[gnome-desktop/f14/master] - Fix possible crashers

Bastien Nocera hadess at fedoraproject.org
Thu Nov 11 13:58:41 UTC 2010 

commit 71f6719ae255e12367f090347e396658e1b6e321
Author: Bastien Nocera <hadess at hadess.net>
Date:   Thu Nov 11 13:58:38 2010 +0000

    - Fix possible crashers

 ...e-double-free-when-destroying-private-win.patch |   38 ++++++++++++++++++++
 ...29168-Don-t-read-past-the-end-of-a-string.patch |   26 +++++++++++++
 gnome-desktop.spec                                 |   11 +++++-
 3 files changed, 74 insertions(+), 1 deletions(-)
---
diff --git a/0001-Fix-possible-double-free-when-destroying-private-win.patch b/0001-Fix-possible-double-free-when-destroying-private-win.patch
new file mode 100644
index 0000000..405bc96
--- /dev/null
+++ b/0001-Fix-possible-double-free-when-destroying-private-win.patch
@@ -0,0 +1,38 @@
+From 7e967de7dff160d7302b1ab66db3f9054b8373b3 Mon Sep 17 00:00:00 2001
+From: Bastien Nocera <hadess at hadess.net>
+Date: Thu, 11 Nov 2010 13:21:21 +0000
+Subject: [PATCH] Fix possible double-free when destroying private windows
+
+This could cause free'ing random data when the members of ->windows
+were destroyed, but ->windows itself wasn't. As it was != NULL, we'd
+be free memory that wouldn't belong to us anymore.
+
+https://bugzilla.gnome.org/show_bug.cgi?id=634534
+---
+ libgnome-desktop/gnome-rr-labeler.c |    5 +++++
+ 1 files changed, 5 insertions(+), 0 deletions(-)
+
+diff --git a/libgnome-desktop/gnome-rr-labeler.c b/libgnome-desktop/gnome-rr-labeler.c
+index 1de4569..ebf9905 100644
+--- a/libgnome-desktop/gnome-rr-labeler.c
++++ b/libgnome-desktop/gnome-rr-labeler.c
+@@ -411,11 +411,16 @@ gnome_rr_labeler_hide (GnomeRRLabeler *labeler)
+ 
+ 	g_return_if_fail (GNOME_IS_RR_LABELER (labeler));
+ 
++	if (labeler->windows == NULL)
++		return;
++
+ 	for (i = 0; i < labeler->num_outputs; i++)
+ 		if (labeler->windows[i] != NULL) {
+ 			gtk_widget_destroy (labeler->windows[i]);
+ 			labeler->windows[i] = NULL;
+ 		}
++	g_free (labeler->windows);
++	labeler->windows = NULL;
+ }
+ 
+ void
+-- 
+1.7.3.2
+
diff --git a/0001-bgo-629168-Don-t-read-past-the-end-of-a-string.patch b/0001-bgo-629168-Don-t-read-past-the-end-of-a-string.patch
new file mode 100644
index 0000000..0c05f30
--- /dev/null
+++ b/0001-bgo-629168-Don-t-read-past-the-end-of-a-string.patch
@@ -0,0 +1,26 @@
+From 3fa03455aa799ce882767c94152ce4d9d4e70377 Mon Sep 17 00:00:00 2001
+From: Federico Mena Quintero <federico at novell.com>
+Date: Tue, 26 Oct 2010 18:18:03 -0500
+Subject: [PATCH] bgo#629168 - Don't read past the end of a string
+
+Signed-off-by: Federico Mena Quintero <federico at novell.com>
+---
+ libgnome-desktop/display-name.c |    2 +-
+ 1 files changed, 1 insertions(+), 1 deletions(-)
+
+diff --git a/libgnome-desktop/display-name.c b/libgnome-desktop/display-name.c
+index e596da0..9c99d86 100644
+--- a/libgnome-desktop/display-name.c
++++ b/libgnome-desktop/display-name.c
+@@ -209,7 +209,7 @@ read_pnp_ids (void)
+         for (i = 0; lines[i]; i++)
+         {
+              line = lines[i];
+-             if (line[3] == '\t')
++             if (line[0] && line[1] && line[2] && line[3] == '\t' && line[4])
+              {
+                  code = line;
+                  line[3] = '\0';
+-- 
+1.7.3.2
+
diff --git a/gnome-desktop.spec b/gnome-desktop.spec
index 260d0fb..b206367 100644
--- a/gnome-desktop.spec
+++ b/gnome-desktop.spec
@@ -12,7 +12,7 @@
 Summary: Shared code among gnome-panel, gnome-session, nautilus, etc
 Name: gnome-desktop
 Version: 2.32.0
-Release: 1%{?dist}
+Release: 2%{?dist}
 URL: http://www.gnome.org
 #VCS: git:git://git.gnome.org/gnome-desktop
 Source0: http://download.gnome.org/sources/gnome-desktop/2.32/%{name}-%{version}.tar.bz2
@@ -45,6 +45,10 @@ BuildRequires: gettext
 BuildRequires: gtk-doc >= %{gtk_doc_version}
 BuildRequires: automake autoconf libtool intltool
 
+# Upstream fixes
+Patch0: 0001-bgo-629168-Don-t-read-past-the-end-of-a-string.patch
+Patch1: 0001-Fix-possible-double-free-when-destroying-private-win.patch
+
 %description
 
 The gnome-desktop package contains an internal library
@@ -72,6 +76,8 @@ libgnomedesktop.
 
 %prep
 %setup -q
+%patch0 -p1 -b .pnp
+%patch1 -p1 -b .double-free
 
 %build
 %configure --with-gnome-distributor="Red Hat, Inc" \
@@ -114,6 +120,9 @@ rm -f $RPM_BUILD_ROOT%{_libdir}/*.a
 %doc %{_datadir}/gtk-doc
 
 %changelog
+* Thu Nov 11 2010 Bastien Nocera <bnocera at redhat.com> 2.32.0-2
+- Fix possible crashers
+
 * Wed Sep 29 2010 Matthias Clasen <mclasen at redhat.com> 2.32.0-1
 - Update to 2.32.0

More information about the scm-commits mailing list