fdo-mirrors/NetworkManager
1
0
Fork 0
mirror of https://gitlab.freedesktop.org/NetworkManager/NetworkManager.git synced 2026-03-06 18:41:41 +01:00
Code Issues Projects Releases Packages Wiki Activity Actions
NetworkManager/src
History
Thomas Haller 32566dd5e1
core: fix crash in nm_wildcard_match_check() 
It's not entirely clear how to treat %NULL.
Clearly "match.interface-name=eth0" should not
match with an interface %NULL. But what about
"match.interface-name=!eth0"? It's now implemented
that negative matches still succeed against %NULL.
What about "match.interface-name=*"? That probably
should also match with %NULL. So we treat %NULL really
like "".

Against commit 11cd443448 ('iwd: Don't call IWD methods when device
unmanaged'), we got this backtrace:

    #0  0x00007f1c164069f1 in __strnlen_avx2 () at ../sysdeps/x86_64/multiarch/strlen-avx2.S:62
    #1  0x00007f1c1637ac9e in __fnmatch (pattern=<optimized out>, string=<optimized out>, string@entry=0x0, flags=flags@entry=0) at fnmatch.c:379
            p = 0x0
            res = <optimized out>
            orig_pattern = <optimized out>
            n = <optimized out>
            wpattern = 0x7fff8d860730 L"pci-0000:03:00.0"
            ps = {__count = 0, __value = {__wch = 0, __wchb = "\000\000\000"}}
            wpattern_malloc = 0x0
            wstring_malloc = 0x0
            wstring = <optimized out>
            alloca_used = 80
            __PRETTY_FUNCTION__ = "__fnmatch"
    #2  0x0000564484a978bf in nm_wildcard_match_check (str=0x0, patterns=<optimized out>, num_patterns=<optimized out>) at src/core/nm-core-utils.c:1959
            is_inverted = 0
            is_mandatory = 0
            match = <optimized out>
            p = 0x564486c43fa0 "pci-0000:03:00.0"
            has_optional = 0
            has_any_optional = 0
            i = <optimized out>
    #3  0x0000564484bf4797 in check_connection_compatible (self=<optimized out>, connection=<optimized out>, error=0x0) at src/core/devices/nm-device.c:7499
            patterns = <optimized out>
            device_driver = 0x564486c76bd0 "veth"
            num_patterns = 1
            priv = 0x564486cbe0b0
            __func__ = "check_connection_compatible"
            device_iface = <optimized out>
            local = 0x564486c99a60
            conn_iface = 0x0
            klass = <optimized out>
            s_match = 0x564486c63df0 [NMSettingMatch]
    #4  0x0000564484c38491 in check_connection_compatible (device=0x564486cbe590 [NMDeviceVeth], connection=0x564486c6b160, error=0x0) at src/core/devices/nm-device-ethernet.c:348
            self = 0x564486cbe590 [NMDeviceVeth]
            s_wired = <optimized out>

Fixes: 3ced486f41 ('libnm/match: extend syntax for match patterns with '|', '&', '!' and '\\'')

