1 files changed, 0 insertions, 69 deletions
diff --git a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch b/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch
deleted file mode 100644
index 5ecb9c32de..0000000000
--- a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch
+++ /dev/null
@@ -1,69 +0,0 @@
-Subject: Fix CVE-2016-7795
-This undoes 531ac2b. I acked that patch without looking at the code
-carefully enough. There are two problems:
- we want to process the fds anyway
- in principle empty notification messages are valid, and we should
-  process them as usual, including logging using log_unit_debug().
-Upstream-Status: Backport
-CVE: CVE-2016-7795
-Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
---
- src/core/manager.c | 11 ++++++-----
- 1 file changed, 6 insertions(+), 5 deletions(-)
-diff --git a/src/core/manager.c b/src/core/manager.c
-index 7838f56..f165d08e 100644
--- a/src/core/manager.c
-+++ b/src/core/manager.c
-@@ -1589,13 +1589,12 @@ static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, ui
-         return 0;
- }
- 
-static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, size_t n, FDSet *fds) {
-+static void manager_invoke_notify_message(Manager *m, Unit *u, pid_t pid, const char *buf, FDSet *fds) {
-         _cleanup_strv_free_ char **tags = NULL;
- 
-         assert(m);
-         assert(u);
-         assert(buf);
-        assert(n > 0);
- 
-         tags = strv_split(buf, "\n\r");
-         if (!tags) {
-@@ -1688,25 +1687,27 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
-                 return 0;
-         }
- 
-+        /* The message should be a string. Here we make sure it's NUL-terminated,
-+         * but only the part until first NUL will be used anyway. */
-         buf[n] = 0;
- 
-         /* Notify every unit that might be interested, but try
-          * to avoid notifying the same one multiple times. */
-         u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
-         if (u1) {
-                manager_invoke_notify_message(m, u1, ucred->pid, buf, n, fds);
-+                manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
-                 found = true;
-         }
- 
-         u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
-         if (u2 && u2 != u1) {
-                manager_invoke_notify_message(m, u2, ucred->pid, buf, n, fds);
-+                manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
-                 found = true;
-         }
- 
-         u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
-         if (u3 && u3 != u2 && u3 != u1) {
-                manager_invoke_notify_message(m, u3, ucred->pid, buf, n, fds);
-+                manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
-                 found = true;
-         }
- 
-- 
-2.8.3

diff --git a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch b/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch deleted file mode 100644 index 5ecb9c32de..0000000000 --- a/meta/recipes-core/systemd/systemd/CVE-2016-7795.patch +++ /dev/null
@@ -1,69 +0,0 @@
1	Subject: Fix CVE-2016-7795
2
3	This undoes 531ac2b. I acked that patch without looking at the code
4	carefully enough. There are two problems:
5	- we want to process the fds anyway
6	- in principle empty notification messages are valid, and we should
7	process them as usual, including logging using log_unit_debug().
8
9	Upstream-Status: Backport
10	CVE: CVE-2016-7795
11
12	Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
13	---
14	src/core/manager.c \| 11 ++++++-----
15	1 file changed, 6 insertions(+), 5 deletions(-)
16
17	diff --git a/src/core/manager.c b/src/core/manager.c
18	index 7838f56..f165d08e 100644
19	--- a/src/core/manager.c
20	+++ b/src/core/manager.c
21	@@ -1589,13 +1589,12 @@ static int manager_dispatch_cgroups_agent_fd(sd_event_source *source, int fd, ui
22	return 0;
23	}
24
25	-static void manager_invoke_notify_message(Manager m, Unit u, pid_t pid, const char buf, size_t n, FDSet fds) {
26	+static void manager_invoke_notify_message(Manager m, Unit u, pid_t pid, const char buf, FDSet fds) {
27	_cleanup_strv_free_ char **tags = NULL;
28
29	assert(m);
30	assert(u);
31	assert(buf);
32	- assert(n > 0);
33
34	tags = strv_split(buf, "\n\r");
35	if (!tags) {
36	@@ -1688,25 +1687,27 @@ static int manager_dispatch_notify_fd(sd_event_source *source, int fd, uint32_t
37	return 0;
38	}
39
40	+ /* The message should be a string. Here we make sure it's NUL-terminated,
41	+ * but only the part until first NUL will be used anyway. */
42	buf[n] = 0;
43
44	/* Notify every unit that might be interested, but try
45	* to avoid notifying the same one multiple times. */
46	u1 = manager_get_unit_by_pid_cgroup(m, ucred->pid);
47	if (u1) {
48	- manager_invoke_notify_message(m, u1, ucred->pid, buf, n, fds);
49	+ manager_invoke_notify_message(m, u1, ucred->pid, buf, fds);
50	found = true;
51	}
52
53	u2 = hashmap_get(m->watch_pids1, PID_TO_PTR(ucred->pid));
54	if (u2 && u2 != u1) {
55	- manager_invoke_notify_message(m, u2, ucred->pid, buf, n, fds);
56	+ manager_invoke_notify_message(m, u2, ucred->pid, buf, fds);
57	found = true;
58	}
59
60	u3 = hashmap_get(m->watch_pids2, PID_TO_PTR(ucred->pid));
61	if (u3 && u3 != u2 && u3 != u1) {
62	- manager_invoke_notify_message(m, u3, ucred->pid, buf, n, fds);
63	+ manager_invoke_notify_message(m, u3, ucred->pid, buf, fds);
64	found = true;
65	}
66
67	--
68	2.8.3
69