gentoo resync : 02.08.2019

2 files changed, 173 insertions, 0 deletions

diff --git a/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch b/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch
new file mode 100644
index 000000000000..949ac56431f1
--- /dev/null
+++ b/dev-libs/glib/files/2.58.3-CVE-2019-12450.patch
@@ -0,0 +1,53 @@
+From e6b769819d63d2b24b251dbc9f902fe6fd614da3 Mon Sep 17 00:00:00 2001
+From: Ondrej Holy <oholy@redhat.com>
+Date: Thu, 23 May 2019 10:41:53 +0200
+Subject: [PATCH] gfile: Limit access to files when copying
+
+file_copy_fallback creates new files with default permissions and
+set the correct permissions after the operation is finished. This
+might cause that the files can be accessible by more users during
+the operation than expected. Use G_FILE_CREATE_PRIVATE for the new
+files to limit access to those files.
+---
+ gio/gfile.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+
+diff --git a/gio/gfile.c b/gio/gfile.c
+index 1cc69166a..13b435480 100644
+--- a/gio/gfile.c
++++ b/gio/gfile.c
+@@ -3284,12 +3284,12 @@ file_copy_fallback (GFile                  *source,
+         out = (GOutputStream*)_g_local_file_output_stream_replace (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
+                                                                    FALSE, NULL,
+                                                                    flags & G_FILE_COPY_BACKUP,
+-                                                                   G_FILE_CREATE_REPLACE_DESTINATION,
+-                                                                   info,
++                                                                   G_FILE_CREATE_REPLACE_DESTINATION |
++                                                                   G_FILE_CREATE_PRIVATE, info,
+                                                                    cancellable, error);
+       else
+         out = (GOutputStream*)_g_local_file_output_stream_create (_g_local_file_get_filename (G_LOCAL_FILE (destination)),
+-                                                                  FALSE, 0, info,
++                                                                  FALSE, G_FILE_CREATE_PRIVATE, info,
+                                                                   cancellable, error);
+     }
+   else if (flags & G_FILE_COPY_OVERWRITE)
+@@ -3297,12 +3297,13 @@ file_copy_fallback (GFile                  *source,
+       out = (GOutputStream *)g_file_replace (destination,
+                                              NULL,
+                                              flags & G_FILE_COPY_BACKUP,
+-                                             G_FILE_CREATE_REPLACE_DESTINATION,
++                                             G_FILE_CREATE_REPLACE_DESTINATION |
++                                             G_FILE_CREATE_PRIVATE,
+                                              cancellable, error);
+     }
+   else
+     {
+-      out = (GOutputStream *)g_file_create (destination, 0, cancellable, error);
++      out = (GOutputStream *)g_file_create (destination, G_FILE_CREATE_PRIVATE, cancellable, error);
+     }
+ 
+   if (!out)
+-- 
+2.20.1
+
diff --git a/dev-libs/glib/files/2.58.3-gdbusmessage-limit-fix.patch b/dev-libs/glib/files/2.58.3-gdbusmessage-limit-fix.patch
new file mode 100644
index 000000000000..0828132003d3
--- /dev/null
+++ b/dev-libs/glib/files/2.58.3-gdbusmessage-limit-fix.patch
@@ -0,0 +1,120 @@
+From 2d655ef8954695cabf9e99cc61411de2bb4cb847 Mon Sep 17 00:00:00 2001
+From: Philip Withnall <withnall@endlessm.com>
+Date: Mon, 28 Jan 2019 14:36:42 +0000
+Subject: [PATCH] gdbusmessage: Fix check on upper limit of message size
+
+There was a typo in the figure checked against. Add a unit test.
