Hello community,
here is the log from the commit of package acpid for openSUSE:Factory checked in at 2011-12-25 17:32:46
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/acpid (Old)
and /work/SRC/openSUSE:Factory/.acpid.new (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "acpid", Maintainer is "hmacht@suse.com"
Changes:
--------
--- /work/SRC/openSUSE:Factory/acpid/acpid.changes 2011-09-28 14:02:14.000000000 +0200
+++ /work/SRC/openSUSE:Factory/.acpid.new/acpid.changes 2011-12-25 17:32:48.000000000 +0100
@@ -1,0 +2,5 @@
+Fri Dec 16 02:03:44 UTC 2011 - crrodriguez@opensuse.org
+
+- Update to acpid 2.0.13
+
+-------------------------------------------------------------------
Old:
----
acpid-2.0.10.tar.gz
New:
----
acpid-2.0.13.tar.gz
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ acpid.spec ++++++
--- /var/tmp/diff_new_pack.wvbEKJ/_old 2011-12-25 17:32:50.000000000 +0100
+++ /var/tmp/diff_new_pack.wvbEKJ/_new 2011-12-25 17:32:50.000000000 +0100
@@ -19,7 +19,7 @@
Name: acpid
Url: http://tedfelix.com/linux/acpid-netlink.html
-Version: 2.0.10
+Version: 2.0.13
Release: 5
License: GPL-2.0+
Group: System/Daemons
++++++ acpid-2.0.10.tar.gz -> acpid-2.0.13.tar.gz ++++++
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/Changelog new/acpid-2.0.13/Changelog
--- old/acpid-2.0.10/Changelog 2011-05-17 19:05:33.000000000 +0200
+++ new/acpid-2.0.13/Changelog 2011-10-18 01:19:35.000000000 +0200
@@ -1,3 +1,21 @@
+* Tue Nov 15 2011 Ted Felix http://www.tedfelix.com
+ - 2.0.13 release
+ - Fix for socket name buffer overflow. (ud_socket.c) (Ted Felix)
+ - Moved acpid_log() out of acpid.h/.c and into log.h/.c to make it easier
+ for all parts of acpid to use. (Makefile acpid.h acpid.c connection_list.c
+ event.c inotify_handler.c input_layer.c log.h log.c netlink.c proc.c
+ sock.c ud_socket.c) (Ted Felix)
+ - Cleaned up #includes and comment style. (libnetlink.c libnetlink.h)
+ (Ted Felix)
+
+* Mon Aug 15 2011 Ted Felix http://www.tedfelix.com
+ - 2.0.12 release
+ - Changed exit() to _exit() if execl() fails. (event.c) (Ted Felix)
+
+* Sat Jul 30 2011 Ted Felix http://www.tedfelix.com
+ - 2.0.11 release
+ - Set umask to 0077 for scripts run by acpid. (event.c) (Ted Felix)
+
* Tue May 17 2011 Ted Felix http://www.tedfelix.com
- 2.0.10 release
- Fixed compiler warnings in kacpimon. (kacpimon/libnetlink.c)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/Makefile new/acpid-2.0.13/Makefile
--- old/acpid-2.0.10/Makefile 2011-04-27 01:56:59.000000000 +0200
+++ new/acpid-2.0.13/Makefile 2011-10-18 01:12:24.000000000 +0200
@@ -1,7 +1,7 @@
# Makefile for ACPI daemon
# update these numbers for new releases
-VERSION = 2.0.10
+VERSION = 2.0.13
OPT = -O2
@@ -18,10 +18,10 @@
PROGS = $(SBIN_PROGS) $(BIN_PROGS)
acpid_SRCS = acpid.c acpi_ids.c connection_list.c event.c input_layer.c \
- inotify_handler.c libnetlink.c netlink.c proc.c sock.c ud_socket.c
+ inotify_handler.c libnetlink.c log.c netlink.c proc.c sock.c ud_socket.c
acpid_OBJS = $(acpid_SRCS:.c=.o)
-acpi_listen_SRCS = acpi_listen.c ud_socket.c
+acpi_listen_SRCS = acpi_listen.c log.c ud_socket.c
acpi_listen_OBJS = $(acpi_listen_SRCS:.c=.o)
all_SRCS = $(acpid_SRCS) $(acpi_listen_SRCS)
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/TESTPLAN new/acpid-2.0.13/TESTPLAN
--- old/acpid-2.0.10/TESTPLAN 2011-05-02 23:54:40.000000000 +0200
+++ new/acpid-2.0.13/TESTPLAN 2011-06-23 18:56:33.000000000 +0200
@@ -6,7 +6,7 @@
- It's best to test without a window manager running (such as GNOME or KDE) as they tend to handle acpi events on their own and override acpid. To bring down X on a system that is configured with a graphical login, there's usually an "init" script you can run. As an example, with Debian/GNOME, log off of your X/GNOME session, switch to another tty (e.g. Alt-Ctrl-F1), login, and do this:
sudo /etc/init.d/gdm stop
It's different if you are using upstart:
- sudo initctl gdm stop
+ sudo initctl stop gdm
And systemd requires a different incantation:
[anyone care to enlighten me?]
