From 99fc2911215b932a2511d825fdf0fdf72b61febd Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Tue, 5 Dec 2023 14:19:06 +0800 Subject: [PATCH 1/4] update to dbus-1.12.8-26.src.rpm Signed-off-by: Zhao Hang --- ..._-prefixed-patterns-more-selectively.patch | 44 -- ...hange-in-AX_CODE_COVERAGE-version-28.patch | 582 ------------------ ...ch => dbus-1.12.8-fix-CVE-2023-34969.patch | 83 ++- dbus-kill-process-with-session | 4 +- dbus.spec | 46 +- ssh-x-forwarding.csh | 14 + ssh-x-forwarding.sh | 13 + 7 files changed, 101 insertions(+), 685 deletions(-) delete mode 100644 0002-Forbid-AX_-prefixed-patterns-more-selectively.patch delete mode 100644 0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch rename dbus-1.12.8-CVE-2023-34969.patch => dbus-1.12.8-fix-CVE-2023-34969.patch (83%) diff --git a/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch b/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch deleted file mode 100644 index 3d8211a..0000000 --- a/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch +++ /dev/null @@ -1,44 +0,0 @@ -From 6ef67cff6ba26645f9cbe23ffb401f3d49a66429 Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Mon, 21 Jan 2019 14:28:24 +0000 -Subject: [PATCH] configure.ac: Forbid AX_-prefixed patterns more selectively - -We want to make autoconf fail early and with a user-comprehensible -message if autoconf-archive isn't installed, rather than generating -a configure script with syntax errors, or a configure script that runs -successfully but doesn't do what we intended. - -However, autoconf-archive doesn't actually guarantee not to use -AX_-prefixed shell variable names without m4_pattern_allow'ing them -(unlike Autoconf, Automake, Libtool and pkg-config, which explicitly use -m4_pattern_allow for variables with AC_, AM_, LT_ and PKG_ prefixes), so -it isn't safe to assume that they won't be used. In particular, recent -versions of AX_CHECK_GNU_MAKE appear to be using -$AX_CHECK_GNU_MAKE_HEADLINE as a shell variable. - -Instead, specifically forbid the names of the finite list of macros -that we actually use. - -Signed-off-by: Simon McVittie -Resolves: dbus#249 -(cherry picked from commit ee09cc0acdc1c34e8ae999adf9922f3d0d66f407) ---- - configure.ac | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - -diff --git a/configure.ac b/configure.ac -index cc8686037..d876a2fd5 100644 ---- a/configure.ac -+++ b/configure.ac -@@ -10,7 +10,7 @@ AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?produc - - AC_CONFIG_AUX_DIR([build-aux]) - --m4_pattern_forbid([^AX_], -+m4_pattern_forbid([^AX_(CHECK_ENABLE_DEBUG|CODE_COVERAGE|COMPILER_FLAGS|COMPILER_FLAGS_(CFLAGS|CXXFLAGS|LDFLAGS))\b], - [Unexpanded AX_ macro found. Please install GNU autoconf-archive]) - - AC_CANONICAL_HOST --- -GitLab - diff --git a/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch b/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch deleted file mode 100644 index bd22d92..0000000 --- a/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch +++ /dev/null @@ -1,582 +0,0 @@ -From d9ef0226e2ff346f80c0c8ba1a0fec19c553b458 Mon Sep 17 00:00:00 2001 -From: Simon McVittie -Date: Mon, 21 Jan 2019 17:51:07 +0000 -Subject: [PATCH] Adapt to API change in AX_CODE_COVERAGE version 28 - -AX_CODE_COVERAGE recently changed the way it embedded its Makefile rules -in the output file: instead of using @CODE_COVERAGE_RULES@, users -are now meant to include aminclude_static.am. - -The new AX_CODE_COVERAGE is only in the latest autoconf-archive release, -version 2019.01.06, which is inconveniently new, so bundle everything -we need for the moment. - -This requires us to stop using the deprecated CODE_COVERAGE_LDFLAGS -(which we still used to support older versions of autoconf-archive) -and replace them with CODE_COVERAGE_LIBS. - -Signed-off-by: Simon McVittie -(cherry picked from commit 2938c2125ebcd001e470aeac1ffac45b6b1ebe89) -Closes: dbus#265 ---- - Makefile.am | 2 +- - bus/Makefile.am | 6 +- - dbus/Makefile.am | 2 +- - m4/ax_ac_append_to_file.m4 | 32 +++++ - m4/ax_ac_print_to_file.m4 | 32 +++++ - m4/ax_add_am_macro_static.m4 | 28 ++++ - m4/ax_am_macros_static.m4 | 38 +++++ - m4/ax_code_coverage.m4 | 272 +++++++++++++++++++++++++++++++++++ - m4/ax_file_escapes.m4 | 30 ++++ - test/Makefile.am | 4 +- - 11 files changed, 443 insertions(+), 7 deletions(-) - create mode 100644 m4/ax_ac_append_to_file.m4 - create mode 100644 m4/ax_ac_print_to_file.m4 - create mode 100644 m4/ax_add_am_macro_static.m4 - create mode 100644 m4/ax_am_macros_static.m4 - create mode 100644 m4/ax_code_coverage.m4 - create mode 100644 m4/ax_file_escapes.m4 - -diff --git a/Makefile.am b/Makefile.am -index 9a9023018..45183cb0c 100644 ---- a/Makefile.am -+++ b/Makefile.am -@@ -51,4 +51,4 @@ DISTCHECK_CONFIGURE_FLAGS = \ - ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS} - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am -diff --git a/bus/Makefile.am b/bus/Makefile.am -index 9ae30716b..c91706310 100644 ---- a/bus/Makefile.am -+++ b/bus/Makefile.am -@@ -6,7 +6,7 @@ systemdtmpfilesdir = $(prefix)/lib/tmpfiles.d - systemdsysusersdir = $(prefix)/lib/sysusers.d - - DBUS_BUS_LIBS = \ -- $(CODE_COVERAGE_LDFLAGS) \ -+ $(CODE_COVERAGE_LIBS) \ - $(EXPAT_LIBS) \ - $(SELINUX_LIBS) \ - $(APPARMOR_LIBS) \ -@@ -16,7 +16,7 @@ DBUS_BUS_LIBS = \ - $(NULL) - - DBUS_LAUNCHER_LIBS = \ -- $(CODE_COVERAGE_LDFLAGS) \ -+ $(CODE_COVERAGE_LIBS) \ - $(EXPAT_LIBS) \ - $(THREAD_LIBS) \ - $(NETWORK_libs) \ -@@ -306,4 +306,4 @@ systemduserunit_DATA = \ - endif - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am -diff --git a/dbus/Makefile.am b/dbus/Makefile.am -index b2913ef0e..ec8e2a5ee 100644 ---- a/dbus/Makefile.am -+++ b/dbus/Makefile.am -@@ -329,7 +329,7 @@ test_dbus_SOURCES= \ - test_dbus_LDADD = libdbus-internal.la - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am - - clean-local: - $(AM_V_at)rm -fr ./.dbus-keyrings -diff --git a/m4/ax_ac_append_to_file.m4 b/m4/ax_ac_append_to_file.m4 -new file mode 100644 -index 000000000..242b3d520 ---- /dev/null -+++ b/m4/ax_ac_append_to_file.m4 -@@ -0,0 +1,32 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_ac_append_to_file.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_AC_APPEND_TO_FILE([FILE],[DATA]) -+# -+# DESCRIPTION -+# -+# Appends the specified data to the specified Autoconf is run. If you want -+# to append to a file when configure is run use AX_APPEND_TO_FILE instead. -+# -+# LICENSE -+# -+# Copyright (c) 2009 Allan Caffee -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 10 -+ -+AC_DEFUN([AX_AC_APPEND_TO_FILE],[ -+AC_REQUIRE([AX_FILE_ESCAPES]) -+m4_esyscmd( -+AX_FILE_ESCAPES -+[ -+printf "%s" "$2" >> "$1" -+]) -+]) -diff --git a/m4/ax_ac_print_to_file.m4 b/m4/ax_ac_print_to_file.m4 -new file mode 100644 -index 000000000..642dfc151 ---- /dev/null -+++ b/m4/ax_ac_print_to_file.m4 -@@ -0,0 +1,32 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_ac_print_to_file.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_AC_PRINT_TO_FILE([FILE],[DATA]) -+# -+# DESCRIPTION -+# -+# Writes the specified data to the specified file when Autoconf is run. If -+# you want to print to a file when configure is run use AX_PRINT_TO_FILE -+# instead. -+# -+# LICENSE -+# -+# Copyright (c) 2009 Allan Caffee -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 10 -+ -+AC_DEFUN([AX_AC_PRINT_TO_FILE],[ -+m4_esyscmd( -+AC_REQUIRE([AX_FILE_ESCAPES]) -+[ -+printf "%s" "$2" > "$1" -+]) -+]) -diff --git a/m4/ax_add_am_macro_static.m4 b/m4/ax_add_am_macro_static.m4 -new file mode 100644 -index 000000000..6442d24b7 ---- /dev/null -+++ b/m4/ax_add_am_macro_static.m4 -@@ -0,0 +1,28 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_add_am_macro_static.