Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package conmon for openSUSE:Factory checked in at 2023-12-18 22:55:24 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/conmon (Old) and /work/SRC/openSUSE:Factory/.conmon.new.9037 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "conmon" Mon Dec 18 22:55:24 2023 rev:33 rq:1133812 version:2.1.9 Changes: -------- --- /work/SRC/openSUSE:Factory/conmon/conmon.changes 2023-10-01 21:21:53.983762793 +0200 +++ /work/SRC/openSUSE:Factory/.conmon.new.9037/conmon.changes 2023-12-18 22:55:25.922488818 +0100 @@ -1,0 +2,22 @@ +Mon Dec 18 09:02:52 UTC 2023 - Dan Äermák <dcer...@suse.com> + +- Add fix-incorrect-free-in-conn_sock.patch + This fixes a regression in 2.1.9 + (https://github.com/containers/conmon/issues/475 and + https://github.com/containers/conmon/issues/477) + +------------------------------------------------------------------- +Fri Dec 15 09:54:35 UTC 2023 - Dan Äermák <dcer...@suse.com> + +- New upstream release 2.1.9 + + ### Bug fixes + * fix some issues flagged by SAST scan + * src: fix write after end of buffer + * src: open all files with O_CLOEXEC + * oom-score: restore oom score before running exit command + ### Features + * Forward more messages on the sd-notify socket + * logging: -l passthrough accepts TTYs + +------------------------------------------------------------------- Old: ---- conmon-2.1.8.tar.xz New: ---- conmon-2.1.9.tar.xz fix-incorrect-free-in-conn_sock.patch BETA DEBUG BEGIN: New: - Add fix-incorrect-free-in-conn_sock.patch This fixes a regression in 2.1.9 BETA DEBUG END: ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ conmon.spec ++++++ --- /var/tmp/diff_new_pack.D2oANB/_old 2023-12-18 22:55:27.074531008 +0100 +++ /var/tmp/diff_new_pack.D2oANB/_new 2023-12-18 22:55:27.074531008 +0100 @@ -17,13 +17,14 @@ Name: conmon -Version: 2.1.8 +Version: 2.1.9 Release: 0 Summary: An OCI container runtime monitor License: Apache-2.0 Group: System/Management URL: https://github.com/containers/conmon Source0: %{name}-%{version}.tar.xz +Patch0: https://github.com/containers/conmon/pull/476.patch#./fix-incorrect-free-in-conn_sock.patch BuildRequires: pkgconfig BuildRequires: golang(API) >= 1.20 BuildRequires: pkgconfig(glib-2.0) ++++++ _service ++++++ --- /var/tmp/diff_new_pack.D2oANB/_old 2023-12-18 22:55:27.106532181 +0100 +++ /var/tmp/diff_new_pack.D2oANB/_new 2023-12-18 22:55:27.106532181 +0100 @@ -1,17 +1,17 @@ <services> -<service name="tar_scm" mode="disabled"> +<service name="tar_scm" mode="manual"> <param name="url">https://github.com/containers/conmon</param> <param name="scm">git</param> <param name="versionformat">@PARENT_TAG@</param> <param name="versionrewrite-pattern">[v]?([^\+]+)(.*)</param> -<param name="revision">v2.1.8</param> +<param name="revision">v2.1.9</param> <param name="changesgenerate">disable</param> </service> -<service name="recompress" mode="disabled"> +<service name="recompress" mode="manual"> <param name="file">conmon-*.tar</param> <param name="compression">xz</param> </service> -<service name="set_version" mode="disabled"> +<service name="set_version" mode="manual"> <param name="basename">conmon</param> </service> </services> ++++++ conmon-2.1.8.tar.xz -> conmon-2.1.9.tar.xz ++++++ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/.cirrus.yml new/conmon-2.1.9/.cirrus.yml --- old/conmon-2.1.8/.cirrus.yml 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/.cirrus.yml 2023-12-14 13:24:13.000000000 +0100 @@ -20,11 +20,11 @@ #### #### Cache-image names to test with (double-quotes around names are critical) #### - FEDORA_NAME: "fedora-38" - PRIOR_FEDORA_NAME: "fedora-37" + FEDORA_NAME: "fedora-39Ã" + PRIOR_FEDORA_NAME: "fedora-38" # VM Image built in containers/automation_images - IMAGE_SUFFIX: "c20230809t143240z-f38f37d13" + IMAGE_SUFFIX: "c20231004t194547z-f39f38d13" FEDORA_CACHE_IMAGE_NAME: "fedora-${IMAGE_SUFFIX}" # Container FQIN's diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/.github/workflows/integration.yml new/conmon-2.1.9/.github/workflows/integration.yml --- old/conmon-2.1.8/.github/workflows/integration.yml 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/.github/workflows/integration.yml 2023-12-14 13:24:13.000000000 +0100 @@ -47,7 +47,7 @@ run: | cd $(go env GOPATH)/src/github.com/cri-o/cri-o make all test-binaries - # skip seccomp tests because they have permission denied issues in a container - sudo -E test/test_runner.sh $(ls test/ | grep bats | grep -v seccomp) + # skip seccomp tests because they have permission denied issues in a container and accept signed image as they don't use conmon + sudo -E test/test_runner.sh $(ls test/ | grep bats | grep -E -v seccomp\|image\|policy) env: JOBS: '2' diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/README.md new/conmon-2.1.9/README.md --- old/conmon-2.1.8/README.md 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/README.md 2023-12-14 13:24:13.000000000 +0100 @@ -91,7 +91,7 @@ It is possible to build a statically linked binary of conmon by using the officially provided -[nix](https://nixos.org/nixos/packages.html?attr=conmon&channel=nixpkgs-unstable&query=conmon) +[nix](https://nixos.org/nixos/packages.html?attr=conmon&channel=unstable&query=conmon) package and the derivation of it [within this repository](nix/). The builds are completely reproducible and will create a x86\_64/amd64 stripped ELF binary for [glibc](https://www.gnu.org/software/libc). diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/VERSION new/conmon-2.1.9/VERSION --- old/conmon-2.1.8/VERSION 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/VERSION 2023-12-14 13:24:13.000000000 +0100 @@ -1 +1 @@ -2.1.8 +2.1.9 diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/go.mod new/conmon-2.1.9/go.mod --- old/conmon-2.1.8/go.mod 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/go.mod 2023-12-14 13:24:13.000000000 +0100 @@ -6,11 +6,11 @@ github.com/containers/podman/v4 v4.5.0 github.com/containers/storage v1.48.0 github.com/coreos/go-systemd/v22 v22.5.0 - github.com/onsi/ginkgo/v2 v2.11.0 - github.com/onsi/gomega v1.27.8 + github.com/onsi/ginkgo/v2 v2.12.0 + github.com/onsi/gomega v1.27.10 github.com/opencontainers/runtime-tools v0.9.1-0.20230317050512-e931285f4b69 github.com/pkg/errors v0.9.1 - golang.org/x/sys v0.9.0 + golang.org/x/sys v0.11.0 ) require ( @@ -35,9 +35,9 @@ github.com/sirupsen/logrus v1.9.3 // indirect