[neon/kde/kcron/Neon/stable] debian/patches: Revert "patch for CVE-2022-24986"
Jonathan Esk-Riddell
null at kde.org
Wed Feb 16 11:02:22 GMT 2022
Git commit 8c40a5e22a8ab4ae389fb42808bbf11b050c7189 by Jonathan Esk-Riddell.
Committed on 16/02/2022 at 11:02.
Pushed by jriddell into branch 'Neon/stable'.
Revert "patch for CVE-2022-24986"
This reverts commit 134977f1e922301b8eedf5249b937277c3ea2e7b.
D +0 -1 debian/patches/series
D +0 -290 debian/patches/temporary-file-fix.diff
https://invent.kde.org/neon/kde/kcron/commit/8c40a5e22a8ab4ae389fb42808bbf11b050c7189
diff --git a/debian/patches/series b/debian/patches/series
deleted file mode 100644
index 70db829..0000000
--- a/debian/patches/series
+++ /dev/null
@@ -1 +0,0 @@
-temporary-file-fix.diff
diff --git a/debian/patches/temporary-file-fix.diff b/debian/patches/temporary-file-fix.diff
deleted file mode 100644
index 88df130..0000000
--- a/debian/patches/temporary-file-fix.diff
+++ /dev/null
@@ -1,290 +0,0 @@
-diff --git a/src/crontablib/ctSystemCron.cpp b/src/crontablib/ctSystemCron.cpp
-index 4b17042..e7fc535 100644
---- a/src/crontablib/ctSystemCron.cpp
-+++ b/src/crontablib/ctSystemCron.cpp
-@@ -11,7 +11,7 @@
- #include <KLocalizedString>
- #include <KShell>
-
--#include <QTemporaryFile>
-+#include <QFileInfo>
-
- #include "cthost.h"
- #include "cttask.h"
-@@ -28,20 +28,6 @@ CTSystemCron::CTSystemCron(const QString &crontabBinary)
-
- d->crontabBinary = crontabBinary;
-
-- QTemporaryFile tmp;
-- tmp.open();
-- d->tmpFileName = tmp.fileName();
--
-- CommandLine readCommandLine;
--
-- readCommandLine.commandLine = QStringLiteral("cat");
-- readCommandLine.parameters << QStringLiteral("/etc/crontab");
-- readCommandLine.standardOutputFile = d->tmpFileName;
--
-- d->writeCommandLine.commandLine = QStringLiteral("cat");
-- d->writeCommandLine.parameters << d->tmpFileName;
-- d->writeCommandLine.standardOutputFile = QStringLiteral("/etc/crontab");
--
- d->userLogin = i18n("root");
- d->userRealName = d->userLogin;
-
-@@ -50,8 +36,9 @@ CTSystemCron::CTSystemCron(const QString &crontabBinary)
-
- // Don't set error if it can't be read, it means the user
- // doesn't have a crontab.
-- if (readCommandLine.execute().exitCode == 0) {
-- this->parseFile(d->tmpFileName);
-+ const QString crontabFile = QStringLiteral("/etc/crontab");
-+ if (QFileInfo::exists(crontabFile)) {
-+ parseFile(crontabFile);
- }
-
- d->initialTaskCount = d->task.size();
-diff --git a/src/crontablib/ctcron.cpp b/src/crontablib/ctcron.cpp
-index 9d4ef26..b6bd90b 100644
---- a/src/crontablib/ctcron.cpp
-+++ b/src/crontablib/ctcron.cpp
-@@ -35,10 +35,6 @@ CommandLineStatus CommandLine::execute()
- {
- QProcess process;
-
-- if (!standardOutputFile.isEmpty()) {
-- process.setStandardOutputFile(standardOutputFile);
-- }
--
- int exitCode;
- process.start(commandLine, parameters);
- if (!process.waitForStarted()) {
-@@ -51,9 +47,6 @@ CommandLineStatus CommandLine::execute()
- CommandLineStatus commandLineStatus;
-
- commandLineStatus.commandLine = commandLine + QLatin1String(" ") + parameters.join(QLatin1String(" "));
-- if (!standardOutputFile.isEmpty()) {
-- commandLineStatus.commandLine += QLatin1String(" > ") + standardOutputFile;
-- }
-
- commandLineStatus.standardOutput = QLatin1String(process.readAllStandardOutput());
- commandLineStatus.standardError = QLatin1String(process.readAllStandardError());
-@@ -73,27 +66,15 @@ CTCron::CTCron(const QString &crontabBinary, const struct passwd *userInfos, boo
-
- d->crontabBinary = crontabBinary;
-
-- QTemporaryFile tmp;
-- tmp.open();
-- d->tmpFileName = tmp.fileName();
--
- CommandLine readCommandLine;
-
- // regular user, so provide user's own crontab
- if (currentUserCron) {
- readCommandLine.commandLine = d->crontabBinary;
- readCommandLine.parameters << QStringLiteral("-l");
-- readCommandLine.standardOutputFile = d->tmpFileName;
--
-- d->writeCommandLine.commandLine = d->crontabBinary;
-- d->writeCommandLine.parameters << d->tmpFileName;
- } else {
- readCommandLine.commandLine = d->crontabBinary;
- readCommandLine.parameters << QStringLiteral("-u") << QLatin1String(userInfos->pw_name) << QStringLiteral("-l");
-- readCommandLine.standardOutputFile = d->tmpFileName;
--
-- d->writeCommandLine.commandLine = d->crontabBinary;
-- d->writeCommandLine.parameters << QStringLiteral("-u") << QLatin1String(userInfos->pw_name) << d->tmpFileName;
- }
-
- d->initialTaskCount = 0;
-@@ -108,7 +89,8 @@ CTCron::CTCron(const QString &crontabBinary, const struct passwd *userInfos, boo
- // Don't set error if it can't be read, it means the user doesn't have a crontab.