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_ADD_AM_MACRO_STATIC([RULE]) -+# -+# DESCRIPTION -+# -+# Adds the specified rule to $AMINCLUDE. -+# -+# LICENSE -+# -+# Copyright (c) 2009 Tom Howard -+# Copyright (c) 2009 Allan Caffee -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 8 -+ -+AC_DEFUN([AX_ADD_AM_MACRO_STATIC],[ -+ AC_REQUIRE([AX_AM_MACROS_STATIC]) -+ AX_AC_APPEND_TO_FILE(AMINCLUDE_STATIC,[$1]) -+]) -diff --git a/m4/ax_am_macros_static.m4 b/m4/ax_am_macros_static.m4 -new file mode 100644 -index 000000000..f4cee8c89 ---- /dev/null -+++ b/m4/ax_am_macros_static.m4 -@@ -0,0 +1,38 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_am_macros_static.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_AM_MACROS_STATIC -+# -+# DESCRIPTION -+# -+# Adds support for macros that create Automake rules. You must manually -+# add the following line -+# -+# include $(top_srcdir)/aminclude_static.am -+# -+# to your Makefile.am files. -+# -+# LICENSE -+# -+# Copyright (c) 2009 Tom Howard -+# Copyright (c) 2009 Allan Caffee -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 11 -+ -+AC_DEFUN([AMINCLUDE_STATIC],[aminclude_static.am]) -+ -+AC_DEFUN([AX_AM_MACROS_STATIC], -+[ -+AX_AC_PRINT_TO_FILE(AMINCLUDE_STATIC,[ -+# ]AMINCLUDE_STATIC[ generated automatically by Autoconf -+# from AX_AM_MACROS_STATIC on ]m4_esyscmd([LC_ALL=C date])[ -+]) -+]) -diff --git a/m4/ax_code_coverage.m4 b/m4/ax_code_coverage.m4 -new file mode 100644 -index 000000000..3d36924b1 ---- /dev/null -+++ b/m4/ax_code_coverage.m4 -@@ -0,0 +1,272 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_code_coverage.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_CODE_COVERAGE() -+# -+# DESCRIPTION -+# -+# Defines CODE_COVERAGE_CPPFLAGS, CODE_COVERAGE_CFLAGS, -+# CODE_COVERAGE_CXXFLAGS and CODE_COVERAGE_LIBS which should be included -+# in the CPPFLAGS, CFLAGS CXXFLAGS and LIBS/LIBADD variables of every -+# build target (program or library) which should be built with code -+# coverage support. Also add rules using AX_ADD_AM_MACRO_STATIC; and -+# $enable_code_coverage which can be used in subsequent configure output. -+# CODE_COVERAGE_ENABLED is defined and substituted, and corresponds to the -+# value of the --enable-code-coverage option, which defaults to being -+# disabled. -+# -+# Test also for gcov program and create GCOV variable that could be -+# substituted. -+# -+# Note that all optimization flags in CFLAGS must be disabled when code -+# coverage is enabled. -+# -+# Usage example: -+# -+# configure.ac: -+# -+# AX_CODE_COVERAGE -+# -+# Makefile.am: -+# -+# include $(top_srcdir)/aminclude_static.am -+# -+# my_program_LIBS = ... $(CODE_COVERAGE_LIBS) ... -+# my_program_CPPFLAGS = ... $(CODE_COVERAGE_CPPFLAGS) ... -+# my_program_CFLAGS = ... $(CODE_COVERAGE_CFLAGS) ... -+# my_program_CXXFLAGS = ... $(CODE_COVERAGE_CXXFLAGS) ... -+# -+# clean-local: code-coverage-clean -+# distclean-local: code-coverage-dist-clean -+# -+# This results in a "check-code-coverage" rule being added to any -+# Makefile.am which do "include $(top_srcdir)/aminclude_static.am" -+# (assuming the module has been configured with --enable-code-coverage). -+# Running `make check-code-coverage` in that directory will run the -+# module's test suite (`make check`) and build a code coverage report -+# detailing the code which was touched, then print the URI for the report. -+# -+# This code was derived from Makefile.decl in GLib, originally licensed -+# under LGPLv2.1+. -+# -+# LICENSE -+# -+# Copyright (c) 2012, 2016 Philip Withnall -+# Copyright (c) 2012 Xan Lopez -+# Copyright (c) 2012 Christian Persch -+# Copyright (c) 2012 Paolo Borelli -+# Copyright (c) 2012 Dan Winship -+# Copyright (c) 2015,2018 Bastien ROUCARIES -+# -+# This library is free software; you can redistribute it and/or modify it -+# under the terms of the GNU Lesser General Public License as published by -+# the Free Software Foundation; either version 2.1 of the License, or (at -+# your option) any later version. -+# -+# This library is distributed in the hope that it will be useful, but -+# WITHOUT ANY WARRANTY; without even the implied warranty of -+# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser -+# General Public License for more details. -+# -+# You should have received a copy of the GNU Lesser General Public License -+# along with this program. If not, see . -+ -+#serial 32 -+ -+m4_define(_AX_CODE_COVERAGE_RULES,[ -+AX_ADD_AM_MACRO_STATIC([ -+# Code coverage -+# -+# Optional: -+# - CODE_COVERAGE_DIRECTORY: Top-level directory for code coverage reporting. -+# Multiple directories may be specified, separated by whitespace. -+# (Default: \$(top_builddir)) -+# - CODE_COVERAGE_OUTPUT_FILE: Filename and path for the .info file generated -+# by lcov for code coverage. (Default: -+# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info) -+# - CODE_COVERAGE_OUTPUT_DIRECTORY: Directory for generated code coverage -+# reports to be created. (Default: -+# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage) -+# - CODE_COVERAGE_BRANCH_COVERAGE: Set to 1 to enforce branch coverage, -+# set to 0 to disable it and leave empty to stay with the default. -+# (Default: empty) -+# - CODE_COVERAGE_LCOV_SHOPTS_DEFAULT: Extra options shared between both lcov -+# instances. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) -+# - CODE_COVERAGE_LCOV_SHOPTS: Extra options to shared between both lcov -+# instances. (Default: $CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) -+# - CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH: --gcov-tool pathtogcov -+# - CODE_COVERAGE_LCOV_OPTIONS_DEFAULT: Extra options to pass to the -+# collecting lcov instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) -+# - CODE_COVERAGE_LCOV_OPTIONS: Extra options to pass to the collecting lcov -+# instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) -+# - CODE_COVERAGE_LCOV_RMOPTS_DEFAULT: Extra options to pass to the filtering -+# lcov instance. (Default: empty) -+# - CODE_COVERAGE_LCOV_RMOPTS: Extra options to pass to the filtering lcov -+# instance. (Default: $CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) -+# - CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT: Extra options to pass to the -+# genhtml instance. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) -+# - CODE_COVERAGE_GENHTML_OPTIONS: Extra options to pass to the genhtml -+# instance. (Default: $CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) -+# - CODE_COVERAGE_IGNORE_PATTERN: Extra glob pattern of files to ignore -+# -+# The generated report will be titled using the \$(PACKAGE_NAME) and -+# \$(PACKAGE_VERSION). In order to add the current git hash to the title, -+# use the git-version-gen script, available online. -+# Optional variables -+# run only on top dir -+if CODE_COVERAGE_ENABLED -+ ifeq (\$(abs_builddir), \$(abs_top_builddir)) -+CODE_COVERAGE_DIRECTORY ?= \$(top_builddir) -+CODE_COVERAGE_OUTPUT_FILE ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info -+CODE_COVERAGE_OUTPUT_DIRECTORY ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage -+ -+CODE_COVERAGE_BRANCH_COVERAGE ?= -+CODE_COVERAGE_LCOV_SHOPTS_DEFAULT ?= \$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ -+--rc lcov_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) -+CODE_COVERAGE_LCOV_SHOPTS ?= \$(CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) -+CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH ?= --gcov-tool \"\$(GCOV)\" -+CODE_COVERAGE_LCOV_OPTIONS_DEFAULT ?= \$(CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) -+CODE_COVERAGE_LCOV_OPTIONS ?= \$(CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) -+CODE_COVERAGE_LCOV_RMOPTS_DEFAULT ?= -+CODE_COVERAGE_LCOV_RMOPTS ?= \$(CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) -+CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT ?=\ -+\$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ -+--rc genhtml_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) -+CODE_COVERAGE_GENHTML_OPTIONS ?= \$(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) -+CODE_COVERAGE_IGNORE_PATTERN ?