github.com/syndtr/gocapability v0.0.0-20200815063812-42c35b437635 // indirect golang.org/x/exp v0.0.0-20230321023759-10a507213a29 // indirect - golang.org/x/net v0.10.0 // indirect - golang.org/x/text v0.9.0 // indirect - golang.org/x/tools v0.9.3 // indirect + golang.org/x/net v0.14.0 // indirect + golang.org/x/text v0.12.0 // indirect + golang.org/x/tools v0.12.0 // indirect gopkg.in/check.v1 v1.0.0-20200227125254-8fa46927fb4f // indirect gopkg.in/yaml.v3 v3.0.1 // indirect ) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/go.sum new/conmon-2.1.9/go.sum --- old/conmon-2.1.8/go.sum 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/go.sum 2023-12-14 13:24:13.000000000 +0100 @@ -79,10 +79,10 @@ github.com/modern-go/reflect2 v1.0.2 h1:xBagoLtFs94CBntxluKeaWgTMpvLxC4ur3nMaC9Gz0M= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e h1:fD57ERR4JtEqsWbfPhv4DMiApHyliiK5xCTNVSPiaAs= github.com/niemeyer/pretty v0.0.0-20200227124842-a10e7caefd8e/go.mod h1:zD1mROLANZcx1PVRCS0qkT7pwLkGfwJo4zjcN/Tysno= -github.com/onsi/ginkgo/v2 v2.11.0 h1:WgqUCUt/lT6yXoQ8Wef0fsNn5cAuMK7+KT9UFRz2tcU= -github.com/onsi/ginkgo/v2 v2.11.0/go.mod h1:ZhrRA5XmEE3x3rhlzamx/JJvujdZoJ2uvgI7kR0iZvM= -github.com/onsi/gomega v1.27.8 h1:gegWiwZjBsf2DgiSbf5hpokZ98JVDMcWkUiigk6/KXc= -github.com/onsi/gomega v1.27.8/go.mod h1:2J8vzI/s+2shY9XHRApDkdgPo1TKT7P2u6fXeJKFnNQ= +github.com/onsi/ginkgo/v2 v2.12.0 h1:UIVDowFPwpg6yMUpPjGkYvf06K3RAiJXUhCxEwQVHRI= +github.com/onsi/ginkgo/v2 v2.12.0/go.mod h1:ZNEzXISYlqpb8S36iN71ifqLi3vVD1rVJGvWRCJOUpQ= +github.com/onsi/gomega v1.27.10 h1:naR28SdDFlqrG6kScpT8VWpu1xWY5nJRCF3XaYyBjhI= +github.com/onsi/gomega v1.27.10/go.mod h1:RsS8tutOdbdgzbPtzzATp12yT7kM5I5aElG3evPbQ0M= github.com/opencontainers/go-digest v1.0.0 h1:apOUWs51W5PlhuyGyz9FCeeBIOUDA/6nW8Oi/yOhh5U= github.com/opencontainers/go-digest v1.0.0/go.mod h1:0JzlMkj0TRzQZfJkVvzbP0HBR3IKzErnv2BNG4W4MAM= github.com/opencontainers/image-spec v1.0.2/go.mod h1:BtxoFyWECRxE4U/7sNtV5W15zMzWCbyJoFRP3s7yZA0= @@ -126,14 +126,14 @@ golang.org/x/lint v0.0.0-20181026193005-c67002cb31c3/go.mod h1:UVdnD1Gm6xHRNCYTkRU2/jEulfH38KcIWyp/GAMgvoE= golang.org/x/lint v0.0.0-20190227174305-5b3e6a55c961/go.mod h1:wehouNa3lNwaWXcvxsM5YxQ5yQlVC4a0KAMCusXpPoU= golang.org/x/lint v0.0.0-20190313153728-d0100b6bd8b3/go.mod h1:6SW0HCj/g11FgYtHlgUYUwCkIfeOF89ocIRzGO/8vkc= -golang.org/x/mod v0.10.0 h1:lFO9qtOdlre5W1jxS3r/4szv2/6iXxScdzjoBMXNhYk= +golang.org/x/mod v0.12.0 h1:rmsUpXtvNzj340zd98LZ4KntptpfRHwpFOHG188oHXc= golang.org/x/net v0.0.0-20180724234803-3673e40ba225/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20180826012351-8a410e7b638d/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190213061140-3a22650c66bd/go.mod h1:mL1N/T3taQHkDXs73rZJwtUhF3w3ftmwwsq0BUmARs4= golang.org/x/net v0.0.0-20190311183353-d8887717615a/go.mod h1:t9HGtf8HONx5eT2rtn7q6eTqICYqUVnKs3thJo3Qplg= golang.org/x/net v0.0.0-20210226172049-e18ecbb05110/go.mod h1:m0MpNAwzfU5UDzcl9v0D8zg8gWTRqZa9RBIspLL5mdg= -golang.org/x/net v0.10.0 h1:X2//UzNDwYmtCLn7To6G58Wr6f5ahEAQgKNzv9Y951M= -golang.org/x/net v0.10.0/go.mod h1:0qNGK6F8kojg2nk9dLZ2mShWaEBan6FAoqfSigmmuDg= +golang.org/x/net v0.14.0 h1:BONx9s002vGdD9umnlX1Po8vOZmrgH34qlHcD1MfK14= +golang.org/x/net v0.14.0/go.mod