Now X is out of the way and you can test from the console.
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/acpid.c new/acpid-2.0.13/acpid.c
--- old/acpid-2.0.10/acpid.c 2011-05-07 03:32:07.000000000 +0200
+++ new/acpid-2.0.13/acpid.c 2011-10-18 01:06:54.000000000 +0200
@@ -30,9 +30,9 @@
#include
#include
#include
-#include
#include "acpid.h"
+#include "log.h"
#include "event.h"
#include "connection_list.h"
#include "proc.h"
@@ -254,6 +254,7 @@
case 'd':
foreground = 1;
acpid_debug++;
+ log_debug_to_stderr = 1;
break;
case 'e':
eventfile = optarg;
@@ -469,33 +470,6 @@
}
int
-#ifdef __GNUC__
-__attribute__((format(printf, 2, 3)))
-#endif
-acpid_log(int level, const char *fmt, ...)
-{
- va_list args;
-
- if (level == LOG_DEBUG) {
- /* if "-d" has been specified */
- if (acpid_debug) {
- /* send debug output to stderr */
- va_start(args, fmt);
- vfprintf(stderr, fmt, args);
- va_end(args);
-
- fprintf(stderr, "\n");
- }
- } else {
- va_start(args, fmt);
- vsyslog(level, fmt, args);
- va_end(args);
- }
-
- return 0;
-}
-
-int
locked()
{
struct stat trash;
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/acpid.h new/acpid-2.0.13/acpid.h
--- old/acpid-2.0.10/acpid.h 2010-11-09 22:55:19.000000000 +0100
+++ new/acpid-2.0.13/acpid.h 2011-10-18 01:06:34.000000000 +0200
@@ -23,8 +23,6 @@
#ifndef ACPID_H__
#define ACPID_H__
-#include
-
#define ACPI_PROCDIR "/proc/acpi"
#define ACPID_EVENTFILE ACPI_PROCDIR "/event"
#define ACPID_CONFDIR "/etc/acpi/events"
@@ -48,8 +46,6 @@
extern int logevents;
extern const char *progname;
-extern int acpid_log(int level, const char *fmt, ...);
-
extern int locked();
extern void clean_exit_with_status(int status);
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/connection_list.c new/acpid-2.0.13/connection_list.c
--- old/acpid-2.0.10/connection_list.c 2011-03-12 17:13:07.000000000 +0100
+++ new/acpid-2.0.13/connection_list.c 2011-10-18 00:26:23.000000000 +0200
@@ -24,6 +24,7 @@
#include
#include "acpid.h"
+#include "log.h"
#include "connection_list.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/event.c new/acpid-2.0.13/event.c
--- old/acpid-2.0.10/event.c 2011-03-12 17:18:09.000000000 +0100
+++ new/acpid-2.0.13/event.c 2011-10-18 00:27:21.000000000 +0200
@@ -36,6 +36,7 @@
#include
#include "acpid.h"
+#include "log.h"
#include "sock.h"
#include "ud_socket.h"
@@ -641,10 +642,11 @@
if (acpid_debug && logevents) {
fprintf(stdout, "BEGIN HANDLER MESSAGES\n");
}
+ umask(0077);
execl("/bin/sh", "/bin/sh", "-c", action, NULL);
/* should not get here */
acpid_log(LOG_ERR, "execl(): %s", strerror(errno));
- exit(EXIT_FAILURE);
+ _exit(EXIT_FAILURE);
}
/* parent */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/inotify_handler.c new/acpid-2.0.13/inotify_handler.c
--- old/acpid-2.0.10/inotify_handler.c 2011-03-12 17:20:42.000000000 +0100
+++ new/acpid-2.0.13/inotify_handler.c 2011-10-18 00:26:51.000000000 +0200
@@ -33,6 +33,7 @@
/* local */
#include "acpid.h"
+#include "log.h"
#include "connection_list.h"