- CommandLineStatus commandLineStatus = readCommandLine.execute();
- if (commandLineStatus.exitCode == 0) {
-- this->parseFile(d->tmpFileName);
-+ QTextStream stream(&commandLineStatus.standardOutput);
-+ parseTextStream(&stream);
- } else {
- qCDebug(KCM_CRON_LOG) << "Error when executing command" << commandLineStatus.commandLine;
- qCDebug(KCM_CRON_LOG) << "Standard output :" << commandLineStatus.standardOutput;
-@@ -171,12 +153,17 @@ void CTCron::parseFile(const QString &fileName)
- return;
- }
-
-+ QTextStream in(&file);
-+ parseTextStream(&in);
-+}
-+
-+void CTCron::parseTextStream(QTextStream *stream)
-+{
- QString comment;
- bool leadingComment = true;
-
-- QTextStream in(&file);
-- while (!in.atEnd()) {
-- QString line = in.readLine();
-+ while (!stream->atEnd()) {
-+ QString line = stream->readLine();
-
- // search for comments "#" but not disabled tasks "#\"
- if (line.indexOf(QLatin1String("#")) == 0 && line.indexOf(QLatin1String("\\")) != 1) {
-@@ -257,24 +244,6 @@ CTCron::~CTCron()
- delete d;
- }
-
--bool CTCron::saveToFile(const QString &fileName)
--{
-- QFile file(fileName);
-- if (!file.open(QIODevice::WriteOnly | QIODevice::Text)) {
-- return false;
-- }
--
-- // qCDebug(KCM_CRON_LOG) << exportCron();
--
-- QTextStream out(&file);
-- out << exportCron();
--
-- out.flush();
-- file.close();
--
-- return true;
--}
--
- CTSaveStatus CTCron::prepareSaveStatusError(const CommandLineStatus &commandLineStatus)
- {
- QString standardOutput;
-@@ -307,24 +276,29 @@ CTSaveStatus CTCron::prepareSaveStatusError(const CommandLineStatus &commandLine
- CTSaveStatus CTCron::save()
- {
- // write to temp file
-- bool saveStatus = saveToFile(d->tmpFileName);
-- if (!saveStatus) {
-- return CTSaveStatus(i18n("Unable to open crontab file for writing"), i18n("The file %1 could not be opened.", d->tmpFileName));
-+ QTemporaryFile tmp;
-+ if (!tmp.open()) {
-+ return CTSaveStatus(i18n("Unable to open crontab file for writing"), i18n("The file %1 could not be opened.", tmp.fileName()));
-+ }
-+
-+ {
-+ QTextStream out(&tmp);
-+ out << exportCron();
-+ out.flush();
- }
-+ tmp.close();
-
- // For root permissions.
- if (d->systemCron) {
- qCDebug(KCM_CRON_LOG) << "Attempting to save system cron";
- QVariantMap args;
-- args.insert(QStringLiteral("source"), d->tmpFileName);
-- args.insert(QStringLiteral("target"), d->writeCommandLine.standardOutputFile);
-+ args.insert(QStringLiteral("source"), tmp.fileName());
- KAuth::Action saveAction(QStringLiteral("local.kcron.crontab.save"));
- saveAction.setHelperId(QStringLiteral("local.kcron.crontab"));
- saveAction.setArguments(args);
- KAuth::ExecuteJob *job = saveAction.execute();
- if (!job->exec())
- qCDebug(KCM_CRON_LOG) << "KAuth returned an error: " << job->error() << job->errorText();
-- QFile::remove(d->tmpFileName);
- if (job->error() > 0) {
- return CTSaveStatus(i18n("KAuth::ExecuteJob Error"), job->errorText());
- }
-@@ -333,8 +307,15 @@ CTSaveStatus CTCron::save()
- else {
- qCDebug(KCM_CRON_LOG) << "Attempting to save user cron";
- // Save without root permissions.