= -+ -+GITIGNOREFILES = \$(GITIGNOREFILES) \$(CODE_COVERAGE_OUTPUT_FILE) \$(CODE_COVERAGE_OUTPUT_DIRECTORY) -+code_coverage_v_lcov_cap = \$(code_coverage_v_lcov_cap_\$(V)) -+code_coverage_v_lcov_cap_ = \$(code_coverage_v_lcov_cap_\$(AM_DEFAULT_VERBOSITY)) -+code_coverage_v_lcov_cap_0 = @echo \" LCOV --capture\" \$(CODE_COVERAGE_OUTPUT_FILE); -+code_coverage_v_lcov_ign = \$(code_coverage_v_lcov_ign_\$(V)) -+code_coverage_v_lcov_ign_ = \$(code_coverage_v_lcov_ign_\$(AM_DEFAULT_VERBOSITY)) -+code_coverage_v_lcov_ign_0 = @echo \" LCOV --remove /tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN); -+code_coverage_v_genhtml = \$(code_coverage_v_genhtml_\$(V)) -+code_coverage_v_genhtml_ = \$(code_coverage_v_genhtml_\$(AM_DEFAULT_VERBOSITY)) -+code_coverage_v_genhtml_0 = @echo \" GEN \" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\"; -+code_coverage_quiet = \$(code_coverage_quiet_\$(V)) -+code_coverage_quiet_ = \$(code_coverage_quiet_\$(AM_DEFAULT_VERBOSITY)) -+code_coverage_quiet_0 = --quiet -+ -+# sanitizes the test-name: replaces with underscores: dashes and dots -+code_coverage_sanitize = \$(subst -,_,\$(subst .,_,\$(1))) -+ -+# Use recursive makes in order to ignore errors during check -+check-code-coverage: -+ -\$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) -k check -+ \$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) code-coverage-capture -+ -+# Capture code coverage data -+code-coverage-capture: code-coverage-capture-hook -+ \$(code_coverage_v_lcov_cap)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --capture --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" --test-name \"\$(call code_coverage_sanitize,\$(PACKAGE_NAME)-\$(PACKAGE_VERSION))\" --no-checksum --compat-libtool \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_OPTIONS) -+ \$(code_coverage_v_lcov_ign)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --remove \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"/tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN) --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_RMOPTS) -+ -@rm -f \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" -+ \$(code_coverage_v_genhtml)LANG=C \$(GENHTML) \$(code_coverage_quiet) \$(addprefix --prefix ,\$(CODE_COVERAGE_DIRECTORY)) --output-directory \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" --title \"\$(PACKAGE_NAME)-\$(PACKAGE_VERSION) Code Coverage\" --legend --show-details \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_GENHTML_OPTIONS) -+ @echo \"file://\$(abs_builddir)/\$(CODE_COVERAGE_OUTPUT_DIRECTORY)/index.html\" -+ -+code-coverage-clean: -+ -\$(LCOV) --directory \$(top_builddir) -z -+ -rm -rf \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" -+ -find . \\( -name \"*.gcda\" -o -name \"*.gcno\" -o -name \"*.gcov\" \\) -delete -+ -+code-coverage-dist-clean: -+ -+A][M_DISTCHECK_CONFIGURE_FLAGS = \$(A][M_DISTCHECK_CONFIGURE_FLAGS) --disable-code-coverage -+ else # ifneq (\$(abs_builddir), \$(abs_top_builddir)) -+check-code-coverage: -+ -+code-coverage-capture: code-coverage-capture-hook -+ -+code-coverage-clean: -+ -+code-coverage-dist-clean: -+ endif # ifeq (\$(abs_builddir), \$(abs_top_builddir)) -+else #! CODE_COVERAGE_ENABLED -+# Use recursive makes in order to ignore errors during check -+check-code-coverage: -+ @echo \"Need to reconfigure with --enable-code-coverage\" -+# Capture code coverage data -+code-coverage-capture: code-coverage-capture-hook -+ @echo \"Need to reconfigure with --enable-code-coverage\" -+ -+code-coverage-clean: -+ -+code-coverage-dist-clean: -+ -+endif #CODE_COVERAGE_ENABLED -+# Hook rule executed before code-coverage-capture, overridable by the user -+code-coverage-capture-hook: -+ -+.PHONY: check-code-coverage code-coverage-capture code-coverage-dist-clean code-coverage-clean code-coverage-capture-hook -+]) -+]) -+ -+AC_DEFUN([_AX_CODE_COVERAGE_ENABLED],[ -+ AX_CHECK_GNU_MAKE([],[AC_MSG_ERROR([not using GNU make that is needed for coverage])]) -+ AC_REQUIRE([AX_ADD_AM_MACRO_STATIC]) -+ # check for gcov -+ AC_CHECK_TOOL([GCOV], -+ [$_AX_CODE_COVERAGE_GCOV_PROG_WITH], -+ [:]) -+ AS_IF([test "X$GCOV" = "X:"], -+ [AC_MSG_ERROR([gcov is needed to do coverage])]) -+ AC_SUBST([GCOV]) -+ -+ dnl Check if gcc is being used -+ AS_IF([ test "$GCC" = "no" ], [ -+ AC_MSG_ERROR([not compiling with gcc, which is required for gcov code coverage]) -+ ]) -+ -+ AC_CHECK_PROG([LCOV], [lcov], [lcov]) -+ AC_CHECK_PROG([GENHTML], [genhtml], [genhtml]) -+ -+ AS_IF([ test x"$LCOV" = x ], [ -+ AC_MSG_ERROR([To enable code coverage reporting you must have lcov installed]) -+ ]) -+ -+ AS_IF([ test x"$GENHTML" = x ], [ -+ AC_MSG_ERROR([Could not find genhtml from the lcov package]) -+ ]) -+ -+ dnl Build the code coverage flags -+ dnl Define CODE_COVERAGE_LDFLAGS for backwards compatibility -+ CODE_COVERAGE_CPPFLAGS="-DNDEBUG" -+ CODE_COVERAGE_CFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" -+ CODE_COVERAGE_CXXFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" -+ CODE_COVERAGE_LIBS="-lgcov" -+ -+ AC_SUBST([CODE_COVERAGE_CPPFLAGS]) -+ AC_SUBST([CODE_COVERAGE_CFLAGS]) -+ AC_SUBST([CODE_COVERAGE_CXXFLAGS]) -+ AC_SUBST([CODE_COVERAGE_LIBS]) -+]) -+ -+AC_DEFUN([AX_CODE_COVERAGE],[ -+ dnl Check for --enable-code-coverage -+ -+ # allow to override gcov location -+ AC_ARG_WITH([gcov], -+ [AS_HELP_STRING([--with-gcov[=GCOV]], [use given GCOV for coverage (GCOV=gcov).])], -+ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=$with_gcov], -+ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=gcov]) -+ -+ AC_MSG_CHECKING([whether to build with code coverage support]) -+ AC_ARG_ENABLE([code-coverage], -+ AS_HELP_STRING([--enable-code-coverage], -+ [Whether to enable code coverage support]),, -+ enable_code_coverage=no) -+ -+ AM_CONDITIONAL([CODE_COVERAGE_ENABLED], [test "x$enable_code_coverage" = xyes]) -+ AC_SUBST([CODE_COVERAGE_ENABLED], [$enable_code_coverage]) -+ AC_MSG_RESULT($enable_code_coverage) -+ -+ AS_IF([ test "x$enable_code_coverage" = xyes ], [ -+ _AX_CODE_COVERAGE_ENABLED -+ ]) -+ -+ _AX_CODE_COVERAGE_RULES -+]) -diff --git a/m4/ax_file_escapes.m4 b/m4/ax_file_escapes.m4 -new file mode 100644 -index 000000000..a86fdc326 ---- /dev/null -+++ b/m4/ax_file_escapes.m4 -@@ -0,0 +1,30 @@ -+# =========================================================================== -+# https://www.gnu.org/software/autoconf-archive/ax_file_escapes.html -+# =========================================================================== -+# -+# SYNOPSIS -+# -+# AX_FILE_ESCAPES -+# -+# DESCRIPTION -+# -+# Writes the specified data to the specified file. -+# -+# LICENSE -+# -+# Copyright (c) 2008 Tom Howard -+# -+# Copying and distribution of this file, with or without modification, are -+# permitted in any medium without royalty provided the copyright notice -+# and this notice are preserved. This file is offered as-is, without any -+# warranty. -+ -+#serial 8 -+ -+AC_DEFUN([AX_FILE_ESCAPES],[ -+AX_DOLLAR="\$" -+AX_SRB="\\135" -+AX_SLB="\\133" -+AX_BS="\\\\" -+AX_DQ="\"" -+]) -diff --git a/test/Makefile.am b/test/Makefile.am -index 6a6e1a306..746ed314e 100644 ---- a/test/Makefile.am -+++ b/test/Makefile.am -@@ -39,9 +39,9 @@ libdbus_testutils_la_SOURCES += \ - endif - - libdbus_testutils_la_LIBADD = \ -+ $(CODE_COVERAGE_LIBS) \ - $(top_builddir)/dbus/libdbus-1.la \ - $(top_builddir)/dbus/libdbus-internal.la \ -- $(CODE_COVERAGE_LDFLAGS) \ - $(NULL) - - TEST_EXTENSIONS = .sh -@@ -672,4 +672,4 @@ $(installable_test_meta_with_config): %_with_config.test: %$(EXEEXT) Makefile - ) > $@.tmp && mv $@.tmp $@ - - # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE --@CODE_COVERAGE_RULES@ -+include $(top_srcdir)/aminclude_static.am --- -GitLab - diff --git a/dbus-1.12.8-CVE-2023-34969.patch b/dbus-1.12.8-fix-CVE-2023-34969.patch similarity index 83% rename from dbus-1.12.8-CVE-2023-34969.patch rename to dbus-1.12.8-fix-CVE-2023-34969.patch index dd053d0..535cd18 100644 --- a/dbus-1.12.8-CVE-2023-34969.patch +++ b/dbus-1.12.8-fix-CVE-2023-34969.patch @@ -1,9 +1,50 @@ +From 3a1b1e9a4010e581e2e940e61d37c4f617eb5eff Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 5 Jun 2023 17:56:33 +0100 +Subject: [PATCH 1/3] monitor test: Log the messages that we monitored + +This is helpful while debugging test failures. + +Helps: dbus/dbus#457 +Signed-off-by: Simon McVittie +(cherry picked from commit 8ee5d3e04420975107c27073b50f8758871a998b) +--- + test/monitor.