+
+Signed-off-by: Philip Withnall <withnall@endlessm.com>
+
+https://gitlab.gnome.org/GNOME/glib/issues/1642
+---
+ gio/gdbusmessage.c        |  2 +-
+ gio/tests/gdbus-message.c | 72 ++++++++++++++++++++++++++++++++++++++-
+ 2 files changed, 72 insertions(+), 2 deletions(-)
+
+diff --git a/gio/gdbusmessage.c b/gio/gdbusmessage.c
+index 169e6fd15..2ad51f888 100644
+--- a/gio/gdbusmessage.c
++++ b/gio/gdbusmessage.c
+@@ -1984,7 +1984,7 @@ g_dbus_message_bytes_needed (guchar  *blob,
+                    "Unable to determine message blob length - given blob is malformed");
+     }
+ 
+-  if (ret > (2<<27))
++  if (ret > (1<<27))
+     {
+       g_set_error (error,
+                    G_IO_ERROR,
+diff --git a/gio/tests/gdbus-message.c b/gio/tests/gdbus-message.c
+index 88a9c5d86..74e0f712e 100644
+--- a/gio/tests/gdbus-message.c
++++ b/gio/tests/gdbus-message.c
+@@ -141,6 +141,74 @@ message_copy (void)
+ 
+ /* ---------------------------------------------------------------------------------------------------- */
+ 
++/* Test g_dbus_message_bytes_needed() returns correct results for a variety of
++ * arbitrary binary inputs.*/
++static void
++message_bytes_needed (void)
++{
++  const struct
++    {
++      const guint8 blob[16];
++      gssize expected_bytes_needed;
++    }
++  vectors[] =
++    {
++      /* Little endian with header rounding */
++      { { 'l', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          50, 0, 0, 0,  /* body length */
++          1, 0, 0, 0,  /* message serial */
++          7, 0, 0, 0  /* header length */}, 74 },
++      /* Little endian without header rounding */
++      { { 'l', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          50, 0, 0, 0,  /* body length */
++          1, 0, 0, 0,  /* message serial */
++          8, 0, 0, 0  /* header length */}, 74 },
++      /* Big endian with header rounding */
++      { { 'B', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          0, 0, 0, 50,  /* body length */
++          0, 0, 0, 1,  /* message serial */
++          0, 0, 0, 7  /* header length */}, 74 },
++      /* Big endian without header rounding */
++      { { 'B', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          0, 0, 0, 50,  /* body length */
++          0, 0, 0, 1,  /* message serial */
++          0, 0, 0, 8  /* header length */}, 74 },
++      /* Invalid endianness */
++      { { '!', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          0, 0, 0, 50,  /* body length */
++          0, 0, 0, 1,  /* message serial */
++          0, 0, 0, 8  /* header length */}, -1 },
++      /* Oversized */
++      { { 'l', 0, 0, 1,  /* endianness, message type, flags, protocol version */
++          0, 0, 0, 0x08,  /* body length (128MiB) */
++          1, 0, 0, 0,  /* message serial */
++          7, 0, 0, 0  /* header length */}, -1 },
++    };
++  gsize i;
++
++  for (i = 0; i < G_N_ELEMENTS (vectors); i++)
++    {
++      gssize bytes_needed;
++      GError *local_error = NULL;
++
++      g_test_message ("Vector: %" G_GSIZE_FORMAT, i);
++
++      bytes_needed = g_dbus_message_bytes_needed ((guchar *) vectors[i].blob,
++                                                  G_N_ELEMENTS (vectors[i].blob),
++                                                  &local_error);
++
++      if (vectors[i].expected_bytes_needed < 0)
++        g_assert_error (local_error, G_IO_ERROR, G_IO_ERROR_INVALID_ARGUMENT);
++      else
++        g_assert_no_error (local_error);
++      g_assert_cmpint (bytes_needed, ==, vectors[i].expected_bytes_needed);
++
++      g_clear_error (&local_error);
++    }
++}
++
++/* ---------------------------------------------------------------------------------------------------- */
++
+ int
+ main (int   argc,
+       char *argv[])
+@@ -151,6 +219,8 @@ main (int   argc,
+ 
+   g_test_add_func ("/gdbus/message/lock", message_lock);
+   g_test_add_func ("/gdbus/message/copy", message_copy);
+-  return g_test_run();
++  g_test_add_func ("/gdbus/message/bytes-needed", message_bytes_needed);
++
++  return g_test_run ();
+ }
+ 
+-- 
+2.20.1
+