Hello community, here is the log from the commit of package mokutil for openSUSE:Factory checked in at 2014-04-17 14:11:46 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/mokutil (Old) and /work/SRC/openSUSE:Factory/.mokutil.new (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Package is "mokutil" Changes: -------- --- /work/SRC/openSUSE:Factory/mokutil/mokutil.changes 2014-04-11 13:39:59.000000000 +0200 +++ /work/SRC/openSUSE:Factory/.mokutil.new/mokutil.changes 2014-04-17 14:11:47.000000000 +0200 @@ -1,0 +2,6 @@ +Wed Apr 16 04:11:50 UTC 2014 - glin@suse.com + +- Add mokutil-fix-hash-file-read.patch to fix the error handling of + reading a hash file + +------------------------------------------------------------------- New: ---- mokutil-fix-hash-file-read.patch ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ mokutil.spec ++++++ --- /var/tmp/diff_new_pack.D4MO4l/_old 2014-04-17 14:11:48.000000000 +0200 +++ /var/tmp/diff_new_pack.D4MO4l/_new 2014-04-17 14:11:48.000000000 +0200 @@ -40,6 +40,8 @@ Patch7: mokutil-check-corrupted-key-list.patch # PATCH-FIX-UPSTREAM mokutil-no-invalid-x509.patch glin@suse.com -- Don't import an invalid x509 certificate Patch8: mokutil-no-invalid-x509.patch +# PATCH-FIX-UPSTREAM mokutil-fix-hash-file-read.patch glin@suse.com -- Fix the error handling of reading a hash file +Patch9: mokutil-fix-hash-file-read.patch # PATCH-FIX-OPENSUSE mokutil-support-revoke-builtin-cert.patch glin@suse.com -- Add an option to revoke the built-in certificate Patch100: mokutil-support-revoke-builtin-cert.patch BuildRequires: autoconf @@ -69,6 +71,7 @@ %patch6 -p1 %patch7 -p1 %patch8 -p1 +%patch9 -p1 %patch100 -p1 %build ++++++ mokutil-fix-hash-file-read.patch ++++++

From 59fb1efb45cc59bfc7a30ade20ef9900c13ec711 Mon Sep 17 00:00:00 2001 From: Gary Ching-Pang Lin <glin@suse.com> Date: Fri, 11 Apr 2014 11:37:31 +0800 Subject: [PATCH] Fix error handling of reading password hash file

Signed-off-by: Gary Ching-Pang Lin <glin@suse.com> --- src/mokutil.c | 20 ++++++++++++-------- 1 file changed, 12 insertions(+), 8 deletions(-) diff --git a/src/mokutil.c b/src/mokutil.c index cdb5739..d9b657b 100644 --- a/src/mokutil.c +++ b/src/mokutil.c @@ -87,6 +87,7 @@ EFI_GUID (0x605dab50, 0xe046, 0x4300, 0xab, 0xb6, 0x3d, 0xd8, 0x10, 0xdd, 0x8b, #define DEFAULT_CRYPT_METHOD SHA512_BASED #define DEFAULT_SALT_SIZE SHA512_SALT_MAX #define SETTINGS_LEN (DEFAULT_SALT_SIZE*2) +#define BUF_SIZE 300 static int use_simple_hash; @@ -779,7 +780,7 @@ generate_hash (pw_crypt_t *pw_crypt, char *password, int pw_len) static int get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) { - char string[300]; + char string[BUF_SIZE]; ssize_t read_len = 0; int fd; @@ -789,22 +790,25 @@ get_hash_from_file (const char *file, pw_crypt_t *pw_crypt) return -1; } - while (read_len < 300) { - int rc = read (fd, string + read_len, 300 - read_len); - if (rc == EAGAIN) - continue; + bzero (string, BUF_SIZE); + + while (read_len < BUF_SIZE) { + ssize_t rc = read (fd, string + read_len, BUF_SIZE - read_len); if (rc < 0) { + if (errno == EINTR || errno == EAGAIN) + continue; + fprintf (stderr, "Failed to read %s: %m\n", file); close (fd); return -1; - } - if (rc == 0) + } else if (rc == 0) { break; + } read_len += rc; } close (fd); - if (string[read_len-1] != '\0') { + if (string[read_len] != '\0') { fprintf (stderr, "corrupted string\n"); return -1; } -- 1.8.4.5 -- To unsubscribe, e-mail: opensuse-commit+unsubscribe@opensuse.org For additional commands, e-mail: opensuse-commit+help@opensuse.org