-- const CommandLineStatus commandLineStatus = d->writeCommandLine.execute();
-- QFile::remove(d->tmpFileName);
-+ CommandLine writeCommandLine;
-+ writeCommandLine.commandLine = d->crontabBinary;
-+ if (d->currentUserCron) {
-+ writeCommandLine.parameters << tmp.fileName();
-+ } else {
-+ writeCommandLine.parameters << QStringLiteral("-u") << d->userLogin << tmp.fileName();
-+ }
-+
-+ const CommandLineStatus commandLineStatus = writeCommandLine.execute();
- if (commandLineStatus.exitCode != 0) {
- return prepareSaveStatusError(commandLineStatus);
- }
-diff --git a/src/crontablib/ctcron.h b/src/crontablib/ctcron.h
-index b8d4ac0..f02b136 100644
---- a/src/crontablib/ctcron.h
-+++ b/src/crontablib/ctcron.h
-@@ -16,6 +16,9 @@ class CTTask;
- class CTVariable;
- class CTInitializationError;
-
-+class QFile;
-+class QTextStream;
-+
- struct passwd;
-
- #include "ctSaveStatus.h"
-@@ -38,8 +41,6 @@ public:
-
- QStringList parameters;
-
-- QString standardOutputFile;
--
- CommandLineStatus execute();
- };
-
-@@ -86,10 +87,6 @@ public:
- int initialTaskCount;
- int initialVariableCount;
-
-- CommandLine writeCommandLine;
--
-- QString tmpFileName;
--
- /**
- * Contains path to the crontab binary file.
- */
-@@ -201,8 +198,7 @@ protected:
- * Parses crontab file format.
- */
- void parseFile(const QString &fileName);
--
-- bool saveToFile(const QString &fileName);
-+ void parseTextStream(QTextStream *stream);
-
- CTSaveStatus prepareSaveStatusError(const CommandLineStatus &commandLineStatus);
- // d probably stands for data.
-diff --git a/src/helper/kcronhelper.cpp b/src/helper/kcronhelper.cpp
-index c5d3df2..96fe8a0 100644
---- a/src/helper/kcronhelper.cpp
-+++ b/src/helper/kcronhelper.cpp
-@@ -32,12 +32,27 @@ ActionReply KcronHelper::save(const QVariantMap &args)
- {
- qCDebug(KCM_CRON_HELPER_LOG) << "running actions";
- const QString source = args[QLatin1String("source")].toString();
-- const QString destination = args[QLatin1String("target")].toString();
-- if (!QFile::remove(destination)) {
-- qCWarning(KCM_CRON_HELPER_LOG) << "can't remove file, it doesn't exist";
-+ const QString destination = QStringLiteral("/etc/crontab");
-+ {
-+ QFile destinationFile(destination);
-+ if (destinationFile.exists() && !destinationFile.remove()) {
-+ ActionReply reply = ActionReply::HelperErrorReply();
-+ qCWarning(KCM_CRON_HELPER_LOG) << "can't remove file" << destinationFile.errorString();
-+ reply.setErrorDescription(destinationFile.errorString());
-+ return reply;
-+ }
- }
-- if (!QFile::copy(source, destination)) {
-- qCWarning(KCM_CRON_HELPER_LOG) << "can't write into the system file, something went wrong";
-+ {
-+ QFile sourceFile(source);
-+ if (!sourceFile.setPermissions(QFileDevice::ReadOwner | QFileDevice::WriteOwner | QFileDevice::ReadGroup | QFileDevice::ReadOther)) {
-+ qCWarning(KCM_CRON_HELPER_LOG) << "can't change permissions to 644";
-+ }
-+ if (!sourceFile.copy(destination)) {
-+ qCWarning(KCM_CRON_HELPER_LOG) << "can't write into the system file" << sourceFile.errorString();
-+ ActionReply reply = ActionReply::HelperErrorReply();
-+ reply.setErrorDescription(sourceFile.errorString());
-+ return reply;
-+ }
- }
- return ActionReply::SuccessReply();
- }
More information about the Neon-commits
mailing list