diff --git a/SOURCES/0001-Use-g_list_free_full-where-easily-possible.patch b/SOURCES/0001-Use-g_list_free_full-where-easily-possible.patch new file mode 100644 index 0000000..9ae5a7a --- /dev/null +++ b/SOURCES/0001-Use-g_list_free_full-where-easily-possible.patch @@ -0,0 +1,258 @@ +From f4bae6ba2f20caa6e3bf6fa7a7ea52eaf2180beb Mon Sep 17 00:00:00 2001 +From: Pino Toscano +Date: Thu, 20 Dec 2018 10:56:25 +0100 +Subject: [PATCH] Use g_list_free_full where easily possible +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Use g_list_free_full instead of g_list_foreach + g_list_free, so the +lists are cleared with a single call. + +test-isodetect gets a void* wrapper, so there is no need to add casts +everywhere. + +Reviewed-by: Fabiano Fidêncio +(cherry picked from commit 4fe69c9fe31befe3caa55bbaac0bcfa5e605f028) +--- + osinfo/osinfo_deployment.c | 8 +------- + osinfo/osinfo_entity.c | 7 +------ + osinfo/osinfo_filter.c | 9 +-------- + osinfo/osinfo_loader.c | 3 +-- + osinfo/osinfo_os.c | 8 +------- + osinfo/osinfo_platform.c | 8 +------- + osinfo/osinfo_product.c | 5 ++--- + osinfo/osinfo_productfilter.c | 9 +-------- + tests/test-isodetect.c | 17 +++++++++++------ + 9 files changed, 20 insertions(+), 54 deletions(-) + +diff --git a/osinfo/osinfo_deployment.c b/osinfo/osinfo_deployment.c +index 7191ac3..a79b32f 100644 +--- a/osinfo/osinfo_deployment.c ++++ b/osinfo/osinfo_deployment.c +@@ -114,18 +114,12 @@ osinfo_deployment_get_property(GObject *object, + + + +-static void osinfo_device_link_free(gpointer data, gpointer opaque G_GNUC_UNUSED) +-{ +- g_object_unref(OSINFO_DEVICELINK(data)); +-} +- + static void + osinfo_deployment_finalize(GObject *object) + { + OsinfoDeployment *deployment = OSINFO_DEPLOYMENT(object); + +- g_list_foreach(deployment->priv->deviceLinks, osinfo_device_link_free, NULL); +- g_list_free(deployment->priv->deviceLinks); ++ g_list_free_full(deployment->priv->deviceLinks, g_object_unref); + + g_object_unref(deployment->priv->os); + g_object_unref(deployment->priv->platform); +diff --git a/osinfo/osinfo_entity.c b/osinfo/osinfo_entity.c +index 20b9115..a776baa 100644 +--- a/osinfo/osinfo_entity.c ++++ b/osinfo/osinfo_entity.c +@@ -146,15 +146,10 @@ osinfo_entity_class_init(OsinfoEntityClass *klass) + g_type_class_add_private(klass, sizeof(OsinfoEntityPrivate)); + } + +-static void osinfo_entity_param_value_free(gpointer value, gpointer opaque G_GNUC_UNUSED) +-{ +- g_free(value); +-} + + static void osinfo_entity_param_values_free(gpointer values) + { +- g_list_foreach(values, osinfo_entity_param_value_free, NULL); +- g_list_free(values); ++ g_list_free_full(values, g_free); + } + + +diff --git a/osinfo/osinfo_filter.c b/osinfo/osinfo_filter.c +index 7f06d43..1c38735 100644 +--- a/osinfo/osinfo_filter.c ++++ b/osinfo/osinfo_filter.c +@@ -88,17 +88,10 @@ OsinfoFilter *osinfo_filter_new(void) + } + + +-static void +-osinfo_filter_prop_constraint_free(gpointer value, gpointer opaque G_GNUC_UNUSED) +-{ +- g_free(value); +-} +- + static void + osinfo_filter_prop_constraints_free(gpointer props) + { +- g_list_foreach(props, osinfo_filter_prop_constraint_free, NULL); +- g_list_free(props); ++ g_list_free_full(props, g_free); + } + + +diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c +index dca23f1..d580b66 100644 +--- a/osinfo/osinfo_loader.c ++++ b/osinfo/osinfo_loader.c +@@ -1898,8 +1898,7 @@ static void osinfo_loader_entity_files_free(OsinfoLoaderEntityFiles *files) + { + if (!files) + return; +- g_list_foreach(files->extensions, (GFunc)g_object_unref, NULL); +- g_list_free(files->extensions); ++ g_list_free_full(files->extensions, g_object_unref); + if (files->master) + g_object_unref(files->master); + g_free(files); +diff --git a/osinfo/osinfo_os.c b/osinfo/osinfo_os.c +index 