#include "input_layer.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/input_layer.c new/acpid-2.0.13/input_layer.c
--- old/acpid-2.0.10/input_layer.c 2011-03-12 17:22:34.000000000 +0100
+++ new/acpid-2.0.13/input_layer.c 2011-10-18 00:28:19.000000000 +0200
@@ -39,6 +39,7 @@
/* local */
#include "acpid.h"
+#include "log.h"
#include "connection_list.h"
#include "event.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/libnetlink.c new/acpid-2.0.13/libnetlink.c
--- old/acpid-2.0.10/libnetlink.c 2011-02-13 23:09:10.000000000 +0100
+++ new/acpid-2.0.13/libnetlink.c 2011-10-18 00:57:31.000000000 +0200
@@ -15,7 +15,6 @@
#include
#include
#include
-#include
#include
#include
#include
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/libnetlink.h new/acpid-2.0.13/libnetlink.h
--- old/acpid-2.0.10/libnetlink.h 2009-04-29 16:37:13.000000000 +0200
+++ new/acpid-2.0.13/libnetlink.h 2011-10-18 01:07:50.000000000 +0200
@@ -2,7 +2,7 @@
#define __LIBNETLINK_H__ 1
#include
-// needed by netlink.h, should be in there
+/* needed by netlink.h, should be in there */
#include
#include
#include
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/log.c new/acpid-2.0.13/log.c
--- old/acpid-2.0.10/log.c 1970-01-01 01:00:00.000000000 +0100
+++ new/acpid-2.0.13/log.c 2011-10-18 00:52:32.000000000 +0200
@@ -0,0 +1,56 @@
+/*
+ * log.c - ACPI daemon logging
+ *
+ * Portions Copyright (C) 2000 Andrew Henroid
+ * Portions Copyright (C) 2001 Sun Microsystems
+ * Portions Copyright (C) 2004 Tim Hockin (thockin@hockin.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#include
+#include
+#include
+
+#include "log.h"
+
+int log_debug_to_stderr = 0;
+
+int
+#ifdef __GNUC__
+__attribute__((format(printf, 2, 3)))
+#endif
+acpid_log(int level, const char *fmt, ...)
+{
+ va_list args;
+
+ if (level == LOG_DEBUG) {
+ /* if "-d" has been specified */
+ if (log_debug_to_stderr) {
+ /* send debug output to stderr */
+ va_start(args, fmt);
+ vfprintf(stderr, fmt, args);
+ va_end(args);
+
+ fprintf(stderr, "\n");
+ }
+ } else {
+ va_start(args, fmt);
+ vsyslog(level, fmt, args);
+ va_end(args);
+ }
+
+ return 0;
+}
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/log.h new/acpid-2.0.13/log.h
--- old/acpid-2.0.10/log.h 1970-01-01 01:00:00.000000000 +0100
+++ new/acpid-2.0.13/log.h 2011-10-18 00:56:24.000000000 +0200
@@ -0,0 +1,37 @@
+/*
+ * log.h - ACPI daemon logging
+ *
+ * Copyright (C) 1999-2000 Andrew Henroid
+ * Copyright (C) 2001 Sun Microsystems
+ * Portions Copyright (C) 2004 Tim Hockin (thockin@hockin.org)
+ *
+ * This program is free software; you can redistribute it and/or modify
+ * it under the terms of the GNU General Public License as published by
+ * the Free Software Foundation; either version 2 of the License, or
+ * (at your option) any later version.
+ *
+ * This program is distributed in the hope that it will be useful,
+ * but WITHOUT ANY WARRANTY; without even the implied warranty of
+ * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
+ * GNU General Public License for more details.
