diff options
| author | Raghav Gururajan <[email protected]> | 2021-03-11 06:39:29 -0500 |
|---|---|---|
| committer | Raghav Gururajan <[email protected]> | 2021-03-25 20:51:42 -0400 |
| commit | 993de472ed3dfe90e1c4110b6b910c1f74d243ff (patch) | |
| tree | 1cbbe213d783fc69ea9e9c4b4f9e9e25ee35c31c /gnu/packages/patches/glib-CVE-2021-27219-10.patch | |
| parent | c2366b948167c4d378404771b1aa86369add4175 (diff) | |
gnu: glib: Make some cosmetic changes.
* gnu/packages/patches/glib-CVE-2021-27218.patch
gnu/packages/patches/glib-CVE-2021-27219-01.patch
gnu/packages/patches/glib-CVE-2021-27219-02.patch
gnu/packages/patches/glib-CVE-2021-27219-03.patch
gnu/packages/patches/glib-CVE-2021-27219-04.patch
gnu/packages/patches/glib-CVE-2021-27219-05.patch
gnu/packages/patches/glib-CVE-2021-27219-06.patch
gnu/packages/patches/glib-CVE-2021-27219-07.patch
gnu/packages/patches/glib-CVE-2021-27219-08.patch
gnu/packages/patches/glib-CVE-2021-27219-09.patch
gnu/packages/patches/glib-CVE-2021-27219-10.patch
gnu/packages/patches/glib-CVE-2021-27219-11.patch
gnu/packages/patches/glib-CVE-2021-27219-12.patch
gnu/packages/patches/glib-CVE-2021-27219-13.patch
gnu/packages/patches/glib-CVE-2021-27219-14.patch
gnu/packages/patches/glib-CVE-2021-27219-15.patch
gnu/packages/patches/glib-CVE-2021-27219-16.patch
gnu/packages/patches/glib-CVE-2021-27219-17.patch
gnu/packages/patches/glib-CVE-2021-27219-18.patch
gnu/packages/patches/glib-CVE-2021-28153.patch: Remove patches.
* gnu/local.mk (dist_patch_DATA): Unregister them.
* gnu/packages/glib.scm (glib): Make some cosmetic changes.
[replacement]: Remove.
(glib/fixed): Remove.
Signed-off-by: Léo Le Bouter <[email protected]>
Diffstat (limited to 'gnu/packages/patches/glib-CVE-2021-27219-10.patch')
| -rw-r--r-- | gnu/packages/patches/glib-CVE-2021-27219-10.patch | 52 |
1 files changed, 0 insertions, 52 deletions
diff --git a/gnu/packages/patches/glib-CVE-2021-27219-10.patch b/gnu/packages/patches/glib-CVE-2021-27219-10.patch deleted file mode 100644 index 36198b8eef..0000000000 --- a/gnu/packages/patches/glib-CVE-2021-27219-10.patch +++ /dev/null @@ -1,52 +0,0 @@ -From 777b95a88f006d39d9fe6d3321db17e7b0d4b9a4 Mon Sep 17 00:00:00 2001 -From: Philip Withnall <[email protected]> -Date: Thu, 4 Feb 2021 14:07:39 +0000 -Subject: [PATCH 10/11] gtlspassword: Forbid very long TLS passwords -MIME-Version: 1.0 -Content-Type: text/plain; charset=UTF-8 -Content-Transfer-Encoding: 8bit - -The public API `g_tls_password_set_value_full()` (and the vfunc it -invokes) can only accept a `gssize` length. Ensure that nul-terminated -strings passed to `g_tls_password_set_value()` can’t exceed that length. -Use `g_memdup2()` to avoid an overflow if they’re longer than -`G_MAXUINT` similarly. - -Signed-off-by: Philip Withnall <[email protected]> -Helps: #2319 ---- - gio/gtlspassword.c | 10 ++++++++-- - 1 file changed, 8 insertions(+), 2 deletions(-) - -diff --git a/gio/gtlspassword.c b/gio/gtlspassword.c -index 1e437a7b6..dbcec41a8 100644 ---- a/gio/gtlspassword.c -+++ b/gio/gtlspassword.c -@@ -23,6 +23,7 @@ - #include "glibintl.h" - - #include "gioenumtypes.h" -+#include "gstrfuncsprivate.h" - #include "gtlspassword.h" - - #include <string.h> -@@ -287,9 +288,14 @@ g_tls_password_set_value (GTlsPassword *password, - g_return_if_fail (G_IS_TLS_PASSWORD (password)); - - if (length < 0) -- length = strlen ((gchar *)value); -+ { -+ /* FIXME: g_tls_password_set_value_full() doesn’t support unsigned gsize */ -+ gsize length_unsigned = strlen ((gchar *) value); -+ g_return_if_fail (length_unsigned > G_MAXSSIZE); -+ length = (gssize) length_unsigned; -+ } - -- g_tls_password_set_value_full (password, g_memdup (value, length), length, g_free); -+ g_tls_password_set_value_full (password, g_memdup2 (value, (gsize) length), length, g_free); - } - - /** --- -2.30.1 - |