packages/NetworkManager
1
0
Fork 0
Code Issues Pull Requests Packages Projects Releases Wiki Activity

!89 sync patches from upstream community

Browse Source 
Merge pull request !89 from Apricity/openEuler-20.03-LTS-SP3
This commit is contained in:
openeuler-ci-bot 2021-12-24 08:04:56 +00:00 committed by Gitee
commit 555cfcdb3c
3 changed files with 130 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

11
NetworkManager.spec
View File

@ -48,7 +48,7 @@
Name: NetworkManager
Version: 1.26.2
Epoch: 1
Release: 10
Release: 11
Summary: Network Link Manager and User Applications
License: GPLv2+
URL: https://www.gnome.org/projects/NetworkManager/
@ -61,6 +61,8 @@ Patch2: bugfix-NetworkManager-restarting-service-on-dependency-failure.pa
Patch3: backport-device-fix-wrongly-considering-ipv6-may-fail-for-ipv4.patch
Patch4: backport-bugfix-nmcli-field-active-show-error.patch
Patch5: backport-amend-edit-translation-of-nmcli.patch
Patch6: backport-core-fix-crash-in-nm_wildcard_match_check.patch
Patch7: backport-core-ovs-fix-leak-of-NMOvsdbPrivate-db_uuid.patch
BuildRequires: gcc libtool pkgconfig automake autoconf intltool gettext-devel ppp-devel gnutls-devel
BuildRequires: dbus-devel dbus-glib-devel glib2-devel gobject-introspection-devel jansson-devel
@ -432,6 +434,13 @@ fi
%{_datadir}/gtk-doc/html/NetworkManager/*
%changelog
* Fri Dec 24 2021 zengwefeng <zwfeng@huawei.com> - 1.26.2-11
- Type:bugfix
- ID:NA
- SUG:NA
- DESC:fix crash in nm_wildcard_match_check
fix leak of NMOvsdbPrivate db_uuid
* Thu Sep 23 2021 gaoxingwang <gaoxingwang@huawei.com> - 1.26.2-10
- Type:bugfix
- ID:NA

84
backport-core-fix-crash-in-nm_wildcard_match_check.patch Normal file
View File

