summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
authorSamuli Suominen <ssuominen@gentoo.org>2012-09-29 17:17:14 +0000
committerSamuli Suominen <ssuominen@gentoo.org>2012-09-29 17:17:14 +0000
commitb9d50e955a928c25eb8c715776007b05defa3973 (patch)
treed25e3bd77cef9a2ac7231a116fa224c16af7cb98 /dev-libs/glib
parentRemove old versions. (diff)
downloadgentoo-2-b9d50e955a928c25eb8c715776007b05defa3973.tar.gz
gentoo-2-b9d50e955a928c25eb8c715776007b05defa3973.tar.bz2
gentoo-2-b9d50e955a928c25eb8c715776007b05defa3973.zip
Revision bump to import upstream patch for CVE-2012-3524 wrt #436028
(Portage version: 2.2.0_alpha128/cvs/Linux x86_64)
Diffstat (limited to 'dev-libs/glib')
-rw-r--r--dev-libs/glib/ChangeLog8
-rw-r--r--dev-libs/glib/files/glib-2.32.4-CVE-2012-3524.patch247
-rw-r--r--dev-libs/glib/glib-2.32.4-r1.ebuild236
3 files changed, 490 insertions, 1 deletions
diff --git a/dev-libs/glib/ChangeLog b/dev-libs/glib/ChangeLog
index 151fc651e3f2..a1e01f030f03 100644
--- a/dev-libs/glib/ChangeLog
+++ b/dev-libs/glib/ChangeLog
@@ -1,6 +1,12 @@
# ChangeLog for dev-libs/glib
# Copyright 1999-2012 Gentoo Foundation; Distributed under the GPL v2
-# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.536 2012/09/28 18:54:44 tetromino Exp $
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/ChangeLog,v 1.537 2012/09/29 17:17:13 ssuominen Exp $
+
+*glib-2.32.4-r1 (29 Sep 2012)
+
+ 29 Sep 2012; Samuli Suominen <ssuominen@gentoo.org> +glib-2.32.4-r1.ebuild,
+ +files/glib-2.32.4-CVE-2012-3524.patch:
+ Revision bump to import upstream patch for CVE-2012-3524 wrt #436028
28 Sep 2012; Alexandre Rostovtsev <tetromino@gentoo.org> glib-2.34.0.ebuild:
Really disable building tests when USE=-test (bug #436508, thanks to Jeff
diff --git a/dev-libs/glib/files/glib-2.32.4-CVE-2012-3524.patch b/dev-libs/glib/files/glib-2.32.4-CVE-2012-3524.patch
new file mode 100644
index 000000000000..92e6c8125e5b
--- /dev/null
+++ b/dev-libs/glib/files/glib-2.32.4-CVE-2012-3524.patch
@@ -0,0 +1,247 @@
+From 4c2928a54482913cf236bff0e66650a8f47e17ea Mon Sep 17 00:00:00 2001
+From: Colin Walters <walters@verbum.org>
+Date: Wed, 22 Aug 2012 18:26:11 +0000
+Subject: CVE-2012-3524: Hardening for being run in a setuid environment
+
+Some programs attempt to use libglib (or even libgio) when setuid.
+For a long time, GTK+ simply aborted if launched in this
+configuration, but we never had a real policy for GLib.
+
+I'm not sure whether we should advertise such support. However, given
+that there are real-world programs that do this currently, we can make
+them safer with not too much effort.
+
+Better to fix a problem caused by an interaction between two
+components in *both* places if possible.
+
+This patch adds a private function g_check_setuid() which is used to
+first ensure we don't run an external dbus-launch binary if
+DBUS_SESSION_BUS_ADDRESS isn't set.
+
+Second, we also ensure the local VFS is used in this case. The
+gdaemonvfs extension point will end up talking to the session bus
+which is typically undesirable in a setuid context.
+
+Implementing g_check_setuid() is interesting - whether or not we're
+running in a privilege-escalated path is operating system specific.
+Note that GTK+'s code to check euid versus uid worked historically on
+Unix, more modern systems have filesystem capabilities and SELinux
+domain transitions, neither of which are captured by the uid
+comparison.
