rpms/udev/devel udev-CVE-2009-1186.patch, NONE, 1.1 udev.spec, 1.271, 1.272

Wed Apr 15 17:42:27 UTC 2009

Author: harald

Update of /cvs/pkgs/rpms/udev/devel
In directory cvs1.fedora.phx.redhat.com:/tmp/cvs-serv21684

Modified Files:
	udev.spec 
Added Files:
	udev-CVE-2009-1186.patch 
Log Message:
* Wed Apr 15 2009 Harald Hoyer <harald at redhat.com> 141-2
- fix for CVE-2009-1186 (bug #495052)
- Resolves: rhbz#495052


udev-CVE-2009-1186.patch:

--- NEW FILE udev-CVE-2009-1186.patch ---
--- udev-141/udev/lib/libudev-util.c.CVE-2009-1186	2009-04-08 09:04:26.000000000 -0400
+++ udev-141/udev/lib/libudev-util.c	2009-04-15 13:25:10.000000000 -0400
@@ -9,6 +9,7 @@
  * version 2.1 of the License, or (at your option) any later version.
  */
 
+#include <stdint.h>
 #include <stdio.h>
 #include <stdlib.h>
 #include <stddef.h>
@@ -103,6 +104,9 @@ int util_log_priority(const char *priori
 
 size_t util_path_encode(char *s, size_t len)
 {
+        if (len == 0 || len > (SIZE_MAX - 1) / 4)
+               return 0;
+
 	char t[(len * 4)+1];
 	size_t i, j;
 


Index: udev.spec
===================================================================
RCS file: /cvs/pkgs/rpms/udev/devel/udev.spec,v
retrieving revision 1.271
retrieving revision 1.272
diff -u -r1.271 -r1.272
--- udev.spec	14 Apr 2009 13:47:31 -0000	1.271
+++ udev.spec	15 Apr 2009 17:42:26 -0000	1.272
@@ -6,7 +6,7 @@
 Summary: A userspace implementation of devfs
 Name: udev
 Version: 141
-Release: 1%{?dist}
+Release: 2%{?dist}
 License: GPLv2
 Group: System Environment/Base
 Provides: udev-persistent = %{version}-%{release}
@@ -19,11 +19,13 @@
 Source5: udev.sysconfig
 
 Patch102: udev-118-sysconf.patch
+Patch103: udev-CVE-2009-1186.patch
 
 ExclusiveOS: Linux
 URL: http://www.kernel.org/pub/linux/utils/kernel/hotplug/udev.html
 BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
 Requires(pre): /bin/sh fileutils /sbin/chkconfig /sbin/service
+Requires(pre): /usr/bin/stat /sbin/pidof
 Requires(pre): MAKEDEV >= 0:3.11 /usr/bin/getent /usr/sbin/groupadd
 BuildRequires: sed libselinux-devel >= 0:1.17.9-2 flex libsepol-devel
 BuildRequires: glib2-devel bison findutils MAKEDEV
@@ -92,6 +94,7 @@
 %setup -q  
 
 %patch102 -p1 -b .sysconf
+%patch103 -p1 -b .CVE-2009-1186
 
 %build
 %if %{with_static}
@@ -226,16 +229,29 @@
 getent group tape >/dev/null || /usr/sbin/groupadd -g 33 tape || :
 getent group dialout >/dev/null || /usr/sbin/groupadd -g 18 dialout || :
 
+# kill daemon if we are not in a chroot
+if test -f /proc/1/exe -a -d /proc/1/root; then
+	if test -x /usr/bin/stat -a "$(/usr/bin/stat -Lc '%%D-%%i' /)" = "$(/usr/bin/stat -Lc '%%D-%%i' /proc/1/root)"; then
+		if test -x /sbin/udevd -a -x /sbin/pidof ; then
+			pid=$(/sbin/pidof -c udevd)
+			if [ -n "$pid" ]; then
+				kill $pid
+			fi
+		fi
+	fi
+fi
+exit 0
+
 %post
-if [ "$1" -gt 1 -a -x /sbin/pidof ]; then
-	pid=$(/sbin/pidof -c udevd)
-	if [ -n "$pid" ]; then
-		kill $pid
+# start daemon if we are not in a chroot
+if test -f /proc/1/exe -a -d /proc/1/root; then
+	if test "$(/usr/bin/stat -Lc '%%D-%%i' /)" = "$(/usr/bin/stat -Lc '%%D-%%i' /proc/1/root)"; then
+		if test -x /sbin/udevd; then
 		/sbin/udevd -d
+		fi
 	fi
 fi
 
-/sbin/chkconfig --add udev-post
 exit 0
 
 %triggerpostun -- dev <= 0:3.12-1
@@ -379,6 +395,10 @@
 
 
 %changelog
+* Wed Apr 15 2009 Harald Hoyer <harald at redhat.com> 141-2
+- fix for CVE-2009-1186 (bug #495052)
+- Resolves: rhbz#495052
+
 * Tue Apr 14 2009 Harald Hoyer <harald at redhat.com> 141-1
 - version 141
 


