openwrt-mirror/packages
1
0
Fork 0
mirror of https://github.com/openwrt/packages.git synced 2025-12-23 21:04:33 +04:00
Code Issues Packages Projects Releases Wiki Activity
Files
ac9eddc49f1f29f7798c89bffd523d014780ff08
packages/libs/glib2/patches/117-CVE-2024-34397-gdbus-proxy-test-Wait-before-asserting-name-owner-has-gon.patch
Petr Štetiar 3932357ffb glib2: update to 2.74.7 to fix several CVEs 
Bump glib2 to 2.74.7 which fixes CVE-2023-29499, CVE-2023-32611,
CVE-2023-32636, CVE-2023-32643, CVE-2023-32665 and on top of that
backport CVE-2024-34397 fix from Debian Bookworm glib2 package
2.74.6-2+deb12u2. While at it refresh the patches so they apply cleanly.

References: https://security-tracker.debian.org/tracker/source-package/glib2.0
Fixes: CVE-2023-29499, CVE-2023-32611, CVE-2023-32636, CVE-2023-32643, CVE-2023-32665, CVE-2024-34397
Signed-off-by: Petr Štetiar <ynezz@true.cz>
2024-09-05 13:27:51 +02:00

40 lines
1.6 KiB
Diff
Raw Blame History

From: Simon McVittie <smcv@debian.org>
Date: Mon, 6 May 2024 21:24:53 +0100
Subject: gdbus-proxy test: Wait before asserting name owner has gone away
GDBusConnection sends each signal to recipients in a separate idle
callback, and there's no particular guarantee about the order in which
they're scheduled or dispatched. For the NameOwnerChanged signal that
reports the name becoming unowned, it's possible that g_bus_watch_name()
gets its idle callback called before the GDBusProxy:g-name-owner
machinery has updated the name owner, in which case the assertion
will fail.
Fixing GNOME/glib#3268 introduced a new subscription to NameOwnerChanged
which can alter the order of delivery, particularly in the case where
G_DBUS_PROXY_FLAGS_NO_MATCH_RULE was used (as tested in
/gdbus/proxy/no-match-rule). The resulting test failure is intermittent,
but reliably appears within 100 repetitions of that test.
Fixes: 511c5f5b "tests: Wait for gdbus-testserver to die when killing it"
Signed-off-by: Simon McVittie <smcv@debian.org>
---
gio/tests/gdbus-proxy.c | 6 ++++++
1 file changed, 6 insertions(+)
--- a/gio/tests/gdbus-proxy.c
+++ b/gio/tests/gdbus-proxy.c
@@ -780,6 +780,12 @@ kill_test_service (GDBusConnection *conn
while (!name_disappeared)
g_main_context_iteration (NULL, TRUE);
+ /* GDBusConnection doesn't guarantee that different subscriptions to the
+ * same signal will get their callbacks scheduled in any particular order,
+ * so make sure they have all happened */
+ while (g_main_context_iteration (NULL, FALSE))
+ continue;
+
g_bus_unwatch_name (watch_id);
#else
g_warning ("Can't kill com.example.TestService");
Reference in New Issue View Git Blame Copy Permalink