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/test/monitor.c b/test/monitor.c +index df5a7180..182110f8 100644 +--- a/test/monitor.c ++++ b/test/monitor.c +@@ -196,6 +196,10 @@ _log_message (DBusMessage *m, + not_null (dbus_message_get_signature (m))); + g_test_message ("\terror name: %s", + not_null (dbus_message_get_error_name (m))); ++ g_test_message ("\tserial number: %u", ++ dbus_message_get_serial (m)); ++ g_test_message ("\tin reply to: %u", ++ dbus_message_get_reply_serial (m)); + + if (strcmp ("s", dbus_message_get_signature (m)) == 0) + { +@@ -339,6 +343,9 @@ monitor_filter (DBusConnection *connection, + { + Fixture *f = user_data; + ++ g_test_message ("Monitor received message:"); ++ log_message (message); ++ + g_assert_cmpstr (dbus_message_get_interface (message), !=, + "com.example.Tedious"); + +-- +2.41.0 + + From 37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c Mon Sep 17 00:00:00 2001 From: hongjinghao Date: Mon, 5 Jun 2023 18:17:06 +0100 -Subject: [PATCH 1/2] bus: Assign a serial number for messages from the driver - -commit 37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c upstream. +Subject: [PATCH 2/3] bus: Assign a serial number for messages from the driver Normally, it's enough to rely on a message being given a serial number by the DBusConnection just before it is actually sent. However, in the @@ -33,10 +74,10 @@ Resolves: dbus/dbus#457 3 files changed, 27 insertions(+), 1 deletion(-) diff --git a/bus/connection.c b/bus/connection.c -index a41b790b..4d46992c 100644 +index b3583433..215f0230 100644 --- a/bus/connection.c +++ b/bus/connection.c -@@ -2376,6 +2376,21 @@ bus_transaction_send_from_driver (BusTransaction *transaction, +@@ -2350,6 +2350,21 @@ bus_transaction_send_from_driver (BusTransaction *transaction, if (!dbus_message_set_sender (message, DBUS_SERVICE_DBUS)) return FALSE; @@ -59,10 +100,10 @@ index a41b790b..4d46992c 100644 { if (!dbus_message_set_destination (message, diff --git a/dbus/dbus-connection-internal.h b/dbus/dbus-connection-internal.h -index 912b546e..747e6e54 100644 +index 48357321..ba79b192 100644 --- a/dbus/dbus-connection-internal.h +++ b/dbus/dbus-connection-internal.h -@@ -57,6 +57,8 @@ DBUS_PRIVATE_EXPORT +@@ -54,6 +54,8 @@ DBUS_PRIVATE_EXPORT DBusConnection * _dbus_connection_ref_unlocked (DBusConnection *connection); DBUS_PRIVATE_EXPORT void _dbus_connection_unref_unlocked (DBusConnection *connection); @@ -72,10 +113,10 @@ index 912b546e..747e6e54 100644 DBusList *link); dbus_bool_t _dbus_connection_has_messages_to_send_unlocked (DBusConnection *connection); diff --git a/dbus/dbus-connection.c b/dbus/dbus-connection.c -index 105bdf4e..34380293 100644 +index c525b6dc..09cef278 100644 --- a/dbus/dbus-connection.c +++ b/dbus/dbus-connection.c -@@ -1461,7 +1461,16 @@ _dbus_connection_unref_unlocked (DBusConnection *connection) +@@ -1456,7 +1456,16 @@ _dbus_connection_unref_unlocked (DBusConnection *connection) _dbus_connection_last_unref (connection); } @@ -94,15 +135,13 @@ index 105bdf4e..34380293 100644 { dbus_uint32_t serial; -- -2.40.1 +2.41.0 From 2c699f6ba9c162878c69d0728298c1ab7308db72 Mon Sep 17 00:00:00 2001 From: Simon McVittie Date: Mon, 5 Jun 2023 18:51:22 +0100 -Subject: [PATCH 2/2] monitor test: Reproduce dbus/dbus#457 - -commit 2c699f6ba9c162878c69d0728298c1ab7308db72 upstream. +Subject: [PATCH 3/3] monitor test: Reproduce dbus/dbus#457 The exact failure mode reported in dbus/dbus#457 is quite difficult to achieve in a reliable way in a unit test, because we'd have to send @@ -133,7 +172,7 @@ index d145613c..58b3cc6a 100644 diff --git a/test/monitor.c b/test/monitor.c -index d5a54b00..846a980c 100644 +index 182110f8..42e0734d 100644 --- a/test/monitor.c +++ b/test/monitor.c @@ -155,6 +155,21 @@ static Config side_effects_config = { @@ -205,7 +244,7 @@ index d5a54b00..846a980c 100644 /* This is called after processing pending replies to our own method * calls, but before anything else. */ -@@ -727,6 +761,11 @@ test_become_monitor (Fixture *f, +@@ -797,6 +831,11 @@ test_become_monitor (Fixture *f, test_assert_no_error (&f->e); g_assert_cmpint (ret, ==, DBUS_REQUEST_NAME_REPLY_PRIMARY_OWNER); @@ -217,7 +256,7 @@ index d5a54b00..846a980c 100644 while (!got_unique || !got_a || !got_b || !got_c) { if (g_queue_is_empty (&f->monitored)) -@@ -1378,6 +1417,7 @@ test_dbus_daemon (Fixture *f, +@@ -1448,6 +1487,7 @@ test_dbus_daemon (Fixture *f, { DBusMessage *m; int res; @@ -225,7 +264,7 @@ index d5a54b00..846a980c 100644 if (f->address == NULL) return; -@@ -1393,7 +1433,12 @@ test_dbus_daemon (Fixture *f, +@@ -1463,7 +1503,12 @@ test_dbus_daemon (Fixture *f, test_assert_no_error (&f->e); g_assert_cmpint (res, ==, DBUS_RELEASE_NAME_REPLY_RELEASED); @@ -239,7 +278,7 @@ index d5a54b00..846a980c 100644 test_main_context_iterate (f->ctx, TRUE); m = g_queue_pop_head (&f->monitored); -@@ -1406,10 +1451,12 @@ test_dbus_daemon (Fixture *f, +@@ -1476,10 +1521,12 @@ test_dbus_daemon (Fixture *f, "NameOwnerChanged", "sss", NULL); dbus_message_unref (m); @@ -255,7 +294,7 @@ index d5a54b00..846a980c 100644 dbus_message_unref (m); m = g_queue_pop_head (&f->monitored); -@@ -1631,8 +1678,14 @@ static void +@@ -1701,8 +1748,14 @@ static void expect_new_connection (Fixture *f) { DBusMessage *m; @@ -271,7 +310,7 @@ index d5a54b00..846a980c 100644 test_main_context_iterate (f->ctx, TRUE); m = g_queue_pop_head (&f->monitored); -@@ -1649,7 +1702,11 @@ expect_new_connection (Fixture *f) +@@ -1719,7 +1772,11 @@ expect_new_connection (Fixture *f) dbus_message_unref (m); m = g_queue_pop_head (&f->monitored); @@ -284,7 +323,7 @@ index d5a54b00..846a980c 100644 dbus_message_unref (m); } -@@ -1988,6 +2045,8 @@ main (int argc, +@@ -2044,6 +2101,8 @@ main (int argc, setup, test_method_call, teardown); g_test_add ("/monitor/forbidden-method", Fixture, &forbidding_config, setup, test_forbidden_method_call, teardown); @@ -294,5 +333,5 @@ index d5a54b00..846a980c 100644 setup, test_dbus_daemon, teardown); g_test_add ("/monitor/selective", Fixture, &selective_config, -- -2.40.1 +2.41.0 diff --git a/dbus-kill-process-with-session b/dbus-kill-process-with-session index f891568..6adfee9 100644 --- a/dbus-kill-process-with-session +++ b/dbus-kill-process-with-session @@ -7,8 +7,10 @@ exec >& /dev/null MONITOR_READY_FILE=$(mktemp dbus-session-monitor.XXXXXX --tmpdir) +DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions" +DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}" -trap 'rm -f "${MONITOR_READY_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT +trap 'rm -f "${MONITOR_READY_FILE}"; rm -f "${DBUS_SESSION_ADDRESS_FILE}"; kill -TERM $1; kill -HUP $(jobs -p)' EXIT export GVFS_DISABLE_FUSE=1 coproc SESSION_MONITOR (gio monitor -f "/run/systemd/sessions/${XDG_SESSION_ID}" "${MONITOR_READY_FILE}") diff --git a/dbus.spec b/dbus.spec index 1ceb1be..9205421 100644 --- a/dbus.spec +++ b/dbus.spec @@ -1,5 +1,3 @@ -%define anolis_release .0.1 - %global _hardened_build 1 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} @@ -21,7 +19,7 @@ Name: dbus Epoch: 1 Version: 1.12.8 -Release: 25%{anolis_release}%{?dist} +Release: 26%{?dist} Summary: D-BUS message bus Group: System Environment/Libraries @@ -49,12 +47,8 @@ Patch4: dbus-1.20.8-CVE-2022-42010.patch Patch5: dbus-1.20.8-CVE-2022-42011.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2133633 Patch6: dbus-1.20.8-CVE-2022-42012.patch -# Added by Anolis OS -Patch7: 0002-Forbid-AX_-prefixed-patterns-more-selectively.patch -Patch8: 0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch -# https://gitlab.freedesktop.org/dbus/dbus/-/commit/37a4dc5835731a1f7a81f1b67c45b8dfb556dd1c -# https://gitlab.freedesktop.org/dbus/dbus/-/commit/2c699f6ba9c162878c69d0728298c1ab7308db72 -Patch9: dbus-1.12.8-CVE-2023-34969.