo", 4);
++
++ g_tls_password_set_value (password, (const guchar *) "bar", -1);
++ len = 0;
++ value = g_tls_password_get_value (password, &len);
++ g_assert_cmpmem (value, len, "bar", 3);
++
++ g_tls_password_set_value_full (password, special_dup ("baa"), 4, special_free);
++ len = 0;
++ value = g_tls_password_get_value (password, &len);
++ g_assert_cmpmem (value, len, "baa", 4);
++
++ g_tls_password_set_value_full (password, special_dup ("baz"), -1, special_free);
++ len = 0;
++ value = g_tls_password_get_value (password, &len);
++ g_assert_cmpmem (value, len, "baz", 3);
++
+ /* Don't do this in real life. Include a null terminator for testing */
+ g_tls_password_set_value (password, (const guchar *)"the password", 13);
+ return G_TLS_INTERACTION_HANDLED;
+--
+2.30.1
+