h1:PpSgVXXLK0OxS0F31C1/tv6XNguvCrnXIDrFMspZIUI= golang.org/x/oauth2 v0.0.0-20180821212333-d2e6202438be/go.mod h1:N/0e6XlmueqKjAGxoOufVs8QHGRruUQn6yWY3a++T0U= golang.org/x/sync v0.0.0-20180314180146-1d60e4601c6f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= golang.org/x/sync v0.0.0-20181108010431-42b317875d0f/go.mod h1:RxMgew5VJxzue5/jJTE5uejpjVlOe/izrB70Jof72aM= @@ -145,20 +145,20 @@ golang.org/x/sys v0.0.0-20201119102817-f84b799fce68/go.mod h1:h1NjWce9XRLGQEsW7wpKNCjG9DtNlClVuFLEZdDNbEs= golang.org/x/sys v0.0.0-20220520151302-bc2c85ada10a/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/sys v0.0.0-20220715151400-c0bba94af5f8/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= -golang.org/x/sys v0.9.0 h1:KS/R3tvhPqvJvwcKfnBHJwwthS11LRhmM5D59eEXa0s= -golang.org/x/sys v0.9.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= +golang.org/x/sys v0.11.0 h1:eG7RXZHdqOJ1i+0lgLgCpSXAp6M3LYlAo6osgSi0xOM= +golang.org/x/sys v0.11.0/go.mod h1:oPkhp1MJrh7nUepCBck5+mAzfO9JrbApNNgaTdGDITg= golang.org/x/term v0.0.0-20201126162022-7de9c90e9dd1/go.mod h1:bj7SfCRtBDWHUb9snDiAeCFNEtKQo2Wmx5Cou7ajbmo= golang.org/x/text v0.3.0/go.mod h1:NqM8EUOU14njkJ3fqMW+pc6Ldnwhi/IjpwHt7yyuwOQ= golang.org/x/text v0.3.3/go.mod h1:5Zoc/QRtKVWzQhOtBMvqHzDpF6irO9z98xDceosuGiQ= -golang.org/x/text v0.9.0 h1:2sjJmO8cDvYveuX97RDLsxlyUxLl+GHoLxBiRdHllBE= -golang.org/x/text v0.9.0/go.mod h1:e1OnstbJyHTd6l/uOt8jFFHp6TRDWZR/bV3emEE/zU8= +golang.org/x/text v0.12.0 h1:k+n5B8goJNdU7hSvEtMUz3d1Q6D/XW4COJSJR6fN0mc= +golang.org/x/text v0.12.0/go.mod h1:TvPlkZtksWOMsz7fbANvkp4WM8x/WCo/om8BMLbz+aE= golang.org/x/tools v0.0.0-20180917221912-90fa682c2a6e/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190114222345-bf090417da8b/go.mod h1:n7NCudcB/nEzxVGmLbDWY5pfWTLqBcC2KZ6jyYvM4mQ= golang.org/x/tools v0.0.0-20190226205152-f727befe758c/go.mod h1:9Yl7xja0Znq3iFh3HoIrodX9oNMXvdceNzlUR8zjMvY= golang.org/x/tools v0.0.0-20190311212946-11955173bddd/go.mod h1:LCzVGOaR6xXOjkQ3onu1FJEFr0SW1gC7cKk1uF8kGRs= golang.org/x/tools v0.0.0-20190524140312-2c0ae7006135/go.mod h1:RgjU9mgBXZiqYHBnxXauZ1Gv1EHHAz9KjViQ78xBX0Q= -golang.org/x/tools v0.9.3 h1:Gn1I8+64MsuTb/HpH+LmQtNas23LhUVr3rYZ0eKuaMM= -golang.org/x/tools v0.9.3/go.mod h1:owI94Op576fPu3cIGQeHs3joujW/2Oc6MtlxbF5dfNc= +golang.org/x/tools v0.12.0 h1:YW6HUoUmYBpwSgyaGaZq1fHjrBjX1rlpZ54T6mu2kss= +golang.org/x/tools v0.12.0/go.mod h1:Sc0INKfu04TlqNoRA1hgpFZbhYXHPr4V5DzpSBTPqQM= golang.org/x/xerrors v0.0.0-20191204190536-9bdfabe68543/go.mod h1:I/5z698sn9Ka8TeJc9MKroUUfqBBauWjQqLJ2OPfmY0= google.golang.org/appengine v1.1.0/go.mod h1:EbEs0AVv82hx2wNQdGPgUI5lhzA/G0D9YwlJXL52JkM= google.golang.org/appengine v1.4.0/go.mod h1:xpcJRLb0r/rnEns0DIKYYv+WjYCduHsrkT7/EB5XEv4= diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/cgroup.c new/conmon-2.1.9/src/cgroup.c --- old/conmon-2.1.8/src/cgroup.