[arch-commits] Commit in qt/trunk (3 files)
Andrea Scarpino
andrea at nymeria.archlinux.org
Tue Feb 5 11:19:04 UTC 2013
Date: Tuesday, February 5, 2013 @ 12:19:04
Author: andrea
Revision: 177061
Apply two suggested security fixes
Added:
qt/trunk/Drop-read-write-perms-for-users.patch
qt/trunk/Fix-binary-incompatibility-between-openssl-versions.patch
Modified:
qt/trunk/PKGBUILD
-----------------------------------------------------------+
Drop-read-write-perms-for-users.patch | 145 ++++++++++++
Fix-binary-incompatibility-between-openssl-versions.patch | 80 ++++++
PKGBUILD | 14 -
3 files changed, 236 insertions(+), 3 deletions(-)
Added: Drop-read-write-perms-for-users.patch
===================================================================
--- Drop-read-write-perms-for-users.patch (rev 0)
+++ Drop-read-write-perms-for-users.patch 2013-02-05 11:19:04 UTC (rev 177061)
@@ -0,0 +1,145 @@
+From 20b26bdb3dd5e46b01b9a7e1ce8342074df3c89c Mon Sep 17 00:00:00 2001
+From: Thiago Macieira <thiago.macieira at intel.com>
+Date: Sat, 22 Dec 2012 08:32:12 -0800
+Subject: [PATCH] Change all shmget calls to user-only memory
+
+Drop the read and write permissions for group and other users in the
+system.
+
+Change-Id: I8fc753f09126651af3fb82df3049050f0b14e876
+(cherry-picked from Qt 5 commit 856f209fb63ae336bfb389a12d2a75fa886dc1c5)
+Reviewed-by: Richard J. Moore <rich at kde.org>
+---
+ src/corelib/kernel/qsharedmemory_unix.cpp | 6 +++---
+ src/corelib/kernel/qsystemsemaphore_unix.cpp | 4 ++--
+ src/gui/image/qnativeimage.cpp | 2 +-
+ src/gui/image/qpixmap_x11.cpp | 2 +-
+ src/plugins/platforms/xcb/qxcbwindowsurface.cpp | 2 +-
+ src/plugins/platforms/xlib/qxlibwindowsurface.cpp | 2 +-
+ .../auto/qtipc/qsharedmemory/tst_qsharedmemory.cpp | 2 +-
+ tools/qvfb/qvfbshmem.cpp | 4 ++--
+ 8 files changed, 12 insertions(+), 12 deletions(-)
+
+diff --git a/src/corelib/kernel/qsharedmemory_unix.cpp b/src/corelib/kernel/qsharedmemory_unix.cpp
+index 20d76e3..4cf3acf 100644
+--- a/src/corelib/kernel/qsharedmemory_unix.cpp
++++ b/src/corelib/kernel/qsharedmemory_unix.cpp
+@@ -238,7 +238,7 @@ bool QSharedMemoryPrivate::create(int size)
+ }
+
+ // create
+- if (-1 == shmget(unix_key, size, 0666 | IPC_CREAT | IPC_EXCL)) {
++ if (-1 == shmget(unix_key, size, 0600 | IPC_CREAT | IPC_EXCL)) {
+ QString function = QLatin1String("QSharedMemory::create");
+ switch (errno) {
+ case EINVAL:
+@@ -293,7 +293,7 @@ bool QSharedMemoryPrivate::attach(QSharedMemory::AccessMode mode)
+ {
+ #ifndef QT_POSIX_IPC
+ // grab the shared memory segment id
+- int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0444 : 0660));
++ int id = shmget(unix_key, 0, (mode == QSharedMemory::ReadOnly ? 0400 : 0600));
+ if (-1 == id) {
+ setErrorString(QLatin1String("QSharedMemory::attach (shmget)"));
+ return false;
+@@ -381,7 +381,7 @@ bool QSharedMemoryPrivate::detach()
+ size = 0;
+
+ // Get the number of current attachments
+- int id = shmget(unix_key, 0, 0444);
++ int id = shmget(unix_key, 0, 0400);
+ cleanHandle();
+
+ struct shmid_ds shmid_ds;
+diff --git a/src/corelib/kernel/qsystemsemaphore_unix.cpp b/src/corelib/kernel/qsystemsemaphore_unix.cpp
+index fad9acc..e77456b 100644
+--- a/src/corelib/kernel/qsystemsemaphore_unix.cpp
++++ b/src/corelib/kernel/qsystemsemaphore_unix.cpp