https://bugzilla.redhat.com/show_bug.cgi?id=1942741

CVE-2021-20297

(cherry picked from commit 420784e342)
(cherry picked from commit eaba0b4845)
(cherry picked from commit 16e5b307a3)
2021-04-12 16:14:39 +02:00
..
devices wwan: fix leaking "bearer" in connect_ready() 2021-03-12 15:39:23 +01:00
dhcp dhcp: implement dhcp-vendor-class-identifier option for systemd's DHCP 2020-08-26 11:57:21 +02:00
dns dns: sd-resolved: fix hash table iteration 2020-11-30 23:09:48 +01:00
dnsmasq license: Add license using SPDX identifiers to meson build files 2020-02-17 13:16:57 +01:00
initrd initrd: add support for rd.net.timeout.carrier 2021-03-12 17:24:06 +01:00
ndisc ndisc/tests: relax assertion in "test-ndisc-fake.c" 2020-08-17 15:55:55 +02:00
platform wireguard: fix configuring larger number of allowed-ips on WireGuard link 2021-02-09 11:54:13 +01:00
ppp license: Add license using SPDX identifiers to meson build files 2020-02-17 13:16:57 +01:00
settings introspection: avoid compiler warning in generated introspection files 2020-11-24 13:20:41 +01:00
supplicant wifi: fix caching ap-flags for supplicant-interface 2021-02-09 11:50:12 +01:00
systemd systemd: dhcp6: parse the FQDN option 2020-08-06 11:21:52 +02:00
tests libnm/match: extend syntax for match patterns with '|', '&', '!' and '\\' 2020-06-26 13:33:41 +02:00
vpn core: fix generation of dependent local routes for VRFs 2020-07-15 11:49:41 +02:00
main-utils.c all: use nm_clear_g_free() instead of g_clear_pointer() 2020-03-23 11:05:34 +01:00
main-utils.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
main.c config: print config warnings during NetworkManager --print-config 2019-12-11 11:52:05 +01:00
meson.build build: fix generating "NetworkManager.ver" with LTO 2020-08-17 15:40:05 +02:00
NetworkManagerUtils.c tc: add support for tbf qdisc 2020-06-08 15:31:42 +02:00
NetworkManagerUtils.h move tc parsing out of nm-device.c 2020-06-08 15:31:41 +02:00
nm-act-request.c shared: move nm-dbus-auth-subject to shared/nm-libnm-core-intern 2019-12-24 10:13:51 +01:00
nm-act-request.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-active-connection.c core: fix check on master active-connection failure 2020-07-17 08:59:45 +02:00
nm-active-connection.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-audit-manager.c shared: nm-auth-subject: add unix-session type 2019-12-24 10:13:51 +01:00
nm-audit-manager.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-auth-manager.c auth-manager: watch PolicyKit name owner to emit changed signal when name owner appears 2020-04-21 12:19:43 +02:00
nm-auth-manager.h shared: move nm-dbus-auth-subject to shared/nm-libnm-core-intern 2019-12-24 10:13:51 +01:00
nm-auth-utils.c auth: track NMAuthChain data in array instead of CList 2020-04-28 18:35:59 +02:00
nm-auth-utils.h auth: natively support GCancellable in NMAuthChain 2020-04-28 18:35:59 +02:00
nm-checkpoint-manager.c all: use nm_dbus_path_not_empty() 2019-11-07 11:34:36 +01:00
nm-checkpoint-manager.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-checkpoint.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-checkpoint.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-config-data.c all: avoid wrong compiler warning about uninitalized variables with LTO 2020-08-17 15:40:05 +02:00
nm-config-data.h config: add nm_config_data_get_warnings() to get additional warnings about wrong configuration 2019-12-11 11:52:05 +01:00
nm-config.c core: recognize "wifi.scan-generate-mac-address-mask" as valid "NetworkManager.conf" option 2020-12-06 20:30:56 +01:00
nm-config.h core: recognize "wifi.scan-generate-mac-address-mask" as valid "NetworkManager.conf" option 2020-12-06 20:30:56 +01:00
nm-connectivity.c shared: drop _STATIC variant of macros that define functions 2020-02-13 17:17:07 +01:00
nm-connectivity.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-core-utils.c core: fix crash in nm_wildcard_match_check() 2021-04-12 16:14:39 +02:00
nm-core-utils.h core: fix treating route metric zero of IPv6 routes special 2020-07-07 16:15:41 +02:00
nm-dbus-manager.c bus-manager/dhcp: don't log pointer values directly 2020-04-30 11:44:07 +02:00
nm-dbus-manager.h shared: move nm-dbus-auth-subject to shared/nm-libnm-core-intern 2019-12-24 10:13:51 +01:00
nm-dbus-object.c all: use nm_clear_g_free() instead of g_clear_pointer() 2020-03-23 11:05:34 +01:00
nm-dbus-object.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-dbus-utils.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-dbus-utils.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-dcb.c all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-dcb.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-dhcp-config.c core: add common base class NMDhcpConfig for NMDhcp[46]Config and merge them 2020-02-21 15:59:44 +01:00
nm-dhcp-config.h core: add common base class NMDhcpConfig for NMDhcp[46]Config and merge them 2020-02-21 15:59:44 +01:00
nm-dispatcher.c device: merge nm_device_get_dhcp[46]_config() to nm_device_get_dhcp_config() 2020-02-21 15:59:44 +01:00
nm-dispatcher.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-firewall-manager.c all: add nm_utils_error_is_cancelled() and nm_utils_error_is_cancelled_or_disposing() 2020-02-10 19:11:50 +01:00
nm-firewall-manager.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-hostname-manager.c core: avoid deprecated matchfilecon SELinux API instead of selabel 2020-08-17 15:40:05 +02:00
nm-hostname-manager.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-iface-helper.c core: add support for dhcpv4 vendor class identifier option 2020-08-26 11:57:20 +02:00
nm-ip4-config.c core: add never-default field to NMIP{4,6}Config 2020-10-09 18:35:16 +02:00
nm-ip4-config.h core: add never-default field to NMIP{4,6}Config 2020-10-09 18:35:16 +02:00
nm-ip6-config.c core: add never-default field to NMIP{4,6}Config 2020-10-09 18:35:16 +02:00
nm-ip6-config.h core: add never-default field to NMIP{4,6}Config 2020-10-09 18:35:16 +02:00
nm-keep-alive.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-keep-alive.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-logging.c all: use nm_clear_g_free() instead of g_clear_pointer() 2020-03-23 11:05:34 +01:00
nm-logging.h core: move _LOG*() macros to "shared/nm-glib-aux/nm-logging-fwd.h" 2019-11-22 15:32:52 +01:00
nm-manager.c core: fix modifying connection during recheck_assume_connection() 2020-11-24 09:26:17 +01:00
nm-manager.h device: implement "auth-request" as async operation nm_manager_device_auth_request() 2020-04-28 18:35:59 +02:00
nm-netns.c all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-netns.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-pacrunner-manager.c all: drop explicit casts from _GET_PRIVATE() macro calls 2020-02-14 11:04:46 +01:00
nm-pacrunner-manager.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-policy.c dns: fix _dns_manager_set_ip_config() for missing device 2020-11-19 09:30:12 +01:00
nm-policy.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-proxy-config.c all: use nm_clear_g_free() instead of g_clear_pointer() 2020-03-23 11:05:34 +01:00
nm-proxy-config.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-rfkill-manager.c all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-rfkill-manager.h all: manually drop code comments with file description 2019-10-01 07:50:52 +02:00
nm-session-monitor.c all: use nm_clear_pointer() instead of g_clear_pointer() 2020-03-23 11:22:38 +01:00
nm-session-monitor.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-sleep-monitor.c all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-sleep-monitor.h all: unify format of our Copyright source code comments 2019-10-02 17:03:52 +02:00
nm-test-utils-core.h libnm/keyfile: build keyfile code as separate GPL licensed internal library 2020-01-07 13:17:47 +01:00
nm-types.h device: implement "auth-request" as async operation nm_manager_device_auth_request() 2020-04-28 18:35:59 +02:00
org.freedesktop.NetworkManager.conf dbus: pretty format "org.freedesktop.NetworkManager.conf" 2020-04-15 19:17:00 +02:00