+ *
+ * You should have received a copy of the GNU General Public License
+ * along with this program; if not, write to the Free Software
+ * Foundation, Inc., 59 Temple Place, Suite 330, Boston, MA 02111-1307 USA
+ */
+
+#ifndef LOG_H__
+#define LOG_H__
+
+/* for LOG_ERR, LOG_DEBUG, LOG_INFO, etc... */
+#include
+
+/*
+ * Set to 1 to send LOG_DEBUG logging to stderr, zero to ignore LOG_DEBUG
+ * logging. Default is zero.
+ */
+extern int log_debug_to_stderr;
+
+extern int acpid_log(int level, const char *fmt, ...);
+
+#endif /* LOG_H__ */
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/netlink.c new/acpid-2.0.13/netlink.c
--- old/acpid-2.0.10/netlink.c 2011-03-12 17:24:24.000000000 +0100
+++ new/acpid-2.0.13/netlink.c 2011-10-18 00:29:43.000000000 +0200
@@ -35,6 +35,7 @@
/* local */
#include "acpid.h"
+#include "log.h"
#include "event.h"
#include "libnetlink.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/proc.c new/acpid-2.0.13/proc.c
--- old/acpid-2.0.10/proc.c 2011-03-12 17:25:40.000000000 +0100
+++ new/acpid-2.0.13/proc.c 2011-10-18 00:27:39.000000000 +0200
@@ -28,6 +28,7 @@
#include
#include "acpid.h"
+#include "log.h"
#include "event.h"
#include "connection_list.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/sock.c new/acpid-2.0.13/sock.c
--- old/acpid-2.0.10/sock.c 2011-05-02 23:45:11.000000000 +0200
+++ new/acpid-2.0.13/sock.c 2011-10-18 00:27:54.000000000 +0200
@@ -30,6 +30,7 @@
#include
#include "acpid.h"
+#include "log.h"
#include "event.h"
#include "ud_socket.h"
#include "connection_list.h"
diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/acpid-2.0.10/ud_socket.c new/acpid-2.0.13/ud_socket.c
--- old/acpid-2.0.10/ud_socket.c 2009-04-29 16:36:27.000000000 +0200
+++ new/acpid-2.0.13/ud_socket.c 2011-10-18 01:47:16.000000000 +0200
@@ -15,6 +15,7 @@
#include
#include "acpid.h"
+#include "log.h"
#include "ud_socket.h"
int
@@ -24,7 +25,16 @@
int r;
struct sockaddr_un uds_addr;
- /* JIC */
+ if (strnlen(name, sizeof(uds_addr.sun_path)) >
+ sizeof(uds_addr.sun_path) - 1) {
+ acpid_log(LOG_ERR, "ud_create_socket(): "
+ "socket filename longer than %u characters: %s",
+ sizeof(uds_addr.sun_path) - 1, name);
+ errno = EINVAL;
+ return -1;
+ }
+
+ /* JIC */
unlink(name);
fd = socket(AF_UNIX, SOCK_STREAM, 0);
@@ -35,7 +45,7 @@
/* setup address struct */
memset(&uds_addr, 0, sizeof(uds_addr));
uds_addr.sun_family = AF_UNIX;
- strcpy(uds_addr.sun_path, name);
+ strncpy(uds_addr.sun_path, name, sizeof(uds_addr.sun_path) - 1);
/* bind it to the socket */
r = bind(fd, (struct sockaddr *)&uds_addr, sizeof(uds_addr));
@@ -85,6 +95,14 @@
int r;
struct sockaddr_un addr;
+ if (strnlen(name, sizeof(addr.sun_path)) > sizeof(addr.sun_path) - 1) {
+ acpid_log(LOG_ERR, "ud_connect(): "
+ "socket filename longer than %u characters: %s",
+ sizeof(addr.sun_path) - 1, name);
+ errno = EINVAL;
+ return -1;
+ }
+
fd = socket(AF_UNIX, SOCK_STREAM, 0);
if (fd < 0) {
return fd;
@@ -93,6 +111,8 @@
memset(&addr, 0, sizeof(addr));
addr.sun_family = AF_UNIX;
sprintf(addr.sun_path, "%s", name);
+ /* safer: */
+ /*strncpy(addr.sun_path, name, sizeof(addr.sun_path) - 1);*/
r = connect(fd, (struct sockaddr *)&addr, sizeof(addr));
if (r < 0) {
--
To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org
For additional commands, e-mail: opensuse-commit+help@opensuse.org