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/cgroup.c 2023-12-14 13:24:13.000000000 +0100 @@ -323,12 +323,12 @@ ninfo("OOM received"); if (opt_persist_path) { _cleanup_free_ char *ctr_oom_file_path = g_build_filename(opt_persist_path, "oom", NULL); - _cleanup_close_ int ctr_oom_fd = open(ctr_oom_file_path, O_CREAT, 0666); + _cleanup_close_ int ctr_oom_fd = open(ctr_oom_file_path, O_CREAT | O_CLOEXEC, 0666); if (ctr_oom_fd < 0) { nwarn("Failed to write oom file"); } } - _cleanup_close_ int oom_fd = open("oom", O_CREAT, 0666); + _cleanup_close_ int oom_fd = open("oom", O_CREAT | O_CLOEXEC, 0666); if (oom_fd < 0) { nwarn("Failed to write oom file"); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/conmon.c new/conmon-2.1.9/src/conmon.c --- old/conmon-2.1.8/src/conmon.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/conmon.c 2023-12-14 13:24:13.000000000 +0100 @@ -43,7 +43,6 @@ _cleanup_gerror_ GError *err = NULL; char buf[BUF_SIZE]; int num_read; - int old_oom_score = 0; _cleanup_close_ int dev_null_r_cleanup = -1; _cleanup_close_ int dev_null_w_cleanup = -1; _cleanup_close_ int dummyfd = -1; @@ -55,7 +54,7 @@ process_cli(); - attempt_oom_adjust(-1000, &old_oom_score); + attempt_oom_adjust(-1000); /* ignoring SIGPIPE prevents conmon from being spuriously killed */ signal(SIGPIPE, SIG_IGN); @@ -295,7 +294,7 @@ } // We don't want runc to be unkillable so we reset the oom_score_adj back to 0 - attempt_oom_adjust(old_oom_score, NULL); + reset_oom_adjust(); execv(g_ptr_array_index(runtime_argv, 0), (char **)runtime_argv->pdata); exit(127); } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/conn_sock.c new/conmon-2.1.9/src/conn_sock.c --- old/conmon-2.1.8/src/conn_sock.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/conn_sock.c 2023-12-14 13:24:13.000000000 +0100 @@ -179,7 +179,7 @@ if (dname == NULL) pexitf("Cannot get dirname for %s", csname); - sfd = open(dname, O_CREAT | O_PATH, 0600); + sfd = open(dname, O_CREAT | O_PATH | O_CLOEXEC, 0600); if (sfd < 0) pexit("Failed to create file for console-socket"); @@ -263,7 +263,7 @@ int socket_fd = -1; /* get the parent_dir of the socket. We'll use this to get the location of the socket. */ - char *parent_dir = socket_parent_dir(use_full_attach_path, max_socket_path_len()); + _cleanup_free_ char *parent_dir = socket_parent_dir(use_full_attach_path, max_socket_path_len()); /* * To be able to access the location of the attach socket, without first creating the attach socket @@ -271,7 +271,7 @@ * the corresponding entry in `/proc/self/fd` to act as the path to base_path, then we use the socket_relative_name * to actually refer to the file where the socket will be created below. */ - _cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH); + _cleanup_close_ int parent_dir_fd = open(parent_dir, O_PATH | O_CLOEXEC); if (parent_dir_fd < 0) pexitf("failed to open socket path parent dir %s", parent_dir); @@ -418,7 +418,7 @@ if (SOCK_IS_STREAM(sock->sock_type)) { num_read = read(sock->fd, sock->buf, CONN_SOCK_BUF_SIZE); } else { - num_read = recvfrom(sock->fd, sock->buf, CONN_SOCK_BUF_SIZE - 1, 0, NULL, NULL); + num_read = recvfrom(sock->fd, sock->buf, CONN_SOCK_BUF_SIZE, 0, NULL, NULL); } if (num_read < 0) @@ -432,17 +432,52 @@ sock->off = 0; if (SOCK_IS_NOTIFY(sock->sock_type)) { - /* Do what OCI runtime does - only pass READY=1 */ + /* We pass a limited amount of safe messages here, as some existing or + future ones could be security sensitive */ + const char *passon_line[] = { + "READY=1", "RELOADING=1", "STOPPING=1", "WATCHDOG=1", "WATCHDOG=trigger", + }; + const