projects / systemd.git / commit
? search:
summary | shortlog | log | commit | commitdiff | tree
(parent: e3a20f8) | patch
sd-bus: enforce a size limit on D-Bus object paths
authorMartin Pitt <martin@piware.de>
Sun, 17 Feb 2019 09:17:45 +0000 (10:17 +0100)
committerMichael Biebl <biebl@debian.org>
Mon, 8 Jul 2019 09:27:51 +0000 (10:27 +0100)
commited112497ebfea0aa2a7ef95c952e90fed3e2a3a3
treecdb6e357cf159d5f2b44342ac64d93db7032bcbdtree | snapshot
parente3a20f8c05ca2d108f843a8e6e5cbe7f655f50adcommit | diff
sd-bus: enforce a size limit on D-Bus object paths

Replace stack with heap allocation. This avoids accessing/modifying
memory outside of the allocated stack region by sending specially
crafted D-Bus messages with very large object paths.

Vulnerability discovered by Chris Coulson <chris.coulson@canonical.com>,
patch provided by Riccardo Schirone <rschiron@redhat.com>.

CVE-2019-6454

Gbp-Pq: Name sd-bus-enforce-a-size-limit-on-D-Bus-object-paths.patch
src/libsystemd/sd-bus/bus-internal.c diff | blob | history
src/libsystemd/sd-bus/bus-internal.h diff | blob | history
src/libsystemd/sd-bus/bus-objects.c diff | blob | history
Unnamed repository; edit this file 'description' to name the repository.