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=2213400 +Patch7: dbus-1.12.8-fix-CVE-2023-34969.patch BuildRequires: autoconf-archive BuildRequires: libtool @@ -118,11 +112,6 @@ Requires: dbus-common = %{epoch}:%{version}-%{release} Requires: dbus-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: dbus-tools = %{epoch}:%{version}-%{release} -Provides: /usr/bin/dbus-cleanup-sockets -Provides: /usr/bin/dbus-daemon -Provides: /usr/bin/dbus-run-session -Provides: /usr/bin/dbus-test-tool - %description daemon D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a @@ -133,11 +122,6 @@ Summary: D-BUS Tools and Utilities Group: Development/Libraries Requires: dbus-libs%{?_isa} = %{epoch}:%{version}-%{release} -Provides: /usr/bin/dbus-monitor -Provides: /usr/bin/dbus-send -Provides: /usr/bin/dbus-update-activation-environment -Provides: /usr/bin/dbus-uuidgen - %description tools Tools and utilities to interact with a running D-Bus Message Bus, provided by the reference implementation. @@ -178,19 +162,10 @@ Requires: %{name}-daemon = %{epoch}:%{version}-%{release} # Used by SSH daemon helper script. Requires: /usr/bin/gio -Provides: /usr/bin/dbus-launch - %description x11 D-BUS contains some tools that require Xlib to be installed, those are in this separate package so server systems need not install X. -%package doc -Summary: Documents for %{name} -BuildArch: noarch -Requires: %{name}-daemon = %{epoch}:%{version}-%{release} - -%description doc -Doc pages for %{name}. %prep %autosetup -p1 @@ -377,6 +352,7 @@ popd # just have it be in libs, because dbus Requires dbus-libs. %{!?_licensedir:%global license %%doc} %license COPYING +%doc AUTHORS ChangeLog HACKING NEWS README %exclude %{_pkgdocdir}/diagram.* %exclude %{_pkgdocdir}/introspect.* %exclude %{_pkgdocdir}/system-activation.txt @@ -446,16 +422,14 @@ popd %{_libdir}/pkgconfig/dbus-1.pc %{_includedir}/* -%files doc -%doc AUTHORS ChangeLog HACKING NEWS README - %changelog -* Thu Aug 10 2023 Bo Liu - 1.12.8-25.0.1 -- Fix CVE-2023-34969 +* Mon Jun 19 2023 David King - 1.12.8-26 +- Fix CVE-2023-34969 (#2213400) -* Wed Jun 28 2023 Zhao Hang - 1.12.8-24.1.0.1 -- Add doc sub package, requires and provides -- Fix build failure(Chang Gao) +* Mon Apr 24 2023 Ray Strode - 1.12.8-25 +- Ensure only one dbus-daemon is spawned for all shells sharing + a single connection. + Resolves: #2189201 * Wed Oct 19 2022 David King - 1:1.12.8-24 - Fix CVE-2022-42010 (#2133645) diff --git a/ssh-x-forwarding.csh b/ssh-x-forwarding.csh index 10d87ed..47424e5 100644 --- a/ssh-x-forwarding.csh +++ b/ssh-x-forwarding.csh @@ -1,10 +1,24 @@ # DBus session bus over SSH with X11 forwarding if ( $?SSH_CONNECTION == 0 ) exit +if ( $?XDG_SESSION_ID == 0) exit if ( $?DISPLAY == 0 ) exit if ( $SHLVL > 1 ) exit + +set DBUS_SESSIONS = "${XDG_RUNTIME_DIR}/dbus-1/sessions" +set DBUS_SESSION_ADDRESS_FILE = "${DBUS_SESSIONS}/${XDG_SESSION_ID}" + +if ( -e "${DBUS_SESSION_ADDRESS_FILE}" ) then + setenv DBUS_SESSION_BUS_ADDRESS "`cat ${DBUS_SESSION_ADDRESS_FILE}`" + exit +endif + setenv GDK_BACKEND x11 eval `dbus-launch --csh-syntax` if ( $?DBUS_SESSION_BUS_PID == 0 ) exit + +mkdir -p "${DBUS_SESSIONS}" +echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}" + setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session $DBUS_SESSION_BUS_PID diff --git a/ssh-x-forwarding.sh b/ssh-x-forwarding.sh index 37c48f4..9fbb8d1 100644 --- a/ssh-x-forwarding.sh +++ b/ssh-x-forwarding.sh @@ -1,12 +1,25 @@ # DBus session bus over SSH with X11 forwarding [ -z "$SSH_CONNECTION" ] && return +[ -z "$XDG_SESSION_ID" ] && return [ -z "$DISPLAY" ] && return [ "${DISPLAY:0:1}" = ":" ] && return [ "$SHLVL" -ne 1 ] && return +DBUS_SESSIONS="${XDG_RUNTIME_DIR}/dbus-1/sessions" +DBUS_SESSION_ADDRESS_FILE="${DBUS_SESSIONS}/${XDG_SESSION_ID}" + +if [ -e "${DBUS_SESSION_ADDRESS_FILE}" ]; then + export DBUS_SESSION_BUS_ADDRESS="$(cat ${DBUS_SESSION_ADDRESS_FILE})" + return +fi + export GDK_BACKEND=x11 eval `dbus-launch --sh-syntax` [ -z "$DBUS_SESSION_BUS_PID" ] && return + +mkdir -p "${DBUS_SESSIONS}" +echo "${DBUS_SESSION_BUS_ADDRESS}" > "${DBUS_SESSION_ADDRESS_FILE}" + setsid -f /usr/libexec/dbus-1/dbus-kill-process-with-session "$DBUS_SESSION_BUS_PID" -- Gitee From 1b0eb5b0f5577b4f8f7978920aba06cc61cf56fe Mon Sep 17 00:00:00 2001 From: Zhao Hang Date: Sat, 16 Jul 2022 14:31:10 +0800 Subject: [PATCH 2/4] spec: add doc sub package, requires and provides Signed-off-by: Zhao Hang --- dbus.spec | 30 ++++++++++++++++++++++++++++-- 1 file changed, 28 insertions(+), 2 deletions(-) diff --git a/dbus.spec b/dbus.spec index 9205421..ac9746c 100644 --- a/dbus.spec +++ b/dbus.spec @@ -1,3 +1,5 @@ +%define anolis_release .0.1 + %global _hardened_build 1 %{!?_pkgdocdir: %global _pkgdocdir %{_docdir}/%{name}-%{version}} @@ -19,7 +21,7 @@ Name: dbus Epoch: 1 Version: 1.12.8 -Release: 26%{?dist} +Release: 26%{anolis_release}%{?dist} Summary: D-BUS message bus Group: System Environment/Libraries @@ -112,6 +114,11 @@ Requires: dbus-common = %{epoch}:%{version}-%{release} Requires: dbus-libs%{?_isa} = %{epoch}:%{version}-%{release} Requires: dbus-tools = %{epoch}:%{version}-%{release} +Provides: /usr/bin/dbus-cleanup-sockets +Provides: /usr/bin/dbus-daemon +Provides: /usr/bin/dbus-run-session +Provides: /usr/bin/dbus-test-tool + %description daemon D-BUS is a system for sending messages between applications. It is used both for the system-wide message bus service, and as a @@ -122,6 +129,11 @@ Summary: D-BUS Tools and Utilities Group: Development/Libraries Requires: dbus-libs%{?_isa} = %{epoch}:%{version}-%{release} +Provides: /usr/bin/dbus-monitor +Provides: /usr/bin/dbus-send +Provides: /usr/bin/dbus-update-activation-environment +Provides: /usr/bin/dbus-uuidgen + %description tools Tools and utilities to interact with a running D-Bus Message Bus, provided by the reference implementation. @@ -162,10 +174,19 @@ Requires: %{name}-daemon = %{epoch}:%{version}-%{release} # Used by SSH daemon helper script. Requires: /usr/bin/gio +Provides: /usr/bin/dbus-launch + %description x11 D-BUS contains some tools that require Xlib to be installed, those are in this separate package so server systems need not install X. +%package doc +Summary: Documents for %{name} +BuildArch: noarch +Requires: %{name}-daemon = %{epoch}:%{version}-%{release} + +%description doc +Doc pages for %{name}. %prep %autosetup -p1 @@ -352,7 +373,6 @@ popd # just have it be in libs, because dbus Requires dbus-libs. %{!?_licensedir:%global license %%doc} %license COPYING -%doc AUTHORS ChangeLog HACKING NEWS README %exclude %{_pkgdocdir}/diagram.* %exclude %{_pkgdocdir}/introspect.* %exclude %{_pkgdocdir}/system-activation.txt @@ -422,7 +442,13 @@ popd %{_libdir}/pkgconfig/dbus-1.pc %{_includedir}/* +%files doc +%doc AUTHORS ChangeLog HACKING NEWS README + %changelog +* Fri Dec 15 2023 Zhao Hang - 1.12.8-26.0.1 +- Add doc sub package, requires and provides + * Mon Jun 19 2023 David King - 1.12.8-26 - Fix CVE-2023-34969 (#2213400) -- Gitee From d0ee18a00ab2048f8c64be06548975d98a3b0ac9 Mon Sep 17 00:00:00 2001 From: "taifu.gc" Date: Tue, 30 May 2023 11:34:24 +0800 Subject: [PATCH 3/4] fix build failure --- ..._-prefixed-patterns-more-selectively.patch | 44 ++ ...hange-in-AX_CODE_COVERAGE-version-28.patch | 582 ++++++++++++++++++ dbus.spec | 4 + 3 files changed, 630 insertions(+) create mode 100644 0002-Forbid-AX_-prefixed-patterns-more-selectively.patch create mode 100644 0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch diff --git a/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch b/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch new file mode 100644 index 0000000..3d8211a --- /dev/null +++ b/0002-Forbid-AX_-prefixed-patterns-more-selectively.patch @@ -0,0 +1,44 @@ +From 6ef67cff6ba26645f9cbe23ffb401f3d49a66429 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 