+
+On Linux/glibc, the way this works is that the kernel sets an
+AT_SECURE flag in the ELF auxiliary vector, and glibc looks for it on
+startup. If found, then glibc sets a public-but-undocumented
+__libc_enable_secure variable which we can use. Unfortunately, while
+it *previously* worked to check this variable, a combination of newer
+binutils and RPM break it:
+http://www.openwall.com/lists/owl-dev/2012/08/14/1
+
+So for now on Linux/glibc, we fall back to the historical Unix version
+until we get glibc fixed.
+
+On some BSD variants, there is a issetugid() function. On other Unix
+variants, we fall back to what GTK+ has been doing.
+
+Reported-By: Sebastian Krahmer <krahmer@suse.de>
+Signed-off-by: Colin Walters <walters@verbum.org>
+---
+diff --git a/configure.ac b/configure.ac
+index 584df1d..67ea1a9 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -583,9 +583,20 @@ AC_TRY_COMPILE([#include <dirent.h>], [DIR *dir;],
+ # Checks for library functions.
+ AC_FUNC_VPRINTF
+ AC_FUNC_ALLOCA
+-AC_CHECK_FUNCS(mmap posix_memalign memalign valloc fsync pipe2)
++AC_CHECK_FUNCS(mmap posix_memalign memalign valloc fsync pipe2 issetugid)
+ AC_CHECK_FUNCS(atexit on_exit timegm gmtime_r)
+
++AC_CACHE_CHECK([for __libc_enable_secure], glib_cv_have_libc_enable_secure,
++ [AC_TRY_LINK([#include <unistd.h>
++ extern int __libc_enable_secure;],
++ [return __libc_enable_secure;],
++ glib_cv_have_libc_enable_secure=yes,
++ glib_cv_have_libc_enable_secure=no)])
++AS_IF([test x$glib_cv_have_libc_enable_secure = xyes], [
++ AC_DEFINE(HAVE_LIBC_ENABLE_SECURE, 1,
++ [Define if you have the __libc_enable_secure variable (GNU libc, eglibc)])
++])
++
+ AC_CHECK_SIZEOF(char)
+ AC_CHECK_SIZEOF(short)
+ AC_CHECK_SIZEOF(long)
+@@ -984,7 +995,7 @@ AC_MSG_RESULT(unsigned $glib_size_type)
+
+ # Check for some functions
+ AC_CHECK_FUNCS(lstat strerror strsignal memmove vsnprintf stpcpy strcasecmp strncasecmp poll getcwd vasprintf setenv unsetenv getc_unlocked readlink symlink fdwalk memmem)
+-AC_CHECK_FUNCS(chown lchmod lchown fchmod fchown link utimes getgrgid getpwuid)
++AC_CHECK_FUNCS(chown lchmod lchown fchmod fchown link utimes getgrgid getpwuid getresuid)
+ AC_CHECK_FUNCS(getmntent_r setmntent endmntent hasmntopt getfsstat getvfsstat)
+ # Check for high-resolution sleep functions
+ AC_CHECK_FUNCS(splice)
+diff --git a/gio/gdbusaddress.c b/gio/gdbusaddress.c
+index 4aa13b9..96b6343 100644
+--- a/gio/gdbusaddress.c
++++ b/gio/gdbusaddress.c
+@@ -37,6 +37,7 @@
+ #include "giostream.h"
+ #include "gasyncresult.h"
+ #include "gsimpleasyncresult.h"
++#include "glib-private.h"
+ #include "gdbusprivate.h"
+ #include "giomodule-priv.h"
+ #include "gdbusdaemon.h"
+@@ -1023,6 +1024,14 @@ get_session_address_dbus_launch (GError **error)
+ restore_dbus_verbose = FALSE;
+ old_dbus_verbose = NULL;
+
++ /* Don't run binaries as root if we're setuid. */
++ if (GLIB_PRIVATE_CALL (g_check_setuid) ())
++ {
++ g_set_error (error, G_IO_ERROR, G_IO_ERROR_FAILED,
++ _("Cannot spawn a message bus when setuid"));
++ goto out;
++ }
++
+ machine_id = _g_dbus_get_machine_id (error);