4f74331..b77c687 100644 +--- a/osinfo/osinfo_os.c ++++ b/osinfo/osinfo_os.c +@@ -75,11 +75,6 @@ enum { + + static void osinfo_os_finalize(GObject *object); + +-static void osinfo_device_link_free(gpointer data, gpointer opaque G_GNUC_UNUSED) +-{ +- g_object_unref(OSINFO_DEVICELINK(data)); +-} +- + static void + osinfo_os_get_property(GObject *object, + guint property_id, +@@ -112,8 +107,7 @@ osinfo_os_finalize(GObject *object) + { + OsinfoOs *os = OSINFO_OS(object); + +- g_list_foreach(os->priv->deviceLinks, osinfo_device_link_free, NULL); +- g_list_free(os->priv->deviceLinks); ++ g_list_free_full(os->priv->deviceLinks, g_object_unref); + g_object_unref(os->priv->medias); + g_object_unref(os->priv->trees); + g_object_unref(os->priv->variants); +diff --git a/osinfo/osinfo_platform.c b/osinfo/osinfo_platform.c +index b17eef6..c949a83 100644 +--- a/osinfo/osinfo_platform.c ++++ b/osinfo/osinfo_platform.c +@@ -52,18 +52,12 @@ struct _OsinfoPlatformDeviceLink { + gchar *driver; + }; + +-static void osinfo_device_link_free(gpointer data, gpointer opaque G_GNUC_UNUSED) +-{ +- g_object_unref(OSINFO_DEVICELINK(data)); +-} +- + static void + osinfo_platform_finalize(GObject *object) + { + OsinfoPlatform *platform = OSINFO_PLATFORM(object); + +- g_list_foreach(platform->priv->deviceLinks, osinfo_device_link_free, NULL); +- g_list_free(platform->priv->deviceLinks); ++ g_list_free_full(platform->priv->deviceLinks, g_object_unref); + + /* Chain up to the parent class */ + G_OBJECT_CLASS(osinfo_platform_parent_class)->finalize(object); +diff --git a/osinfo/osinfo_product.c b/osinfo/osinfo_product.c +index 1bd7017..27cb89c 100644 +--- a/osinfo/osinfo_product.c ++++ b/osinfo/osinfo_product.c +@@ -82,7 +82,7 @@ enum { + PROP_LOGO, + }; + +-static void osinfo_product_link_free(gpointer data, gpointer opaque G_GNUC_UNUSED) ++static void osinfo_product_link_free(gpointer data) + { + struct _OsinfoProductProductLink *prodlink = data; + g_object_unref(prodlink->otherProduct); +@@ -95,8 +95,7 @@ osinfo_product_finalize(GObject *object) + { + OsinfoProduct *product = OSINFO_PRODUCT(object); + +- g_list_foreach(product->priv->productLinks, osinfo_product_link_free, NULL); +- g_list_free(product->priv->productLinks); ++ g_list_free_full(product->priv->productLinks, osinfo_product_link_free); + + /* Chain up to the parent class */ + G_OBJECT_CLASS(osinfo_product_parent_class)->finalize(object); +diff --git a/osinfo/osinfo_productfilter.c b/osinfo/osinfo_productfilter.c +index 16976c2..addd3dc 100644 +--- a/osinfo/osinfo_productfilter.c ++++ b/osinfo/osinfo_productfilter.c +@@ -97,17 +97,10 @@ OsinfoProductFilter *osinfo_productfilter_new(void) + } + + +-static void +-osinfo_productfilter_product_constraint_free(gpointer value, gpointer opaque G_GNUC_UNUSED) +-{ +- g_object_unref(value); +-} +- + static void + osinfo_productfilter_product_constraints_free(gpointer relshps) + { +- g_list_foreach(relshps, osinfo_productfilter_product_constraint_free, NULL); +- g_list_free(relshps); ++ g_list_free_full(relshps, g_object_unref); + } + + static void +diff --git a/tests/test-isodetect.c b/tests/test-isodetect.c +index 7214531..b5591bc 100644 +--- a/tests/test-isodetect.c ++++ b/tests/test-isodetect.c +@@ -46,6 +46,14 @@ static void free_iso(struct ISOInfo *info) + g_free(info); + } + ++/* void* wrapper for free_iso, so it can be used where a void* parameter ++ * is required (e.g. g_list_free_full), with no need for casts. ++ */ ++static void free_iso_void(void *info) ++{ ++ free_iso((struct ISOInfo *)info); ++} ++ + static gboolean load_langs(GFile *file, struct ISOInfo *info, GError **error) + { + char *path; +@@ -242,8 +250,7 @@ static GList *load_distro(GFile *dir, const gchar *shortid, GError **error) { + return ret; + + error: +- g_list_foreach(ret, (GFunc)free_iso, NULL); +- g_list_free(ret); ++ g_list_free_full(ret, free_iso_void); + ret = NULL; + goto cleanup; + } +@@ -288,8 +295,7 @@ static GList *load_distros(GFile *dir, GError **error) + return ret; + + error: +- g_list_foreach(ret, (GFunc)free_iso, NULL); +- g_list_free(ret); ++ g_list_free_full(ret, free_iso_void); + ret = NULL; + goto cleanup; + } +@@ -370,8 +376,7 @@ static void test_one(const gchar *vendor) + tmp = tmp->next; + } + +- g_list_foreach(isos, (GFunc)free_iso, NULL); +- g_list_free(isos); ++ g_list_free_full(isos, free_iso_void); + + g_object_unref(loader); + } +-- +2.21.0 + diff --git a/SOURCES/0002-loader-Replace-strcmp-with-g_str_equal.patch b/SOURCES/0002-loader-Replace-strcmp-with-g_str_equal.patch new file mode 100644 index 0000000..9c0229d --- /dev/null +++ b/SOURCES/0002-loader-Replace-strcmp-with-g_str_equal.patch @@ -0,0 +1,134 @@ +From f0f5147e25e188f6b6cbd734a20cc573e863e82b Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 4 Sep 2018 21:31:35 +0200 +Subject: [PATCH] loader: Replace strcmp() with g_str_equal() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +https://bugzilla.redhat.com/show_bug.cgi?id=1335291 + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Daniel P. Berrangé +(cherry picked from commit fc431d26ca4d61213e72fa373354828909550033) +--- + osinfo/osinfo_loader.c | 68 +++++++++++++++++++++--------------------- + 1 file changed, 34 insertions(+), 34 deletions(-) + +diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c +index d580b66..898dee9 100644 +--- a/osinfo/osinfo_loader.c ++++ b/osinfo/osinfo_loader.c +@@ -1115,22 +1115,22 @@ static OsinfoMedia *osinfo_loader_media(OsinfoLoader *loader, + for (i = 0; i < nnodes; i++) { + if (!nodes[i]->children || + nodes[i]->children->type != XML_TEXT_NODE || +- (strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_VOLUME_ID) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_SYSTEM_ID) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_PUBLISHER_ID) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_APPLICATION_ID) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_LANG) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_VOLUME_SIZE) != 0)) ++ (!g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_VOLUME_ID) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_SYSTEM_ID) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_PUBLISHER_ID) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_APPLICATION_ID) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_LANG) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_VOLUME_SIZE))) + continue; + +- if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_MEDIA_PROP_LANG) == 0) { ++ if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_MEDIA_PROP_LANG)) { + gchar *regex = (gchar *)xmlGetProp(nodes[i], BAD_CAST "regex"); + if (g_strcmp0(regex, "true") == 0) { + gchar *datamap; +@@ -1195,23 +1195,23 @@ static OsinfoTree *osinfo_loader_tree(OsinfoLoader *loader, + nodes[i]->children->type != XML_TEXT_NODE) + continue; + +- if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_FAMILY + sizeof("treeinfo-")) == 0) ++ if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_TREE_PROP_TREEINFO_FAMILY + sizeof("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_FAMILY, + (const gchar *)nodes[i]->children->content); +- else if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_VARIANT + sizeof("treeinfo-")) == 0) ++ else if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_TREE_PROP_TREEINFO_VARIANT + sizeof("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_VARIANT, + (const gchar *)nodes[i]->children->content); +- else if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_VERSION + sizeof("treeinfo-")) == 0) ++ else