diff --git a/SOURCES/libcgroup-0.41-infinite-loop.patch b/SOURCES/libcgroup-0.41-infinite-loop.patch new file mode 100644 index 0000000..c202352 --- /dev/null +++ b/SOURCES/libcgroup-0.41-infinite-loop.patch @@ -0,0 +1,40 @@ +From 1078505afde08447226d9439d2ec1fd822afba82 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Nikola=20Forr=C3=B3?= +Date: Wed, 9 Dec 2015 11:00:30 +0100 +Subject: [PATCH] api.c: fix infinite loop + +If getgrnam or getpwuid functions failed, the program entered +an infinite loop, because the rule pointer was never advanced. +This is now fixed by updating the pointer before continuing +to the next iteration. +--- + src/api.c | 8 ++++++-- + 1 file changed, 6 insertions(+), 2 deletions(-) + +diff --git a/src/api.c b/src/api.c +index e9500e0..aa912b6 100644 +--- a/src/api.c ++++ b/src/api.c +@@ -2699,13 +2699,17 @@ static struct cgroup_rule *cgroup_find_matching_rule_uid_gid(uid_t uid, + /* Get the group data. */ + sp = &(rule->username[1]); + grp = getgrnam(sp); +- if (!grp) ++ if (!grp) { ++ rule = rule->next; + continue; ++ } + + /* Get the data for UID. */ + usr = getpwuid(uid); +- if (!usr) ++ if (!usr) { ++ rule = rule->next; + continue; ++ } + + /* If UID is a member of group, we matched. */ + for (i = 0; grp->gr_mem[i]; i++) { +-- +2.13.6 + diff --git a/SPECS/libcgroup.spec b/SPECS/libcgroup.spec index cd50b5d..2ddc63d 100644 --- a/SPECS/libcgroup.spec +++ b/SPECS/libcgroup.spec @@ -5,7 +5,7 @@ Summary: Library to control and monitor control groups Name: libcgroup Version: 0.41 -Release: 13%{?dist} +Release: 15%{?dist} License: LGPLv2+ Group: Development/Libraries URL: http://libcg.sourceforge.net/ @@ -36,6 +36,8 @@ Patch14: libcgroup-0.41-api.c-fix-potential-buffer-overflow.patch Patch15: libcgroup-0.41-api.c-fix-log-level.patch # resolves #1384390 Patch16: libcgroup-0.41-api.c-preserve-dirty-flag.patch +# resolves #1505443 +Patch17: libcgroup-0.41-infinite-loop.patch BuildRequires: byacc, coreutils, flex, pam-devel, systemd Requires(pre): shadow-utils @@ -96,6 +98,7 @@ provide scripts to manage that configuration. %patch14 -p1 %patch15 -p1 %patch16 -p1 +%patch17 -p1 %build %configure --enable-pam-module-dir=%{_libdir}/security \ @@ -181,11 +184,11 @@ fi %files tools %doc COPYING README README_systemd -%config(noreplace) %{_sysconfdir}/cgconfig.conf -%config(noreplace) %{_sysconfdir}/cgconfig.d -%config(noreplace) %{_sysconfdir}/cgrules.conf -%config(noreplace) %{_sysconfdir}/cgsnapshot_blacklist.conf -%config(noreplace) %{_sysconfdir}/sysconfig/cgred +%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/cgconfig.conf +%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/cgconfig.d +%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/cgrules.conf +%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/cgsnapshot_blacklist.conf +%config(noreplace) %verify(not md5 size mtime) %{_sysconfdir}/sysconfig/cgred /usr/bin/cgcreate /usr/bin/cgget /usr/bin/cgset @@ -216,6 +219,14 @@ fi %{_libdir}/pkgconfig/libcgroup.pc %changelog +* Tue Oct 24 2017 Nikola Forró - 0.41-15 +- resolves: #1464015 + do not verify size, mtime and checksum of config files + +* Tue Oct 24 2017 Nikola Forró - 0.41-14 +- resolves: #1505443 + fix infinite loop + * Thu Mar 16 2017 Nikola Forró - 0.41-13 - resolves: #1384390 preserve dirty flag when copying controller values