+@@ -153,10 +153,10 @@ key_t QSystemSemaphorePrivate::handle(QSystemSemaphore::AccessMode mode)
+ }
+
+ // Get semaphore
+- semaphore = semget(unix_key, 1, 0666 | IPC_CREAT | IPC_EXCL);
++ semaphore = semget(unix_key, 1, 0600 | IPC_CREAT | IPC_EXCL);
+ if (-1 == semaphore) {
+ if (errno == EEXIST)
+- semaphore = semget(unix_key, 1, 0666 | IPC_CREAT);
++ semaphore = semget(unix_key, 1, 0600 | IPC_CREAT);
+ if (-1 == semaphore) {
+ setErrorString(QLatin1String("QSystemSemaphore::handle"));
+ cleanHandle();
+diff --git a/src/gui/image/qnativeimage.cpp b/src/gui/image/qnativeimage.cpp
+index 9654afe..fef38c5 100644
+--- a/src/gui/image/qnativeimage.cpp
++++ b/src/gui/image/qnativeimage.cpp
+@@ -176,7 +176,7 @@ QNativeImage::QNativeImage(int width, int height, QImage::Format format,bool /*
+
+ bool ok;
+ xshminfo.shmid = shmget(IPC_PRIVATE, xshmimg->bytes_per_line * xshmimg->height,
+- IPC_CREAT | 0777);
++ IPC_CREAT | 0700);
+ ok = xshminfo.shmid != -1;
+ if (ok) {
+ xshmimg->data = (char*)shmat(xshminfo.shmid, 0, 0);
+diff --git a/src/gui/image/qpixmap_x11.cpp b/src/gui/image/qpixmap_x11.cpp
+index 280d8bd..88c9b7b 100644
+--- a/src/gui/image/qpixmap_x11.cpp
++++ b/src/gui/image/qpixmap_x11.cpp
+@@ -193,7 +193,7 @@ static bool qt_create_mitshm_buffer(const QPaintDevice* dev, int w, int h)
+ bool ok;
+ xshminfo.shmid = shmget(IPC_PRIVATE,
+ xshmimg->bytes_per_line * xshmimg->height,
+- IPC_CREAT | 0777);
++ IPC_CREAT | 0700);
+ ok = xshminfo.shmid != -1;
+ if (ok) {
+ xshmimg->data = (char*)shmat(xshminfo.shmid, 0, 0);
+diff --git a/src/plugins/platforms/xcb/qxcbwindowsurface.cpp b/src/plugins/platforms/xcb/qxcbwindowsurface.cpp
+index b6a42d8..0d56821 100644
+--- a/src/plugins/platforms/xcb/qxcbwindowsurface.cpp
++++ b/src/plugins/platforms/xcb/qxcbwindowsurface.cpp
+@@ -98,7 +98,7 @@ QXcbShmImage::QXcbShmImage(QXcbScreen *screen, const QSize &size, uint depth, QI
+ 0);
+
+ m_shm_info.shmid = shmget (IPC_PRIVATE,
+- m_xcb_image->stride * m_xcb_image->height, IPC_CREAT|0777);
++ m_xcb_image->stride * m_xcb_image->height, IPC_CREAT|0600);
+
+ m_shm_info.shmaddr = m_xcb_image->data = (quint8 *)shmat (m_shm_info.shmid, 0, 0);
+ m_shm_info.shmseg = xcb_generate_id(xcb_connection());
+diff --git a/src/plugins/platforms/xlib/qxlibwindowsurface.cpp b/src/plugins/platforms/xlib/qxlibwindowsurface.cpp
+index bf003eb..46a2f97 100644
+--- a/src/plugins/platforms/xlib/qxlibwindowsurface.cpp
++++ b/src/plugins/platforms/xlib/qxlibwindowsurface.cpp
+@@ -99,7 +99,7 @@ void QXlibWindowSurface::resizeShmImage(int width, int height)
+
+
+ image_info->shminfo.shmid = shmget (IPC_PRIVATE,
+- image->bytes_per_line * image->height, IPC_CREAT|0777);
++ image->bytes_per_line * image->height, IPC_CREAT|0700);
+
+ image_info->shminfo.shmaddr = image->data = (char*)shmat (image_info->shminfo.shmid, 0, 0);
+ image_info->shminfo.readOnly = False;
+diff --git a/tools/qvfb/qvfbshmem.cpp b/tools/qvfb/qvfbshmem.cpp
+index 7f9671f..84b6ebe 100644
+--- a/tools/qvfb/qvfbshmem.cpp
++++ b/tools/qvfb/qvfbshmem.cpp
+@@ -176,13 +176,13 @@ QShMemViewProtocol::QShMemViewProtocol(int displayid, const QSize &s,
+ uint data_offset_value = sizeof(QVFbHeader);
+
+ int dataSize = bpl * h + data_offset_value;