21 Jan 2019 14:28:24 +0000 +Subject: [PATCH] configure.ac: Forbid AX_-prefixed patterns more selectively + +We want to make autoconf fail early and with a user-comprehensible +message if autoconf-archive isn't installed, rather than generating +a configure script with syntax errors, or a configure script that runs +successfully but doesn't do what we intended. + +However, autoconf-archive doesn't actually guarantee not to use +AX_-prefixed shell variable names without m4_pattern_allow'ing them +(unlike Autoconf, Automake, Libtool and pkg-config, which explicitly use +m4_pattern_allow for variables with AC_, AM_, LT_ and PKG_ prefixes), so +it isn't safe to assume that they won't be used. In particular, recent +versions of AX_CHECK_GNU_MAKE appear to be using +$AX_CHECK_GNU_MAKE_HEADLINE as a shell variable. + +Instead, specifically forbid the names of the finite list of macros +that we actually use. + +Signed-off-by: Simon McVittie +Resolves: dbus#249 +(cherry picked from commit ee09cc0acdc1c34e8ae999adf9922f3d0d66f407) +--- + configure.ac | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/configure.ac b/configure.ac +index cc8686037..d876a2fd5 100644 +--- a/configure.ac ++++ b/configure.ac +@@ -10,7 +10,7 @@ AC_INIT([dbus],[dbus_version],[https://bugs.freedesktop.org/enter_bug.cgi?produc + + AC_CONFIG_AUX_DIR([build-aux]) + +-m4_pattern_forbid([^AX_], ++m4_pattern_forbid([^AX_(CHECK_ENABLE_DEBUG|CODE_COVERAGE|COMPILER_FLAGS|COMPILER_FLAGS_(CFLAGS|CXXFLAGS|LDFLAGS))\b], + [Unexpanded AX_ macro found. Please install GNU autoconf-archive]) + + AC_CANONICAL_HOST +-- +GitLab + diff --git a/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch b/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch new file mode 100644 index 0000000..bd22d92 --- /dev/null +++ b/0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch @@ -0,0 +1,582 @@ +From d9ef0226e2ff346f80c0c8ba1a0fec19c553b458 Mon Sep 17 00:00:00 2001 +From: Simon McVittie +Date: Mon, 21 Jan 2019 17:51:07 +0000 +Subject: [PATCH] Adapt to API change in AX_CODE_COVERAGE version 28 + +AX_CODE_COVERAGE recently changed the way it embedded its Makefile rules +in the output file: instead of using @CODE_COVERAGE_RULES@, users +are now meant to include aminclude_static.am. + +The new AX_CODE_COVERAGE is only in the latest autoconf-archive release, +version 2019.01.06, which is inconveniently new, so bundle everything +we need for the moment. + +This requires us to stop using the deprecated CODE_COVERAGE_LDFLAGS +(which we still used to support older versions of autoconf-archive) +and replace them with CODE_COVERAGE_LIBS. + +Signed-off-by: Simon McVittie +(cherry picked from commit 2938c2125ebcd001e470aeac1ffac45b6b1ebe89) +Closes: dbus#265 +--- + Makefile.am | 2 +- + bus/Makefile.am | 6 +- + dbus/Makefile.am | 2 +- + m4/ax_ac_append_to_file.m4 | 32 +++++ + m4/ax_ac_print_to_file.m4 | 32 +++++ + m4/ax_add_am_macro_static.m4 | 28 ++++ + m4/ax_am_macros_static.m4 | 38 +++++ + m4/ax_code_coverage.m4 | 272 +++++++++++++++++++++++++++++++++++ + m4/ax_file_escapes.m4 | 30 ++++ + test/Makefile.am | 4 +- + 11 files changed, 443 insertions(+), 7 deletions(-) + create mode 100644 m4/ax_ac_append_to_file.m4 + create mode 100644 m4/ax_ac_print_to_file.m4 + create mode 100644 m4/ax_add_am_macro_static.m4 + create mode 100644 m4/ax_am_macros_static.m4 + create mode 100644 m4/ax_code_coverage.m4 + create mode 100644 m4/ax_file_escapes.m4 + +diff --git a/Makefile.am b/Makefile.am +index 9a9023018..45183cb0c 100644 +--- a/Makefile.am ++++ b/Makefile.am +@@ -51,4 +51,4 @@ DISTCHECK_CONFIGURE_FLAGS = \ + ACLOCAL_AMFLAGS = -I m4 ${ACLOCAL_FLAGS} + + # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE +-@CODE_COVERAGE_RULES@ ++include $(top_srcdir)/aminclude_static.am +diff --git a/bus/Makefile.am b/bus/Makefile.am +index 9ae30716b..c91706310 100644 +--- a/bus/Makefile.am ++++ b/bus/Makefile.am +@@ -6,7 +6,7 @@ systemdtmpfilesdir = $(prefix)/lib/tmpfiles.d + systemdsysusersdir = $(prefix)/lib/sysusers.d + + DBUS_BUS_LIBS = \ +- $(CODE_COVERAGE_LDFLAGS) \ ++ $(CODE_COVERAGE_LIBS) \ + $(EXPAT_LIBS) \ + $(SELINUX_LIBS) \ + $(APPARMOR_LIBS) \ +@@ -16,7 +16,7 @@ DBUS_BUS_LIBS = \ + $(NULL) + + DBUS_LAUNCHER_LIBS = \ +- $(CODE_COVERAGE_LDFLAGS) \ ++ $(CODE_COVERAGE_LIBS) \ + $(EXPAT_LIBS) \ + $(THREAD_LIBS) \ + $(NETWORK_libs) \ +@@ -306,4 +306,4 @@ systemduserunit_DATA = \ + endif + + # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE +-@CODE_COVERAGE_RULES@ ++include $(top_srcdir)/aminclude_static.am +diff --git a/dbus/Makefile.am b/dbus/Makefile.am +index b2913ef0e..ec8e2a5ee 100644 +--- a/dbus/Makefile.am ++++ b/dbus/Makefile.am +@@ -329,7 +329,7 @@ test_dbus_SOURCES= \ + test_dbus_LDADD = libdbus-internal.la + + # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE +-@CODE_COVERAGE_RULES@ ++include $(top_srcdir)/aminclude_static.am + + clean-local: + $(AM_V_at)rm -fr ./.dbus-keyrings +diff --git a/m4/ax_ac_append_to_file.m4 b/m4/ax_ac_append_to_file.m4 +new file mode 100644 +index 000000000..242b3d520 +--- /dev/null ++++ b/m4/ax_ac_append_to_file.m4 +@@ -0,0 +1,32 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_ac_append_to_file.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_AC_APPEND_TO_FILE([FILE],[DATA]) ++# ++# DESCRIPTION ++# ++# Appends the specified data to the specified Autoconf is run. If you want ++# to append to a file when configure is run use AX_APPEND_TO_FILE instead. ++# ++# LICENSE ++# ++# Copyright (c) 2009 Allan Caffee ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 10 ++ ++AC_DEFUN([AX_AC_APPEND_TO_FILE],[ ++AC_REQUIRE([AX_FILE_ESCAPES]) ++m4_esyscmd( ++AX_FILE_ESCAPES ++[ ++printf "%s" "$2" >> "$1" ++]) ++]) +diff --git a/m4/ax_ac_print_to_file.m4 b/m4/ax_ac_print_to_file.m4 +new file mode 100644 +index 000000000..642dfc151 +--- /dev/null ++++ b/m4/ax_ac_print_to_file.m4 +@@ -0,0 +1,32 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_ac_print_to_file.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_AC_PRINT_TO_FILE([FILE],[DATA]) ++# ++# DESCRIPTION ++# ++# Writes the specified data to the specified file when Autoconf is run. If ++# you want to print to a file when configure is run use AX_PRINT_TO_FILE ++# instead. ++# ++# LICENSE ++# ++# Copyright (c) 2009 Allan Caffee ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 10 ++ ++AC_DEFUN([AX_AC_PRINT_TO_FILE],[ ++m4_esyscmd( ++AC_REQUIRE([AX_FILE_ESCAPES]) ++[ ++printf "%s" "$2" > "$1" ++]) ++]) +diff --git a/m4/ax_add_am_macro_static.m4 b/m4/ax_add_am_macro_static.m4 +new file mode 100644 +index 000000000..6442d24b7 +--- /dev/null ++++ b/m4/ax_add_am_macro_static.m4 +@@ -0,0 +1,28 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_add_am_macro_static.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_ADD_AM_MACRO_STATIC([RULE]) ++# ++# DESCRIPTION ++# ++# Adds the specified rule to $AMINCLUDE. ++# ++# LICENSE ++# ++# Copyright (c) 2009 Tom Howard ++# Copyright (c) 2009 Allan Caffee ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 8 ++ ++AC_DEFUN([AX_ADD_AM_MACRO_STATIC],[ ++ AC_REQUIRE([AX_AM_MACROS_STATIC]) ++ AX_AC_APPEND_TO_FILE(AMINCLUDE_STATIC,[$1]) ++]) +diff --git a/m4/ax_am_macros_static.m4 b/m4/ax_am_macros_static.m4 +new file mode 100644 +index 000000000..f4cee8c89 +--- /dev/null ++++ b/m4/ax_am_macros_static.m4 +@@ -0,0 +1,38 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_am_macros_static.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_AM_MACROS_STATIC ++# ++# DESCRIPTION ++# ++# Adds support for macros that create Automake rules. You must manually ++# add the following line ++# ++# include $(top_srcdir)/aminclude_static.am ++# ++# to your Makefile.am files. ++# ++# LICENSE ++# ++# Copyright (c) 2009 Tom Howard ++# Copyright (c) 2009 Allan Caffee ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 11 ++ ++AC_DEFUN([AMINCLUDE_STATIC],[aminclude_static.am]) ++ ++AC_DEFUN([AX_AM_MACROS_STATIC], ++[ ++AX_AC_PRINT_TO_FILE(AMINCLUDE_STATIC,[ ++# ]AMINCLUDE_STATIC[ generated automatically by Autoconf ++# from AX_AM_MACROS_STATIC on ]m4_esyscmd([LC_ALL=C date])[ ++]) ++]) +diff --git a/m4/ax_code_coverage.m4 b/m4/ax_code_coverage.m4 +new file mode 100644 +index 000000000..3d36924b1 +--- /dev/null ++++ b/m4/ax_code_coverage.m4 +@@ -0,0 +1,272 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_code_coverage.