+ if (machine_id == NULL)
+ {
+diff --git a/gio/gvfs.c b/gio/gvfs.c
+index dda8afb..9afbcec 100644
+--- a/gio/gvfs.c
++++ b/gio/gvfs.c
+@@ -23,6 +23,7 @@
+ #include "config.h"
+ #include <string.h>
+ #include "gvfs.h"
++#include "glib-private.h"
+ #include "glocalvfs.h"
+ #include "gresourcefile.h"
+ #include "giomodule-priv.h"
+@@ -191,6 +192,8 @@ g_vfs_parse_name (GVfs *vfs,
+ GVfs *
+ g_vfs_get_default (void)
+ {
++ if (GLIB_PRIVATE_CALL (g_check_setuid) ())
++ return g_vfs_get_local ();
+ return _g_io_module_get_default (G_VFS_EXTENSION_POINT_NAME,
+ "GIO_USE_VFS",
+ (GIOModuleVerifyFunc)g_vfs_is_active);
+diff --git a/glib/genviron.c b/glib/genviron.c
+index 59a8bbe..9525cf0 100644
+--- a/glib/genviron.c
++++ b/glib/genviron.c
+@@ -40,6 +40,7 @@
+ #include <windows.h>
+ #endif
+
++#include "glib-private.h"
+ #include "gmem.h"
+ #include "gmessages.h"
+ #include "gstrfuncs.h"
+diff --git a/glib/glib-private.c b/glib/glib-private.c
+index 3946e77..3506782 100644
+--- a/glib/glib-private.c
++++ b/glib/glib-private.c
+@@ -38,7 +38,9 @@ glib__private__ (void)
+ g_wakeup_signal,
+ g_wakeup_acknowledge,
+
+- g_get_worker_context
++ g_get_worker_context,
++
++ g_check_setuid
+ };
+
+ return &table;
+diff --git a/glib/glib-private.h b/glib/glib-private.h
+index fde0be8..87da6f3 100644
+--- a/glib/glib-private.h
++++ b/glib/glib-private.h
+@@ -25,6 +25,8 @@
+
+ G_GNUC_INTERNAL
+ GMainContext * g_get_worker_context (void);
++G_GNUC_INTERNAL
++gboolean g_check_setuid (void);
+
+ #define GLIB_PRIVATE_CALL(symbol) (glib__private__()->symbol)
+
+@@ -40,6 +42,8 @@ typedef struct {
+ /* See gmain.c */
+ GMainContext * (* g_get_worker_context) (void);
+ /* Add other private functions here, initialize them in glib-private.c */
++
++ gboolean (* g_check_setuid) (void);
+ } GLibPrivateVTable;
+
+ GLibPrivateVTable *glib__private__ (void);
+diff --git a/glib/gutils.c b/glib/gutils.c
+index 38b5e44..f8a38d1 100644
+--- a/glib/gutils.c
++++ b/glib/gutils.c
+@@ -2409,3 +2409,60 @@ g_get_tmp_dir (void)
+ }
+
+ #endif
++
++/* Private API:
++ *
++ * Returns %TRUE if the current process was executed as setuid (or an
++ * equivalent __libc_enable_secure is available). See:
++ * http://osdir.com/ml/linux.lfs.hardened/2007-04/msg00032.html
++ */
++gboolean
++g_check_setuid (void)
++{
++ /* TODO: get __libc_enable_secure exported from glibc.
++ * See http://www.openwall.com/lists/owl-dev/2012/08/14/1
++ */
++#if 0 && defined(HAVE_LIBC_ENABLE_SECURE)
++ {
++ /* See glibc/include/unistd.h */
++ extern int __libc_enable_secure;
++ return __libc_enable_secure;
++ }
++#elif defined(HAVE_ISSETUGID)
++ /* BSD: http://www.freebsd.org/cgi/man.cgi?query=issetugid&sektion=2 */
++ return issetugid ();
++#elif defined(G_OS_UNIX)
++ uid_t ruid, euid, suid; /* Real, effective and saved user ID's */
++ gid_t rgid, egid, sgid; /* Real, effective and saved group ID's */
++
++ static gsize check_setuid_initialised;
++ static gboolean is_setuid;
++
++ if (g_once_init_enter (&check_setuid_initialised))
++ {
++#ifdef HAVE_GETRESUID
++ /* These aren't in the header files, so we prototype them here.