char *passon_prefix[] = { + "STATUS=", + "ERRNO=", + "BUSERROR=", + "MONOTONIC_USEC=", + }; + char **lines; + sock->buf[num_read] = '\0'; - if (strstr(sock->buf, "READY=1")) { - strncpy(sock->buf, "READY=1", 8); - sock->remaining = 7; - } else if (strstr(sock->buf, "WATCHDOG=1")) { - strncpy(sock->buf, "WATCHDOG=1", 11); - sock->remaining = 10; - } else { - sock->remaining = 0; + lines = g_strsplit_set(sock->buf, "\n\r", -1); + sock->remaining = 0; + + for (size_t i = 0; lines[i] != NULL; i++) { + const char *line = lines[i]; + gboolean pass_line = FALSE; + + for (size_t j = 0; j < G_N_ELEMENTS(passon_line); j++) { + if (strcmp(line, passon_line[j]) == 0) { + pass_line = TRUE; + break; + } + } + + for (size_t j = 0; !pass_line && j < G_N_ELEMENTS(passon_prefix); j++) { + if (g_str_has_prefix(line, passon_prefix[j])) { + pass_line = TRUE; + break; + } + } + + /* This will always fit in sock->buf as we only pass through exact + bytes from an existing sock->buf */ + if (pass_line) { + if (sock->remaining > 0) + sock->buf[sock->remaining++] = '\n'; + + memcpy(sock->buf + sock->remaining, line, strlen(line)); + sock->remaining += strlen(line); + } } + g_strfreev(lines); } if (sock->remaining) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/conn_sock.h new/conmon-2.1.9/src/conn_sock.h --- old/conmon-2.1.8/src/conn_sock.h 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/conn_sock.h 2023-12-14 13:24:13.000000000 +0100 @@ -36,7 +36,7 @@ gboolean writable; size_t remaining; size_t off; - char buf[CONN_SOCK_BUF_SIZE]; + char buf[CONN_SOCK_BUF_SIZE + 1]; // Extra byte allows null-termination }; struct local_sock_s { diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/ctr_exit.c new/conmon-2.1.9/src/ctr_exit.c --- old/conmon-2.1.8/src/ctr_exit.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/ctr_exit.c 2023-12-14 13:24:13.000000000 +0100 @@ -7,6 +7,7 @@ #include "globals.h" #include "ctr_logging.h" #include "close_fds.h" +#include "oom.h" #include <errno.h> #include <glib.h> @@ -201,6 +202,8 @@ sleep(opt_exit_delay); } + reset_oom_adjust(); + execv(opt_exit_command, args); /* Should not happen, but better be safe. */ diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/ctr_logging.c new/conmon-2.1.9/src/ctr_logging.c --- old/conmon-2.1.8/src/ctr_logging.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/ctr_logging.c 2023-12-14 13:24:13.000000000 +0100 @@ -191,9 +191,6 @@ } if (!strcmp(driver, "passthrough")) { - if (isatty(STDIN_FILENO) || isatty(STDOUT_FILENO) || isatty(STDERR_FILENO)) - nexitf("cannot use a tty with passthrough logging mode to prevent attacks via TIOCSTI"); - use_logging_passthrough = TRUE; return; } diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/ctr_stdio.c new/conmon-2.1.9/src/ctr_stdio.c --- old/conmon-2.1.8/src/ctr_stdio.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/ctr_stdio.c 2023-12-14 13:24:13.000000000 +0100 @@ -106,8 +106,8 @@ { /* We pass a single byte buffer because write_to_logs expects that there is one byte of capacity beyond the buflen that we specify */ - char buf; - write_to_logs(pipe, &buf, 0); + char buf[1]; + write_to_logs(pipe, buf, 0); } static bool read_stdio(int fd, stdpipe_t pipe, gboolean *eof) diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/oom.c new/conmon-2.1.9/src/oom.c --- old/conmon-2.1.8/src/oom.