diff --git a/SOURCES/polkit-0.112-Polkit.spawn-leak.patch b/SOURCES/polkit-0.112-Polkit.spawn-leak.patch new file mode 100644 index 0000000..8a69cf1 --- /dev/null +++ b/SOURCES/polkit-0.112-Polkit.spawn-leak.patch @@ -0,0 +1,20 @@ +commit 1986e443b170240e9ce4a34726b7fa6c55b3601c +Author: Miloslav Trmač +Date: Sat Dec 7 04:21:10 2013 +0100 + + Fix a memory leak + + https://bugs.freedesktop.org/show_bug.cgi?id=72426 + +diff --git a/src/polkitbackend/polkitbackendjsauthority.c b/src/polkitbackend/polkitbackendjsauthority.c +index bc2fe22..c3885a9 100644 +--- a/src/polkitbackend/polkitbackendjsauthority.c ++++ b/src/polkitbackend/polkitbackendjsauthority.c +@@ -1363,7 +1363,6 @@ js_polkit_spawn (JSContext *cx, + goto out; + } + s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val)); +- s = JS_EncodeString (cx, JSVAL_TO_STRING (elem_val)); + argv[n] = g_strdup (s); + JS_free (cx, s); + } diff --git a/SOURCES/polkit-0.112-agent-leaks.patch b/SOURCES/polkit-0.112-agent-leaks.patch new file mode 100644 index 0000000..77f0671 --- /dev/null +++ b/SOURCES/polkit-0.112-agent-leaks.patch @@ -0,0 +1,79 @@ +A part of commit 7ecf29a9db86f7161e2ff48e7bb8ea46a90f954f +Author: Miloslav Trmač +Date: Wed Feb 8 22:57:21 2017 +0100 + + Fix a memory leak in server_handle_authentication_agent_response{,2} + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index 2bcad62..cad3f74 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -1054,6 +1054,7 @@ server_handle_authentication_agent_response (Server *server, + g_dbus_method_invocation_return_value (invocation, g_variant_new ("()")); + + out: ++ g_variant_unref (identity_gvariant); + if (identity != NULL) + g_object_unref (identity); + } +commit d9efd2673d73214e7990e3e67cdddfa77c6a8226 +Author: Miloslav Trmač +Date: Wed Feb 8 22:55:10 2017 +0100 + + Fix a memory leak in server_handle_unregister_authentication_agent + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendauthority.c b/src/polkitbackend/polkitbackendauthority.c +index 7e08e57..2bcad62 100644 +--- a/src/polkitbackend/polkitbackendauthority.c ++++ b/src/polkitbackend/polkitbackendauthority.c +@@ -1003,6 +1003,7 @@ server_handle_unregister_authentication_agent (Server *server, + g_dbus_method_invocation_return_value (invocation, g_variant_new ("()")); + + out: ++ g_variant_unref (subject_gvariant); + if (subject != NULL) + g_object_unref (subject); + } +commit af4566e1a7e9031b9a05f49c7d27bf379d822016 +Author: Miloslav Trmač +Date: Thu Feb 9 19:53:54 2017 +0100 + + Fix a memory leak per agent authentication + + Signed-off-by: Miloslav Trmač + +diff --git a/src/polkitbackend/polkitbackendinteractiveauthority.c b/src/polkitbackend/polkitbackendinteractiveauthority.c +index bf0ee48..b8096b3 100644 +--- a/src/polkitbackend/polkitbackendinteractiveauthority.c ++++ b/src/polkitbackend/polkitbackendinteractiveauthority.c +@@ -1906,15 +1906,15 @@ authentication_agent_begin_cb (GDBusProxy *proxy, + AuthenticationSession *session = user_data; + gboolean gained_authorization; + gboolean was_dismissed; ++ GVariant *result; + GError *error; + + was_dismissed = FALSE; + gained_authorization = FALSE; + + error = NULL; +- if (!g_dbus_proxy_call_finish (proxy, +- res, +- &error)) ++ result = g_dbus_proxy_call_finish (proxy, res, &error); ++ if (result == NULL) + { + g_printerr ("Error performing authentication: %s (%s %d)\n", + error->message, +@@ -1926,6 +1926,7 @@ authentication_agent_begin_cb (GDBusProxy *proxy, + } + else + { ++ g_variant_unref (result); + gained_authorization = session->is_authenticated; + g_debug ("Authentication complete, is_authenticated = %d", session->is_authenticated); + } diff --git a/SPECS/polkit.spec b/SPECS/polkit.spec index c2fe88c..17b8fa0 100644 --- a/SPECS/polkit.spec +++ b/SPECS/polkit.spec @@ -6,7 +6,7 @@ Summary: An authorization framework Name: polkit Version: 0.112 -Release: 9%{?dist} +Release: 11%{?dist} License: LGPLv2+ URL: http://www.freedesktop.org/wiki/Software/polkit Source0: http://www.freedesktop.org/software/polkit/releases/%{name}-%{version}.tar.gz @@ -19,6 +19,10 @@ Patch1: polkit-0.112-PolkitAgentSession-race.patch Patch2: polkit-0.112-CVE-2015-3256.patch # https://bugs.freedesktop.org/show_bug.cgi?id=88288 Patch3: polkit-0.112-EnumerateActions-leak.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=72426 +Patch4: polkit-0.112-Polkit.spawn-leak.patch +# https://bugs.freedesktop.org/show_bug.cgi?id=99741 +Patch5: polkit-0.112-agent-leaks.patch Group: System Environment/Libraries BuildRequires: glib2-devel >= 2.30.0 BuildRequires: expat-devel @@ -89,6 +93,8 @@ Development documentation for polkit. %patch1 -p1 -b .PolkitAgentSession-race %patch2 -p1 -b .CVE-2015-3256 %patch3 -p1 -b .EnumerateActions-leak +%patch4 -p1 -b .Polkit.spawn-leak +%patch5 -p1 -b .agent-leaks %build %if 0%{?enable_autoreconf} @@ -177,6 +183,14 @@ fi %{_datadir}/gtk-doc %changelog +* Thu Feb 9 2017 Miloslav Trmač - 0.112-11 +- Fix memory leaks when calling authentication agents + Resolves: #1380166 + +* Thu Feb 2 2017 Miloslav Trmač - 0.112-10 +- Fix a memory leak in Polkit.spawn calls from authorization rules + Resolves: #1380166 + * Wed Jul 6 2016 Miloslav Trmač - 0.112-9 - Update for another mozjs17 change, the pkg-config file name does not change. Resolves: #1331776