++ */
++ int getresuid(uid_t *ruid, uid_t *euid, uid_t *suid);
++ int getresgid(gid_t *rgid, gid_t *egid, gid_t *sgid);
++
++ if (getresuid (&ruid, &euid, &suid) != 0 ||
++ getresgid (&rgid, &egid, &sgid) != 0)
++#endif /* HAVE_GETRESUID */
++ {
++ suid = ruid = getuid ();
++ sgid = rgid = getgid ();
++ euid = geteuid ();
++ egid = getegid ();
++ }
++
++ is_setuid = (ruid != euid || ruid != suid ||
++ rgid != egid || rgid != sgid);
++
++ g_once_init_leave (&check_setuid_initialised, 1);
++ }
++ return is_setuid;
++#else
++ return FALSE;
++#endif
++}
+--
+cgit v0.9.0.2
diff --git a/dev-libs/glib/glib-2.32.4-r1.ebuild b/dev-libs/glib/glib-2.32.4-r1.ebuild
new file mode 100644
index 000000000000..3f7a0814ba77
--- /dev/null
+++ b/dev-libs/glib/glib-2.32.4-r1.ebuild
@@ -0,0 +1,236 @@
+# Copyright 1999-2012 Gentoo Foundation
+# Distributed under the terms of the GNU General Public License v2
+# $Header: /var/cvsroot/gentoo-x86/dev-libs/glib/glib-2.32.4-r1.ebuild,v 1.1 2012/09/29 17:17:13 ssuominen Exp $
+
+EAPI="4"
+PYTHON_DEPEND="utils? 2"
+# Avoid runtime dependency on python when USE=test
+
+inherit autotools gnome.org libtool eutils flag-o-matic gnome2-utils multilib pax-utils python toolchain-funcs virtualx linux-info
+
+DESCRIPTION="The GLib library of C routines"
+HOMEPAGE="http://www.gtk.org/"
+SRC_URI="${SRC_URI}
+ http://dev.gentoo.org/~tetromino/distfiles/glib/${P}-AS_IF-patches.tar.xz
+ http://pkgconfig.freedesktop.org/releases/pkg-config-0.26.tar.gz" # pkg.m4 for eautoreconf
+
+LICENSE="LGPL-2+"
+SLOT="2"
+IUSE="debug doc fam kernel_linux selinux static-libs systemtap test utils xattr"
+KEYWORDS="~alpha ~amd64 ~arm ~hppa ~ia64 ~m68k ~mips ~ppc ~ppc64 ~s390 ~sh ~sparc ~x86 ~amd64-fbsd ~sparc-fbsd ~x86-fbsd ~amd64-linux ~x86-linux"
+
+RDEPEND="virtual/libiconv
+ virtual/libffi
+ sys-libs/zlib
+ || (
+ >=dev-libs/elfutils-0.142
+ >=dev-libs/libelf-0.8.12 )
+ xattr? ( sys-apps/attr )
+ fam? ( virtual/fam )
+ utils? ( >=dev-util/gdbus-codegen-${PV} )"
+DEPEND="${RDEPEND}
+ >=sys-devel/gettext-0.11
+ >=dev-util/gtk-doc-am-1.15
+ doc? (
+ >=dev-libs/libxslt-1.0
+ >=dev-util/gdbus-codegen-${PV}
+ >=dev-util/gtk-doc-1.15
+ ~app-text/docbook-xml-dtd-4.1.2 )
+ systemtap? ( >=dev-util/systemtap-1.3 )
+ test? (
+ sys-devel/gdb
+ =dev-lang/python-2*
+ >=dev-util/gdbus-codegen-${PV}
+ >=sys-apps/dbus-1.2.14 )
+ !<dev-util/gtk-doc-1.15-r2"
+PDEPEND="x11-misc/shared-mime-info
+ !<gnome-base/gvfs-1.6.4-r990"
+# shared-mime-info needed for gio/xdgmime, bug #409481
+# Earlier versions of gvfs do not work with glib
+
+pkg_setup() {
+ # Needed for gio/tests/gdbus-testserver.py
+ if use test ; then
+ python_set_active_version 2
+ python_pkg_setup
+ fi
+
+ if use kernel_linux ; then
+ CONFIG_CHECK="~INOTIFY_USER"
+ linux-info_pkg_setup
+ fi
+}
+
+src_prepare() {
+ epatch "${FILESDIR}"/${P}-CVE-2012-3524.patch
+
+ mv -f "${WORKDIR}"/pkg-config-*/pkg.m4 "${WORKDIR}"/ || die
+
+ # Fix gmodule issues on fbsd; bug #184301
+ epatch "${FILESDIR}"/${PN}-2.12.12-fbsd.patch
+
+ # need to build tests if USE=doc for bug #387385
+ if ! use test && ! use doc; then
+ # don't waste time building tests
+ sed 's/^\(.*\SUBDIRS .*\=.*\)tests\(.*\)$/\1\2/' -i $(find . -name Makefile.am -o -name Makefile.in) || die
+ else
