Script 'mail_helper' called by obssrc
Hello community,
here is the log from the commit of package fcitx for openSUSE:Factory checked
in at 2023-08-30 10:17:58
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Comparing /work/SRC/openSUSE:Factory/fcitx (Old)
and /work/SRC/openSUSE:Factory/.fcitx.new.1766 (New)
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "fcitx"
Wed Aug 30 10:17:58 2023 rev:69 rq:1105876 version:4.2.9.9
Changes:
--------
--- /work/SRC/openSUSE:Factory/fcitx/fcitx.changes 2022-08-20
20:28:02.197248416 +0200
+++ /work/SRC/openSUSE:Factory/.fcitx.new.1766/fcitx.changes 2023-08-30
10:19:15.341519225 +0200
@@ -1,0 +2,7 @@
+Thu Aug 24 09:38:18 UTC 2023 - Matthias Gerstner <matthias.gerst...@suse.com>
+
+- add remote-module-use-safe-directory-for-socket-API-sock.patch: use a safe
+ directory for the fcitx-socket:%d API socket currently placed in /tmp. This
+ avoids a possible local denial of service issue (bsc#1213331).
+
+-------------------------------------------------------------------
New:
----
remote-module-use-safe-directory-for-socket-API-sock.patch
++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Other differences:
------------------
++++++ fcitx.spec ++++++
--- /var/tmp/diff_new_pack.YwTxCE/_old 2023-08-30 10:19:17.757605448 +0200
+++ /var/tmp/diff_new_pack.YwTxCE/_new 2023-08-30 10:19:17.765605734 +0200
@@ -1,7 +1,7 @@
#
# spec file for package fcitx
#
-# Copyright (c) 2022 SUSE LLC
+# Copyright (c) 2023 SUSE LLC
#
# All modifications and additions to the file contributed by third parties
# remain the property of their copyright owners, unless otherwise agreed
@@ -40,6 +40,7 @@
Patch2: fcitx-autostart-check-INPUT_METHOD.patch
# PATCH-FIX-OPENSUSE downgrade cmake requirement to 3.1 again
Patch3: fcitx-cmake-3.1.patch
+Patch4: remote-module-use-safe-directory-for-socket-API-sock.patch
BuildRequires: cairo-devel
BuildRequires: cmake
BuildRequires: dbus-1-devel
@@ -337,6 +338,7 @@
%setup -q
%patch2 -p1
%patch3 -p1
+%patch4 -p1
%build
mkdir build
++++++ remote-module-use-safe-directory-for-socket-API-sock.patch ++++++
>From 27208dc130124d650c94c3579bd7eea072f90d3b Mon Sep 17 00:00:00 2001
From: Matthias Gerstner <matthias.gerst...@suse.de>
Date: Thu, 24 Aug 2023 11:12:25 +0200
Subject: [PATCH] remote module: use safe directory for socket API socket
Placing this into /tmp opens a local DoS attack vector, allowing other
uses to pre-create this path and thereby making it impossible for fctx
to start.
Use a safe directory in $XDG_RUNTIME_DIR or $HOME, instead.
---
src/module/remote/remote.c | 7 +++++--
src/module/remote/remote.h | 31 +++++++++++++++++++++++++++++++
tools/cli/fcitx-remote.c | 4 ++--
3 files changed, 38 insertions(+), 4 deletions(-)
create mode 100644 src/module/remote/remote.h
diff --git a/src/module/remote/remote.c b/src/module/remote/remote.c
index eda44972..486b405b 100644
--- a/src/module/remote/remote.c
+++ b/src/module/remote/remote.c
@@ -36,6 +36,7 @@
#include "fcitx/frontend.h"
#include "fcitx/instance.h"
#include "fcitx-utils/utils.h"
+#include "module/remote/remote.h"
#define MAX_IMNAME_LEN 30
@@ -63,8 +64,10 @@ void* RemoteCreate(FcitxInstance* instance)
FcitxRemote* remote = fcitx_utils_malloc0(sizeof(FcitxRemote));
remote->owner = instance;
- char *socketfile;
- asprintf(&socketfile, "/tmp/fcitx-socket-:%d",
fcitx_utils_get_display_number());
+ const char *socketfile =
GetRemoteSocketPath(fcitx_utils_get_display_number());
+ if (!socketfile)
+ return NULL;
+
remote->socket_fd = CreateSocket(socketfile);
if (remote->socket_fd < 0) {
FcitxLog(ERROR, _("Can't open socket %s: %s"), socketfile,
strerror(errno));
diff --git a/src/module/remote/remote.h b/src/module/remote/remote.h
new file mode 100644
index 00000000..ee52c980
--- /dev/null
+++ b/src/module/remote/remote.h
@@ -0,0 +1,31 @@
+#include <stdlib.h>
+
+// returns a safe path name for a socket to use in the remote module and
+// remote utility.
+// if no safe directory can be determined this returns NULL and no remote
+// socket must be setup
+// otherwise a malloc'd string is returned that needs to be free()'d by the
+// caller when it isn't needed any longer.
+static inline const char* GetRemoteSocketPath(int display_nr)
+{
+ const char *hidden = "";
+ const char *dir = getenv("XDG_RUNTIME_DIR");
+ if (!dir) {
+ dir = getenv("HOME");
+ // if it is placed in the home directory then add a "." prefix to the
+ // basename to make it hidden
+ hidden = ".";
+ }
+ if (!dir) {
+ // no safe directory found
+ return NULL;
+ }
+
+ char *path = NULL;
+
+ if (asprintf(&path, "%s/%sfcitx-socket-:%d", dir, hidden,
fcitx_utils_get_display_number()) < 0)
+ // formatting error
+ return NULL;
+
+ return path;
+}
diff --git a/tools/cli/fcitx-remote.c b/tools/cli/fcitx-remote.c
index 5e06ea76..80677100 100644
--- a/tools/cli/fcitx-remote.c
+++ b/tools/cli/fcitx-remote.c
@@ -36,6 +36,7 @@
#include <limits.h>
#include "fcitx/frontend.h"
#include "fcitx-utils/utils.h"
+#include "module/remote/remote.h"
int create_socket(const char *name)
{
@@ -82,7 +83,6 @@ void usage(FILE* fp)
int main(int argc, char *argv[])
{
- char *socketfile = NULL;
int socket_fd;
int o = 0;
@@ -124,7 +124,7 @@ int main(int argc, char *argv[])
}
}
- asprintf(&socketfile, "/tmp/fcitx-socket-:%d",
fcitx_utils_get_display_number());
+ const char *socketfile =
GetRemoteSocketPath(fcitx_utils_get_display_number());
socket_fd = create_socket(socketfile);
--
2.41.0