+- shmId = shmget(key, dataSize, IPC_CREAT | 0666);
++ shmId = shmget(key, dataSize, IPC_CREAT | 0600);
+ if (shmId != -1)
+ data = (unsigned char *)shmat(shmId, 0, 0);
+ else {
+ struct shmid_ds shm;
+ shmctl(shmId, IPC_RMID, &shm);
+- shmId = shmget(key, dataSize, IPC_CREAT | 0666);
++ shmId = shmget(key, dataSize, IPC_CREAT | 0600);
+ if (shmId == -1) {
+ perror("QShMemViewProtocol::QShMemViewProtocol");
+ qFatal("Cannot get shared memory 0x%08x", key);
+--
+1.7.1
+
Added: Fix-binary-incompatibility-between-openssl-versions.patch
===================================================================
--- Fix-binary-incompatibility-between-openssl-versions.patch (rev 0)
+++ Fix-binary-incompatibility-between-openssl-versions.patch 2013-02-05 11:19:04 UTC (rev 177061)
@@ -0,0 +1,80 @@
+From 691e78e5061d4cbc0de212d23b06c5dffddf2098 Mon Sep 17 00:00:00 2001
+From: Shane Kearns <dbgshane at gmail.com>
+Date: Thu, 6 Dec 2012 17:03:18 +0000
+Subject: [PATCH 54/79] Fix binary incompatibility between openssl versions
+
+OpenSSL changed the layout of X509_STORE_CTX between 0.9 and 1.0
+So we have to consider this struct as private implementation, and use
+the access functions instead.
+
+This bug would cause certificate verification problems if a different
+version of openssl is loaded at runtime to the headers Qt was compiled
+against.
+
+Task-number: QTBUG-28343
+Change-Id: I47fc24336f7d9c80f08f9c8ba6debc51a5591258
+Reviewed-by: Richard J. Moore <rich at kde.org>
+(cherry picked from commit eb2688c4c4f257d0a4d978ba4bf57d6347b15252)
+---
+ src/network/ssl/qsslsocket_openssl.cpp | 2 +-
+ src/network/ssl/qsslsocket_openssl_symbols.cpp | 8 ++++++++
+ src/network/ssl/qsslsocket_openssl_symbols_p.h | 4 ++++
+ 3 files changed, 13 insertions(+), 1 deletion(-)
+
+diff --git a/src/network/ssl/qsslsocket_openssl.cpp b/src/network/ssl/qsslsocket_openssl.cpp
+index b7ca290..e912abac 100644
+--- a/src/network/ssl/qsslsocket_openssl.cpp
++++ b/src/network/ssl/qsslsocket_openssl.cpp
+@@ -236,7 +236,7 @@ static int q_X509Callback(int ok, X509_STORE_CTX *ctx)
+ {
+ if (!ok) {
+ // Store the error and at which depth the error was detected.
+- _q_sslErrorList()->errors << qMakePair<int, int>(ctx->error, ctx->error_depth);
++ _q_sslErrorList()->errors << qMakePair<int, int>(q_X509_STORE_CTX_get_error(ctx), q_X509_STORE_CTX_get_error_depth(ctx));
+ }
+ // Always return OK to allow verification to continue. We're handle the
+ // errors gracefully after collecting all errors, after verification has
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols.cpp b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+index 2d6a25b..2e6ccd0 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols.cpp
++++ b/src/network/ssl/qsslsocket_openssl_symbols.cpp
+@@ -267,6 +267,10 @@ DEFINEFUNC2(int, X509_STORE_add_cert, X509_STORE *a, a, X509 *b, b, return 0, re
+ DEFINEFUNC(void, X509_STORE_CTX_free, X509_STORE_CTX *a, a, return, DUMMYARG)
+ DEFINEFUNC4(int, X509_STORE_CTX_init, X509_STORE_CTX *a, a, X509_STORE *b, b, X509 *c, c, STACK_OF(X509) *d, d, return -1, return)
+ DEFINEFUNC2(int, X509_STORE_CTX_set_purpose, X509_STORE_CTX *a, a, int b, b, return -1, return)
++DEFINEFUNC(int, X509_STORE_CTX_get_error, X509_STORE_CTX *a, a, return -1, return)