+ # Do not try to remove files on live filesystem, upstream bug #619274
+ sed 's:^\(.*"/desktop-app-info/delete".*\):/*\1*/:' \
+ -i "${S}"/gio/tests/desktop-app-info.c || die "sed failed"
+
+ # Disable tests requiring dev-util/desktop-file-utils when not installed, bug #286629
+ if ! has_version dev-util/desktop-file-utils ; then
+ ewarn "Some tests will be skipped due dev-util/desktop-file-utils not being present on your system,"
+ ewarn "think on installing it to get these tests run."
+ sed -i -e "/appinfo\/associations/d" gio/tests/appinfo.c || die
+ sed -i -e "/desktop-app-info\/default/d" gio/tests/desktop-app-info.c || die
+ sed -i -e "/desktop-app-info\/fallback/d" gio/tests/desktop-app-info.c || die
+ sed -i -e "/desktop-app-info\/lastused/d" gio/tests/desktop-app-info.c || die
+ fi
+
+ # Disable tests requiring dbus-python and pygobject; bugs #349236, #377549, #384853
+ if ! has_version dev-python/dbus-python || ! has_version 'dev-python/pygobject:2' ; then
+ ewarn "Some tests will be skipped due to dev-python/dbus-python or dev-python/pygobject:2"
+ ewarn "not being present on your system, think on installing them to get these tests run."
+ sed -i -e "/connection\/filter/d" gio/tests/gdbus-connection.c || die
+ sed -i -e "/connection\/large_message/d" gio/tests/gdbus-connection-slow.c || die
+ sed -i -e "/gdbus\/proxy/d" gio/tests/gdbus-proxy.c || die
+ sed -i -e "/gdbus\/proxy-well-known-name/d" gio/tests/gdbus-proxy-well-known-name.c || die
+ sed -i -e "/gdbus\/introspection-parser/d" gio/tests/gdbus-introspection.c || die
+ sed -i -e "/g_test_add_func/d" gio/tests/gdbus-threading.c || die
+ sed -i -e "/gdbus\/method-calls-in-thread/d" gio/tests/gdbus-threading.c || die
+ # needed to prevent gdbus-threading from asserting
+ ln -sfn $(type -P true) gio/tests/gdbus-testserver.py
+ fi
+ fi
+
+ # gdbus-codegen is a separate package
+ epatch "${FILESDIR}/${PN}-2.31.x-external-gdbus-codegen.patch"
+
+ # bashcomp goes in /usr/share/bash-completion
+ epatch "${FILESDIR}/${PN}-2.32.4-bashcomp.patch"
+
+ # AS_IF fixes from 2.33.x, needed for cross-compiling, bug #434770
+ epatch ../AS_IF-patches/*.patch
+
+ # disable pyc compiling
+ use test && python_clean_py-compile_files
+
+ # Needed for the punt-python-check patch, disabling timeout test
+ # Also needed to prevent croscompile failures, see bug #267603
+ # Also needed for the no-gdbus-codegen patch
+ AT_M4DIR="${WORKDIR}" eautoreconf
+
+ [[ ${CHOST} == *-freebsd* ]] && elibtoolize
+
+ epunt_cxx
+}
+
+src_configure() {
+ # Avoid circular depend with dev-util/pkgconfig and
+ # native builds (cross-compiles won't need pkg-config
+ # in the target ROOT to work here)
+ if ! tc-is-cross-compiler && ! $(tc-getPKG_CONFIG) --version >& /dev/null; then
+ if has_version sys-apps/dbus; then
+ export DBUS1_CFLAGS="-I/usr/include/dbus-1.0 -I/usr/$(get_libdir)/dbus-1.0/include"
+ export DBUS1_LIBS="-ldbus-1"
+ fi
+ export LIBFFI_CFLAGS="-I$(echo /usr/$(get_libdir)/libffi-*/include)"
+ export LIBFFI_LIBS="-lffi"
+ fi
+
+ local myconf
+
+ # Building with --disable-debug highly unrecommended. It will build glib in
+ # an unusable form as it disables some commonly used API. Please do not
+ # convert this to the use_enable form, as it results in a broken build.