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/oom.c 2023-12-14 13:24:13.000000000 +0100 @@ -1,3 +1,5 @@ +#define _GNU_SOURCE + #include "oom.h" #include "utils.h" @@ -5,11 +7,13 @@ #include <string.h> #include <unistd.h> -void attempt_oom_adjust(int oom_score, int *old_value) +int old_oom_score = 0; + +static void write_oom_adjust(int oom_score, int *old_value) { #ifdef __linux__ char fmt_oom_score[16]; - int oom_score_fd = open("/proc/self/oom_score_adj", O_RDWR); + int oom_score_fd = open("/proc/self/oom_score_adj", O_RDWR | O_CLOEXEC); if (oom_score_fd < 0) { ndebugf("failed to open /proc/self/oom_score_adj: %s\n", strerror(errno)); return; @@ -30,3 +34,13 @@ (void)old_value; #endif } + +void attempt_oom_adjust(int oom_score) +{ + write_oom_adjust(oom_score, &old_oom_score); +} + +void reset_oom_adjust() +{ + write_oom_adjust(old_oom_score, NULL); +} diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/oom.h new/conmon-2.1.9/src/oom.h --- old/conmon-2.1.8/src/oom.h 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/oom.h 2023-12-14 13:24:13.000000000 +0100 @@ -1,6 +1,7 @@ #if !defined(OOM_H) #define OOM_H -void attempt_oom_adjust(int oom_score, int *old_value); +void attempt_oom_adjust(int oom_score); +void reset_oom_adjust(); #endif // OOM_H diff -urN '--exclude=CVS' '--exclude=.cvsignore' '--exclude=.svn' '--exclude=.svnignore' old/conmon-2.1.8/src/seccomp_notify.c new/conmon-2.1.9/src/seccomp_notify.c --- old/conmon-2.1.8/src/seccomp_notify.c 2023-08-24 16:12:18.000000000 +0200 +++ new/conmon-2.1.9/src/seccomp_notify.c 2023-12-14 13:24:13.000000000 +0100 @@ -7,7 +7,6 @@ #include <errno.h> #include <sys/ioctl.h> -#include <dlfcn.h> #include <sys/wait.h> #include <sys/mount.h> #include <signal.h> @@ -19,6 +18,7 @@ #ifdef USE_SECCOMP +#include <dlfcn.h> #include <sys/sysmacros.h> #include <linux/seccomp.h> #include <seccomp.h> ++++++ fix-incorrect-free-in-conn_sock.patch ++++++ >From 8557c117bcab03e3c16e40ffb7bd450d697f72c7 Mon Sep 17 00:00:00 2001 From: Dominique Martinet <dominique.marti...@atmark-techno.com> Date: Fri, 15 Dec 2023 12:44:03 +0900 Subject: [PATCH] Fix incorrect free in conn_sock Earlier commit freed socket_parent_dir()'s result which is correct in the case it returns a path from g_build_filename, but when it returns opt_bundle_path the string should not be freed. Make the function always return an allocated string that can be freed Fixes: #475 Fixes: fad6bac8e65f ("fix some issues flagged by SAST scan") Signed-off-by: Dominique Martinet <dominique.marti...@atmark-techno.com> --- src/conn_sock.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/conn_sock.c b/src/conn_sock.c index 62a02266..3b854e33 100644 --- a/src/conn_sock.c +++ b/src/conn_sock.c @@ -314,7 +314,7 @@ char *socket_parent_dir(gboolean use_full_attach_path, size_t desired_len) { /* if we're to use the full path, ignore the socket path and only use the bundle_path */ if (use_full_attach_path) - return opt_bundle_path; + return strdup(opt_bundle_path); char *base_path = g_build_filename(opt_socket_path, opt_cuuid, NULL);