summaryrefslogtreecommitdiff
path: root/libre/kdelibs/kdelibs-cve-2014-5033.patch
diff options
context:
space:
mode:
Diffstat (limited to 'libre/kdelibs/kdelibs-cve-2014-5033.patch')
-rw-r--r--libre/kdelibs/kdelibs-cve-2014-5033.patch36
1 files changed, 36 insertions, 0 deletions
diff --git a/libre/kdelibs/kdelibs-cve-2014-5033.patch b/libre/kdelibs/kdelibs-cve-2014-5033.patch
new file mode 100644
index 000000000..c85eccd6b
--- /dev/null
+++ b/libre/kdelibs/kdelibs-cve-2014-5033.patch
@@ -0,0 +1,36 @@
+--- a/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
++++ b/kdecore/auth/backends/polkit-1/Polkit1Backend.cpp
+@@ -144,7 +144,7 @@
+
+ Action::AuthStatus Polkit1Backend::actionStatus(const QString &action)
+ {
+- PolkitQt1::UnixProcessSubject subject(QCoreApplication::applicationPid());
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID()));
+ PolkitQt1::Authority::Result r = PolkitQt1::Authority::instance()->checkAuthorizationSync(action, subject,
+ PolkitQt1::Authority::None);
+ switch (r) {
+@@ -160,21 +160,12 @@
+
+ QByteArray Polkit1Backend::callerID() const
+ {
+- QByteArray a;
+- QDataStream s(&a, QIODevice::WriteOnly);
+- s << QCoreApplication::applicationPid();
+-
+- return a;
++ return QDBusConnection::systemBus().baseService().toUtf8();
+ }
+
+ bool Polkit1Backend::isCallerAuthorized(const QString &action, QByteArray callerID)
+ {
+- QDataStream s(&callerID, QIODevice::ReadOnly);
+- qint64 pid;
+-
+- s >> pid;
+-
+- PolkitQt1::UnixProcessSubject subject(pid);
++ PolkitQt1::SystemBusNameSubject subject(QString::fromUtf8(callerID));
+ PolkitQt1::Authority *authority = PolkitQt1::Authority::instance();
+
+ PolkitResultEventLoop e;
+