+ # -- compnerd (3/27/06)
+ use debug && myconf="--enable-debug"
+
+ # Always use internal libpcre, bug #254659
+ econf ${myconf} \
+ $(use_enable xattr) \
+ $(use_enable doc man) \
+ $(use_enable doc gtk-doc) \
+ $(use_enable fam) \
+ $(use_enable selinux) \
+ $(use_enable static-libs static) \
+ $(use_enable systemtap dtrace) \
+ $(use_enable systemtap systemtap) \
+ --with-pcre=internal \
+ --with-threads=posix
+}
+
+src_install() {
+ local f
+
+ # install-exec-hook substitutes ${PYTHON} in glib/gtester-report
+ emake DESTDIR="${D}" PYTHON="${EPREFIX}/usr/bin/python2" install
+
+ if ! use utils; then
+ rm "${ED}usr/bin/gtester-report"
+ fi
+
+ # Do not install charset.alias even if generated, leave it to libiconv
+ rm -f "${ED}/usr/lib/charset.alias"
+
+ # Don't install gdb python macros, bug 291328
+ rm -rf "${ED}/usr/share/gdb/" "${ED}/usr/share/glib-2.0/gdb/"
+
+ dodoc AUTHORS ChangeLog* NEWS* README
+
+ # Completely useless with or without USE static-libs, people need to use
+ # pkg-config
+ find "${D}" -name '*.la' -exec rm -f {} +
+}
+
+src_test() {
+ gnome2_environment_reset
+
+ unset DBUS_SESSION_BUS_ADDRESS
+ export XDG_CONFIG_DIRS=/etc/xdg
+ export XDG_DATA_DIRS=/usr/local/share:/usr/share
+ export G_DBUS_COOKIE_SHA1_KEYRING_DIR="${T}/temp"
+ unset GSETTINGS_BACKEND # bug 352451
+ export LC_TIME=C # bug #411967
+
+ # Related test is a bit nitpicking
+ mkdir "$G_DBUS_COOKIE_SHA1_KEYRING_DIR"
+ chmod 0700 "$G_DBUS_COOKIE_SHA1_KEYRING_DIR"
+
+ # Hardened: gdb needs this, bug #338891
+ if host-is-pax ; then
+ pax-mark -mr "${S}"/tests/.libs/assert-msg-test \
+ || die "Hardened adjustment failed"
+ fi
+
+ # Need X for dbus-launch session X11 initialization
+ Xemake check
+}
+
+pkg_preinst() {
+ # Only give the introspection message if:
+ # * The user has gobject-introspection
+ # * Has glib already installed
+ # * Previous version was different from new version
+ if has_version "dev-libs/gobject-introspection" && ! has_version "=${CATEGORY}/${PF}"; then
+ ewarn "You must rebuild gobject-introspection so that the installed"
+ ewarn "typelibs and girs are regenerated for the new APIs in glib"
+ fi
+}
+
+pkg_postinst() {
+ # Inform users about possible breakage when updating glib and not dbus-glib, bug #297483
+ if has_version dev-libs/dbus-glib; then
+ ewarn "If you experience a breakage after updating dev-libs/glib try"
+ ewarn "rebuilding dev-libs/dbus-glib"
+ fi
+
+ if has_version '<x11-libs/gtk+-3.0.12:3'; then
+ # To have a clear upgrade path for gtk+-3.0.x users, have to resort to
+ # a warning instead of a blocker
+ ewarn
+ ewarn "Using <gtk+-3.0.12:3 with ${P} results in frequent crashes."
+ ewarn "You should upgrade to a newer version of gtk+:3 immediately."
+ fi
+}