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_CODE_COVERAGE() ++# ++# DESCRIPTION ++# ++# Defines CODE_COVERAGE_CPPFLAGS, CODE_COVERAGE_CFLAGS, ++# CODE_COVERAGE_CXXFLAGS and CODE_COVERAGE_LIBS which should be included ++# in the CPPFLAGS, CFLAGS CXXFLAGS and LIBS/LIBADD variables of every ++# build target (program or library) which should be built with code ++# coverage support. Also add rules using AX_ADD_AM_MACRO_STATIC; and ++# $enable_code_coverage which can be used in subsequent configure output. ++# CODE_COVERAGE_ENABLED is defined and substituted, and corresponds to the ++# value of the --enable-code-coverage option, which defaults to being ++# disabled. ++# ++# Test also for gcov program and create GCOV variable that could be ++# substituted. ++# ++# Note that all optimization flags in CFLAGS must be disabled when code ++# coverage is enabled. ++# ++# Usage example: ++# ++# configure.ac: ++# ++# AX_CODE_COVERAGE ++# ++# Makefile.am: ++# ++# include $(top_srcdir)/aminclude_static.am ++# ++# my_program_LIBS = ... $(CODE_COVERAGE_LIBS) ... ++# my_program_CPPFLAGS = ... $(CODE_COVERAGE_CPPFLAGS) ... ++# my_program_CFLAGS = ... $(CODE_COVERAGE_CFLAGS) ... ++# my_program_CXXFLAGS = ... $(CODE_COVERAGE_CXXFLAGS) ... ++# ++# clean-local: code-coverage-clean ++# distclean-local: code-coverage-dist-clean ++# ++# This results in a "check-code-coverage" rule being added to any ++# Makefile.am which do "include $(top_srcdir)/aminclude_static.am" ++# (assuming the module has been configured with --enable-code-coverage). ++# Running `make check-code-coverage` in that directory will run the ++# module's test suite (`make check`) and build a code coverage report ++# detailing the code which was touched, then print the URI for the report. ++# ++# This code was derived from Makefile.decl in GLib, originally licensed ++# under LGPLv2.1+. ++# ++# LICENSE ++# ++# Copyright (c) 2012, 2016 Philip Withnall ++# Copyright (c) 2012 Xan Lopez ++# Copyright (c) 2012 Christian Persch ++# Copyright (c) 2012 Paolo Borelli ++# Copyright (c) 2012 Dan Winship ++# Copyright (c) 2015,2018 Bastien ROUCARIES ++# ++# This library is free software; you can redistribute it and/or modify it ++# under the terms of the GNU Lesser General Public License as published by ++# the Free Software Foundation; either version 2.1 of the License, or (at ++# your option) any later version. ++# ++# This library is distributed in the hope that it will be useful, but ++# WITHOUT ANY WARRANTY; without even the implied warranty of ++# MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU Lesser ++# General Public License for more details. ++# ++# You should have received a copy of the GNU Lesser General Public License ++# along with this program. If not, see . ++ ++#serial 32 ++ ++m4_define(_AX_CODE_COVERAGE_RULES,[ ++AX_ADD_AM_MACRO_STATIC([ ++# Code coverage ++# ++# Optional: ++# - CODE_COVERAGE_DIRECTORY: Top-level directory for code coverage reporting. ++# Multiple directories may be specified, separated by whitespace. ++# (Default: \$(top_builddir)) ++# - CODE_COVERAGE_OUTPUT_FILE: Filename and path for the .info file generated ++# by lcov for code coverage. (Default: ++# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info) ++# - CODE_COVERAGE_OUTPUT_DIRECTORY: Directory for generated code coverage ++# reports to be created. (Default: ++# \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage) ++# - CODE_COVERAGE_BRANCH_COVERAGE: Set to 1 to enforce branch coverage, ++# set to 0 to disable it and leave empty to stay with the default. ++# (Default: empty) ++# - CODE_COVERAGE_LCOV_SHOPTS_DEFAULT: Extra options shared between both lcov ++# instances. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) ++# - CODE_COVERAGE_LCOV_SHOPTS: Extra options to shared between both lcov ++# instances. (Default: $CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) ++# - CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH: --gcov-tool pathtogcov ++# - CODE_COVERAGE_LCOV_OPTIONS_DEFAULT: Extra options to pass to the ++# collecting lcov instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) ++# - CODE_COVERAGE_LCOV_OPTIONS: Extra options to pass to the collecting lcov ++# instance. (Default: $CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) ++# - CODE_COVERAGE_LCOV_RMOPTS_DEFAULT: Extra options to pass to the filtering ++# lcov instance. (Default: empty) ++# - CODE_COVERAGE_LCOV_RMOPTS: Extra options to pass to the filtering lcov ++# instance. (Default: $CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) ++# - CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT: Extra options to pass to the ++# genhtml instance. (Default: based on $CODE_COVERAGE_BRANCH_COVERAGE) ++# - CODE_COVERAGE_GENHTML_OPTIONS: Extra options to pass to the genhtml ++# instance. (Default: $CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) ++# - CODE_COVERAGE_IGNORE_PATTERN: Extra glob pattern of files to ignore ++# ++# The generated report will be titled using the \$(PACKAGE_NAME) and ++# \$(PACKAGE_VERSION). In order to add the current git hash to the title, ++# use the git-version-gen script, available online. ++# Optional variables ++# run only on top dir ++if CODE_COVERAGE_ENABLED ++ ifeq (\$(abs_builddir), \$(abs_top_builddir)) ++CODE_COVERAGE_DIRECTORY ?= \$(top_builddir) ++CODE_COVERAGE_OUTPUT_FILE ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage.info ++CODE_COVERAGE_OUTPUT_DIRECTORY ?= \$(PACKAGE_NAME)-\$(PACKAGE_VERSION)-coverage ++ ++CODE_COVERAGE_BRANCH_COVERAGE ?= ++CODE_COVERAGE_LCOV_SHOPTS_DEFAULT ?= \$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ ++--rc lcov_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) ++CODE_COVERAGE_LCOV_SHOPTS ?= \$(CODE_COVERAGE_LCOV_SHOPTS_DEFAULT) ++CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH ?= --gcov-tool \"\$(GCOV)\" ++CODE_COVERAGE_LCOV_OPTIONS_DEFAULT ?= \$(CODE_COVERAGE_LCOV_OPTIONS_GCOVPATH) ++CODE_COVERAGE_LCOV_OPTIONS ?= \$(CODE_COVERAGE_LCOV_OPTIONS_DEFAULT) ++CODE_COVERAGE_LCOV_RMOPTS_DEFAULT ?= ++CODE_COVERAGE_LCOV_RMOPTS ?= \$(CODE_COVERAGE_LCOV_RMOPTS_DEFAULT) ++CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT ?=\ ++\$(if \$(CODE_COVERAGE_BRANCH_COVERAGE),\ ++--rc genhtml_branch_coverage=\$(CODE_COVERAGE_BRANCH_COVERAGE)) ++CODE_COVERAGE_GENHTML_OPTIONS ?= \$(CODE_COVERAGE_GENHTML_OPTIONS_DEFAULT) ++CODE_COVERAGE_IGNORE_PATTERN ?