From 10c63f167d9ded2cbbb80436194a3d1890f459cb Mon Sep 17 00:00:00 2001 From: Thomas Haller Date: Mon, 14 Oct 2019 16:31:40 +0200 Subject: [PATCH] core: don't use pointer value for pending action string in active-connection The pending action gets logged. We should not log plain pointer values because they may be used to defeat ASLR. Instead, construct the pending action using the "version_id". This number is also unique, and suits sufficiently well. With debug logging you can still grep the log for the corresponding active-connection (and anyway it's obvious from the context). --- src/nm-active-connection.c | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/src/nm-active-connection.c b/src/nm-active-connection.c index 2c1fceaf7a..bf50e55d86 100644 --- a/src/nm-active-connection.c +++ b/src/nm-active-connection.c @@ -707,7 +707,7 @@ nm_active_connection_set_device (NMActiveConnection *self, NMDevice *device) G_CALLBACK (device_metered_changed), self); if (priv->activation_type != NM_ACTIVATION_TYPE_EXTERNAL) { - priv->pending_activation_id = g_strdup_printf (NM_PENDING_ACTIONPREFIX_ACTIVATION"%p", (void *)self); + priv->pending_activation_id = g_strdup_printf (NM_PENDING_ACTIONPREFIX_ACTIVATION"%"G_GUINT64_FORMAT, priv->version_id); nm_device_add_pending_action (device, priv->pending_activation_id, TRUE); } } else {