++DEFINEFUNC(int, X509_STORE_CTX_get_error_depth, X509_STORE_CTX *a, a, return -1, return)
++DEFINEFUNC(X509 *, X509_STORE_CTX_get_current_cert, X509_STORE_CTX *a, a, return 0, return)
++DEFINEFUNC(STACK_OF(X509) *, X509_STORE_CTX_get_chain, X509_STORE_CTX *a, a, return 0, return)
+ DEFINEFUNC(X509_STORE_CTX *, X509_STORE_CTX_new, DUMMYARG, DUMMYARG, return 0, return)
+ #ifdef SSLEAY_MACROS
+ DEFINEFUNC2(int, i2d_DSAPrivateKey, const DSA *a, a, unsigned char **b, b, return -1, return)
+@@ -832,6 +836,10 @@ bool q_resolveOpenSslSymbols()
+ RESOLVEFUNC(X509_STORE_CTX_init)
+ RESOLVEFUNC(X509_STORE_CTX_new)
+ RESOLVEFUNC(X509_STORE_CTX_set_purpose)
++ RESOLVEFUNC(X509_STORE_CTX_get_error)
++ RESOLVEFUNC(X509_STORE_CTX_get_error_depth)
++ RESOLVEFUNC(X509_STORE_CTX_get_current_cert)
++ RESOLVEFUNC(X509_STORE_CTX_get_chain)
+ RESOLVEFUNC(X509_cmp)
+ #ifndef SSLEAY_MACROS
+ RESOLVEFUNC(X509_dup)
+diff --git a/src/network/ssl/qsslsocket_openssl_symbols_p.h b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+index fa9a157..87f3697 100644
+--- a/src/network/ssl/qsslsocket_openssl_symbols_p.h
++++ b/src/network/ssl/qsslsocket_openssl_symbols_p.h
+@@ -374,6 +374,10 @@ int q_X509_STORE_CTX_init(X509_STORE_CTX *ctx, X509_STORE *store,
+ X509 *x509, STACK_OF(X509) *chain);
+ X509_STORE_CTX *q_X509_STORE_CTX_new();
+ int q_X509_STORE_CTX_set_purpose(X509_STORE_CTX *ctx, int purpose);
++int q_X509_STORE_CTX_get_error(X509_STORE_CTX *ctx);
++int q_X509_STORE_CTX_get_error_depth(X509_STORE_CTX *ctx);
++X509 *q_X509_STORE_CTX_get_current_cert(X509_STORE_CTX *ctx);
++STACK_OF(X509) *q_X509_STORE_CTX_get_chain(X509_STORE_CTX *ctx);
+
+ #define q_BIO_get_mem_data(b, pp) (int)q_BIO_ctrl(b,BIO_CTRL_INFO,0,(char *)pp)
+ #define q_BIO_pending(b) (int)q_BIO_ctrl(b,BIO_CTRL_PENDING,0,NULL)
+--
+1.8.0.2
+
Modified: PKGBUILD
===================================================================
--- PKGBUILD 2013-02-05 10:02:51 UTC (rev 177060)
+++ PKGBUILD 2013-02-05 11:19:04 UTC (rev 177061)
@@ -5,7 +5,7 @@
pkgbase=qt
pkgname=('qt' 'qt-private-headers')
pkgver=4.8.4
-pkgrel=2
+pkgrel=3
arch=('i686' 'x86_64')
url='http://qt-project.org/'
license=('GPL3' 'LGPL')
@@ -19,14 +19,18 @@
'assistant.desktop' 'designer.desktop' 'linguist.desktop'
'qtconfig.desktop'
'improve-cups-support.patch'
- 'fix-crash-in-assistant.patch')
+ 'fix-crash-in-assistant.patch'
+ 'Fix-binary-incompatibility-between-openssl-versions.patch'
+ 'Drop-read-write-perms-for-users.patch')
md5sums=('89c5ecba180cae74c66260ac732dc5cb'
'f1837a03fd0ebbd2da58975845f278e3'
'480fea1ed076992b688373c8db274be0'
'5595c24d5bb942c21e3a4d299e6d0bf1'
'824a3b77a25e98567f640e0441ccdebc'
'c439c7731c25387352d8453ca7574971'
- '57590084078b6379f0501f7728b02ae2')
+ '57590084078b6379f0501f7728b02ae2'
+ 'abd18c8a71e08167270b8ec6de61254a'
+ 'db29b7dd44c56f6026b53b57bbfd9ea3')
build() {
cd ${_pkgfqn}
@@ -37,6 +41,10 @@
# (FS#29469)
patch -p1 -i "${srcdir}"/fix-crash-in-assistant.patch
+ # Security fixes
+ patch -p1 -i "${srcdir}"/Fix-binary-incompatibility-between-openssl-versions.patch
+ patch -p1 -i "${srcdir}"/Drop-read-write-perms-for-users.patch
+
export QT4DIR="${srcdir}"/${_pkgfqn}
export LD_LIBRARY_PATH=${QT4DIR}/lib:${LD_LIBRARY_PATH}
More information about the arch-commits
mailing list