= ++ ++GITIGNOREFILES = \$(GITIGNOREFILES) \$(CODE_COVERAGE_OUTPUT_FILE) \$(CODE_COVERAGE_OUTPUT_DIRECTORY) ++code_coverage_v_lcov_cap = \$(code_coverage_v_lcov_cap_\$(V)) ++code_coverage_v_lcov_cap_ = \$(code_coverage_v_lcov_cap_\$(AM_DEFAULT_VERBOSITY)) ++code_coverage_v_lcov_cap_0 = @echo \" LCOV --capture\" \$(CODE_COVERAGE_OUTPUT_FILE); ++code_coverage_v_lcov_ign = \$(code_coverage_v_lcov_ign_\$(V)) ++code_coverage_v_lcov_ign_ = \$(code_coverage_v_lcov_ign_\$(AM_DEFAULT_VERBOSITY)) ++code_coverage_v_lcov_ign_0 = @echo \" LCOV --remove /tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN); ++code_coverage_v_genhtml = \$(code_coverage_v_genhtml_\$(V)) ++code_coverage_v_genhtml_ = \$(code_coverage_v_genhtml_\$(AM_DEFAULT_VERBOSITY)) ++code_coverage_v_genhtml_0 = @echo \" GEN \" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\"; ++code_coverage_quiet = \$(code_coverage_quiet_\$(V)) ++code_coverage_quiet_ = \$(code_coverage_quiet_\$(AM_DEFAULT_VERBOSITY)) ++code_coverage_quiet_0 = --quiet ++ ++# sanitizes the test-name: replaces with underscores: dashes and dots ++code_coverage_sanitize = \$(subst -,_,\$(subst .,_,\$(1))) ++ ++# Use recursive makes in order to ignore errors during check ++check-code-coverage: ++ -\$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) -k check ++ \$(AM_V_at)\$(MAKE) \$(AM_MAKEFLAGS) code-coverage-capture ++ ++# Capture code coverage data ++code-coverage-capture: code-coverage-capture-hook ++ \$(code_coverage_v_lcov_cap)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --capture --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" --test-name \"\$(call code_coverage_sanitize,\$(PACKAGE_NAME)-\$(PACKAGE_VERSION))\" --no-checksum --compat-libtool \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_OPTIONS) ++ \$(code_coverage_v_lcov_ign)\$(LCOV) \$(code_coverage_quiet) \$(addprefix --directory ,\$(CODE_COVERAGE_DIRECTORY)) --remove \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"/tmp/*\" \$(CODE_COVERAGE_IGNORE_PATTERN) --output-file \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_LCOV_SHOPTS) \$(CODE_COVERAGE_LCOV_RMOPTS) ++ -@rm -f \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" ++ \$(code_coverage_v_genhtml)LANG=C \$(GENHTML) \$(code_coverage_quiet) \$(addprefix --prefix ,\$(CODE_COVERAGE_DIRECTORY)) --output-directory \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" --title \"\$(PACKAGE_NAME)-\$(PACKAGE_VERSION) Code Coverage\" --legend --show-details \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \$(CODE_COVERAGE_GENHTML_OPTIONS) ++ @echo \"file://\$(abs_builddir)/\$(CODE_COVERAGE_OUTPUT_DIRECTORY)/index.html\" ++ ++code-coverage-clean: ++ -\$(LCOV) --directory \$(top_builddir) -z ++ -rm -rf \"\$(CODE_COVERAGE_OUTPUT_FILE)\" \"\$(CODE_COVERAGE_OUTPUT_FILE).tmp\" \"\$(CODE_COVERAGE_OUTPUT_DIRECTORY)\" ++ -find . \\( -name \"*.gcda\" -o -name \"*.gcno\" -o -name \"*.gcov\" \\) -delete ++ ++code-coverage-dist-clean: ++ ++A][M_DISTCHECK_CONFIGURE_FLAGS = \$(A][M_DISTCHECK_CONFIGURE_FLAGS) --disable-code-coverage ++ else # ifneq (\$(abs_builddir), \$(abs_top_builddir)) ++check-code-coverage: ++ ++code-coverage-capture: code-coverage-capture-hook ++ ++code-coverage-clean: ++ ++code-coverage-dist-clean: ++ endif # ifeq (\$(abs_builddir), \$(abs_top_builddir)) ++else #! CODE_COVERAGE_ENABLED ++# Use recursive makes in order to ignore errors during check ++check-code-coverage: ++ @echo \"Need to reconfigure with --enable-code-coverage\" ++# Capture code coverage data ++code-coverage-capture: code-coverage-capture-hook ++ @echo \"Need to reconfigure with --enable-code-coverage\" ++ ++code-coverage-clean: ++ ++code-coverage-dist-clean: ++ ++endif #CODE_COVERAGE_ENABLED ++# Hook rule executed before code-coverage-capture, overridable by the user ++code-coverage-capture-hook: ++ ++.PHONY: check-code-coverage code-coverage-capture code-coverage-dist-clean code-coverage-clean code-coverage-capture-hook ++]) ++]) ++ ++AC_DEFUN([_AX_CODE_COVERAGE_ENABLED],[ ++ AX_CHECK_GNU_MAKE([],[AC_MSG_ERROR([not using GNU make that is needed for coverage])]) ++ AC_REQUIRE([AX_ADD_AM_MACRO_STATIC]) ++ # check for gcov ++ AC_CHECK_TOOL([GCOV], ++ [$_AX_CODE_COVERAGE_GCOV_PROG_WITH], ++ [:]) ++ AS_IF([test "X$GCOV" = "X:"], ++ [AC_MSG_ERROR([gcov is needed to do coverage])]) ++ AC_SUBST([GCOV]) ++ ++ dnl Check if gcc is being used ++ AS_IF([ test "$GCC" = "no" ], [ ++ AC_MSG_ERROR([not compiling with gcc, which is required for gcov code coverage]) ++ ]) ++ ++ AC_CHECK_PROG([LCOV], [lcov], [lcov]) ++ AC_CHECK_PROG([GENHTML], [genhtml], [genhtml]) ++ ++ AS_IF([ test x"$LCOV" = x ], [ ++ AC_MSG_ERROR([To enable code coverage reporting you must have lcov installed]) ++ ]) ++ ++ AS_IF([ test x"$GENHTML" = x ], [ ++ AC_MSG_ERROR([Could not find genhtml from the lcov package]) ++ ]) ++ ++ dnl Build the code coverage flags ++ dnl Define CODE_COVERAGE_LDFLAGS for backwards compatibility ++ CODE_COVERAGE_CPPFLAGS="-DNDEBUG" ++ CODE_COVERAGE_CFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" ++ CODE_COVERAGE_CXXFLAGS="-O0 -g -fprofile-arcs -ftest-coverage" ++ CODE_COVERAGE_LIBS="-lgcov" ++ ++ AC_SUBST([CODE_COVERAGE_CPPFLAGS]) ++ AC_SUBST([CODE_COVERAGE_CFLAGS]) ++ AC_SUBST([CODE_COVERAGE_CXXFLAGS]) ++ AC_SUBST([CODE_COVERAGE_LIBS]) ++]) ++ ++AC_DEFUN([AX_CODE_COVERAGE],[ ++ dnl Check for --enable-code-coverage ++ ++ # allow to override gcov location ++ AC_ARG_WITH([gcov], ++ [AS_HELP_STRING([--with-gcov[=GCOV]], [use given GCOV for coverage (GCOV=gcov).])], ++ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=$with_gcov], ++ [_AX_CODE_COVERAGE_GCOV_PROG_WITH=gcov]) ++ ++ AC_MSG_CHECKING([whether to build with code coverage support]) ++ AC_ARG_ENABLE([code-coverage], ++ AS_HELP_STRING([--enable-code-coverage], ++ [Whether to enable code coverage support]),, ++ enable_code_coverage=no) ++ ++ AM_CONDITIONAL([CODE_COVERAGE_ENABLED], [test "x$enable_code_coverage" = xyes]) ++ AC_SUBST([CODE_COVERAGE_ENABLED], [$enable_code_coverage]) ++ AC_MSG_RESULT($enable_code_coverage) ++ ++ AS_IF([ test "x$enable_code_coverage" = xyes ], [ ++ _AX_CODE_COVERAGE_ENABLED ++ ]) ++ ++ _AX_CODE_COVERAGE_RULES ++]) +diff --git a/m4/ax_file_escapes.m4 b/m4/ax_file_escapes.m4 +new file mode 100644 +index 000000000..a86fdc326 +--- /dev/null ++++ b/m4/ax_file_escapes.m4 +@@ -0,0 +1,30 @@ ++# =========================================================================== ++# https://www.gnu.org/software/autoconf-archive/ax_file_escapes.html ++# =========================================================================== ++# ++# SYNOPSIS ++# ++# AX_FILE_ESCAPES ++# ++# DESCRIPTION ++# ++# Writes the specified data to the specified file. ++# ++# LICENSE ++# ++# Copyright (c) 2008 Tom Howard ++# ++# Copying and distribution of this file, with or without modification, are ++# permitted in any medium without royalty provided the copyright notice ++# and this notice are preserved. This file is offered as-is, without any ++# warranty. ++ ++#serial 8 ++ ++AC_DEFUN([AX_FILE_ESCAPES],[ ++AX_DOLLAR="\$" ++AX_SRB="\\135" ++AX_SLB="\\133" ++AX_BS="\\\\" ++AX_DQ="\"" ++]) +diff --git a/test/Makefile.am b/test/Makefile.am +index 6a6e1a306..746ed314e 100644 +--- a/test/Makefile.am ++++ b/test/Makefile.am +@@ -39,9 +39,9 @@ libdbus_testutils_la_SOURCES += \ + endif + + libdbus_testutils_la_LIBADD = \ ++ $(CODE_COVERAGE_LIBS) \ + $(top_builddir)/dbus/libdbus-1.la \ + $(top_builddir)/dbus/libdbus-internal.la \ +- $(CODE_COVERAGE_LDFLAGS) \ + $(NULL) + + TEST_EXTENSIONS = .sh +@@ -672,4 +672,4 @@ $(installable_test_meta_with_config): %_with_config.test: %$(EXEEXT) Makefile + ) > $@.tmp && mv $@.tmp $@ + + # Add rules for code-coverage testing, as defined by AX_CODE_COVERAGE +-@CODE_COVERAGE_RULES@ ++include $(top_srcdir)/aminclude_static.am +-- +GitLab + diff --git a/dbus.spec b/dbus.spec index ac9746c..6091a3f 100644 --- a/dbus.spec +++ b/dbus.spec @@ -51,6 +51,9 @@ Patch5: dbus-1.20.8-CVE-2022-42011.patch Patch6: dbus-1.20.8-CVE-2022-42012.patch # https://bugzilla.redhat.com/show_bug.cgi?id=2213400 Patch7: dbus-1.12.8-fix-CVE-2023-34969.patch +# Added by Anolis OS +Patch1000: 0002-Forbid-AX_-prefixed-patterns-more-selectively.patch +Patch1001: 0003-Adapt-to-API-change-in-AX_CODE_COVERAGE-version-28.patch BuildRequires: autoconf-archive BuildRequires: libtool @@ -448,6 +451,7 @@ popd %changelog * Fri Dec 15 2023 Zhao Hang - 1.12.8-26.0.1 - Add doc sub package, requires and provides +- Fix build failure(Chang Gao) * Mon Jun 19 2023 David King - 1.12.8-26 - Fix CVE-2023-34969 (#2213400) -- Gitee From 0923f44b9d204b7ecda53ca030ec061c72801e7a Mon Sep 17 00:00:00 2001 From: Bo Liu Date: Thu, 10 Aug 2023 18:53:26 +0800 Subject: [PATCH 4/4] Fix CVE-2023-34969 Signed-off-by: Bo Liu --- dbus.spec | 1 + 1 file changed, 1 insertion(+) diff --git a/dbus.spec b/dbus.spec index 6091a3f..70f122f 100644 --- a/dbus.spec +++ b/dbus.spec @@ -452,6 +452,7 @@ popd * Fri Dec 15 2023 Zhao Hang - 1.12.8-26.0.1 - Add doc sub package, requires and provides - Fix build failure(Chang Gao) +- Fix CVE-2023-34969 (Bo Liu) * Mon Jun 19 2023 David King - 1.12.8-26 - Fix CVE-2023-34969 (#2213400) -- Gitee