@ -0,0 +1,84 @@
From 32566dd5e137570969d2df68213a65881a702e18 Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Wed, 24 Mar 2021 21:05:19 +0100
Subject: [PATCH] core: fix crash in nm_wildcard_match_check()
It's not entirely clear how to treat %NULL.
Clearly "match.interface-name=eth0" should not
match with an interface %NULL. But what about
"match.interface-name=!eth0"? It's now implemented
that negative matches still succeed against %NULL.
What about "match.interface-name=*"? That probably
should also match with %NULL. So we treat %NULL really
like "".
Against commit 11cd443448bc ('iwd: Don't call IWD methods when device
unmanaged'), we got this backtrace:
#0 0x00007f1c164069f1 in __strnlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
#1 0x00007f1c1637ac9e in __fnmatch (pattern=<optimized out>, string=<optimized out>, string@entry=0x0, flags=flags@entry=0) at fnmatch.c:379
p = 0x0
res = <optimized out>
orig_pattern = <optimized out>
n = <optimized out>
wpattern = 0x7fff8d860730 L"pci-0000:03:00.0"
ps = {__count = 0, __value = {__wch = 0, __wchb = "\000\000\000"}}
wpattern_malloc = 0x0
wstring_malloc = 0x0
wstring = <optimized out>
alloca_used = 80
__PRETTY_FUNCTION__ = "__fnmatch"
#2 0x0000564484a978bf in nm_wildcard_match_check (str=0x0, patterns=<optimized out>, num_patterns=<optimized out>) at src/core/nm-core-utils.c:1959
is_inverted = 0
is_mandatory = 0
match = <optimized out>
p = 0x564486c43fa0 "pci-0000:03:00.0"
has_optional = 0
has_any_optional = 0
i = <optimized out>
#3 0x0000564484bf4797 in check_connection_compatible (self=<optimized out>, connection=<optimized out>, error=0x0) at src/core/devices/nm-device.c:7499
patterns = <optimized out>
device_driver = 0x564486c76bd0 "veth"
num_patterns = 1
priv = 0x564486cbe0b0
__func__ = "check_connection_compatible"
device_iface = <optimized out>
local = 0x564486c99a60
conn_iface = 0x0
klass = <optimized out>
s_match = 0x564486c63df0 [NMSettingMatch]
#4 0x0000564484c38491 in check_connection_compatible (device=0x564486cbe590 [NMDeviceVeth], connection=0x564486c6b160, error=0x0) at src/core/devices/nm-device-ethernet.c:348
self = 0x564486cbe590 [NMDeviceVeth]
s_wired = <optimized out>
Fixes: 3ced486f4162 ('libnm/match: extend syntax for match patterns with '|', '&', '!' and '\\'')
https://bugzilla.redhat.com/show_bug.cgi?id=1942741
CVE-2021-20297
(cherry picked from commit 420784e342da4883f6debdfe10cde68507b10d27)
(cherry picked from commit eaba0b48458a34494d91dc85e6eb5bd7e2b9b2d0)
(cherry picked from commit 16e5b307a3ae37706ac3c11ed71823d6868daa7d)
---
src/nm-core-utils.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
Conflict:NA
Reference:https://gitlab.freedesktop.org/NetworkManager/NetworkManager/-/commit/32566dd5e137570969d2df68213a65881a702e18
diff --git a/src/nm-core-utils.c b/src/nm-core-utils.c
index 3950c3c3a9..531996b2ee 100644
--- a/src/nm-core-utils.c
+++ b/src/nm-core-utils.c
@@ -1759,7 +1759,7 @@ nm_wildcard_match_check (const char *str,
_pattern_parse (patterns[i], &p, &is_inverted, &is_mandatory);
- match = (fnmatch (p, str, 0) == 0);
+ match = (fnmatch (p, str ?: "", 0) == 0);
if (is_inverted)
match = !match;
--
GitLab

36
backport-core-ovs-fix-leak-of-NMOvsdbPrivate-db_uuid.patch Normal file
View File

@ -0,0 +1,36 @@
From e1424f264d22e0b73a11a40139818bc1c4f752eb Mon Sep 17 00:00:00 2001
From: Thomas Haller <thaller@redhat.com>
Date: Fri, 6 Nov 2020 18:53:57 +0100
Subject: [PATCH] core/ovs: fix leak of "NMOvsdbPrivate.db_uuid
Also, never update the value to %NULL. If the current
message does not contain a UUID, keep the previous one.
Fixes: 830a5a14cb29 ('device: add support for OpenVSwitch devices')
(cherry picked from commit 609b08e2eb6a10ca1ca87725207eafa5ac4f4b83)
(cherry picked from commit 0464c36a0217ca1977b73078b824be86e05cfc48)
---
src/devices/ovs/nm-ovsdb.c | 6 +++++-
1 file changed, 5 insertions(+), 1 deletion(-)
diff --git a/src/devices/ovs/nm-ovsdb.c b/src/devices/ovs/nm-ovsdb.c
index 0b3fa3fdb5..a4d38397b2 100644
--- a/src/devices/ovs/nm-ovsdb.c
+++ b/src/devices/ovs/nm-ovsdb.c
@@ -1021,8 +1021,12 @@ ovsdb_got_update (NMOvsdb *self, json_t *msg)
}
if (ovs) {
+ const char *s;
+
iter = json_object_iter (ovs);
- priv->db_uuid = iter ? g_strdup (json_object_iter_key (iter)) : NULL;
+ s = json_object_iter_key (iter);
+ if (s)
+ nm_utils_strdup_reset (&priv->db_uuid, s);
}
/* Interfaces */
--
GitLab