if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_TREE_PROP_TREEINFO_VERSION + sizeof("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_VERSION, + (const gchar *)nodes[i]->children->content); +- else if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_ARCH + sizeof("treeinfo-")) == 0) ++ else if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_TREE_PROP_TREEINFO_ARCH + sizeof("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_ARCH, + (const gchar *)nodes[i]->children->content); +@@ -1264,14 +1264,14 @@ static OsinfoResources *osinfo_loader_resources(OsinfoLoader *loader, + for (i = 0; i < nnodes; i++) { + if (!nodes[i]->children || + nodes[i]->children->type != XML_TEXT_NODE || +- (strcmp((const gchar *)nodes[i]->name, +- OSINFO_RESOURCES_PROP_CPU) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_RESOURCES_PROP_N_CPUS) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_RESOURCES_PROP_RAM) != 0 && +- strcmp((const gchar *)nodes[i]->name, +- OSINFO_RESOURCES_PROP_STORAGE) != 0)) ++ (!g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_RESOURCES_PROP_CPU) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_RESOURCES_PROP_N_CPUS) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_RESOURCES_PROP_RAM) && ++ !g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_RESOURCES_PROP_STORAGE))) + continue; + + osinfo_entity_set_param(OSINFO_ENTITY(resources), +@@ -1367,13 +1367,13 @@ static OsinfoDeviceDriver *osinfo_loader_driver(OsinfoLoader *loader, + for (i = 0; i < nnodes; i++) { + if (nodes[i]->children && + nodes[i]->children->type == XML_TEXT_NODE && +- (strcmp((const gchar *)nodes[i]->name, +- OSINFO_DEVICE_DRIVER_PROP_FILE) == 0)) { ++ (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_DEVICE_DRIVER_PROP_FILE))) { + osinfo_entity_add_param(OSINFO_ENTITY(driver), + (const gchar *)nodes[i]->name, + (const gchar *)nodes[i]->children->content); +- } else if (strcmp((const gchar *)nodes[i]->name, +- OSINFO_DEVICE_DRIVER_PROP_DEVICE) == 0) { ++ } else if (g_str_equal((const gchar *)nodes[i]->name, ++ OSINFO_DEVICE_DRIVER_PROP_DEVICE)) { + xmlChar *device_id = xmlGetProp(nodes[i], BAD_CAST "id"); + OsinfoDevice *device = osinfo_loader_get_device(loader, + (gchar *)device_id); +-- +2.21.0 + diff --git a/SOURCES/0003-loader-properly-load-the-treeinfo-attributes.patch b/SOURCES/0003-loader-properly-load-the-treeinfo-attributes.patch new file mode 100644 index 0000000..cfbff3d --- /dev/null +++ b/SOURCES/0003-loader-properly-load-the-treeinfo-attributes.patch @@ -0,0 +1,57 @@ +From 5e09667f547a21a5621f6cafbe82aeb85bad7071 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Sun, 2 Dec 2018 16:37:57 +0100 +Subject: [PATCH] loader: properly load the treeinfo attributes +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +treeinfo attributes haven't been loaded properly due to the change done +in ab2ab35f, changing the hardcoded 9 to sizeof("treeinfo-"). + +The problem here is that size("treeinfo-") is 10, causing that any +comparison to fail. + +Let's change the sizeof("treeinfo-") to strlen("treeinfo-"). + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Christophe Fergeau +(cherry picked from commit d56e33b47c806522378f267b50c354e48df25f98) +--- + osinfo/osinfo_loader.c | 8 ++++---- + 1 file changed, 4 insertions(+), 4 deletions(-) + +diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c +index 898dee9..85f51ab 100644 +--- a/osinfo/osinfo_loader.c ++++ b/osinfo/osinfo_loader.c +@@ -1196,22 +1196,22 @@ static OsinfoTree *osinfo_loader_tree(OsinfoLoader *loader, + continue; + + if (g_str_equal((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_FAMILY + sizeof("treeinfo-"))) ++ OSINFO_TREE_PROP_TREEINFO_FAMILY + strlen("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_FAMILY, + (const gchar *)nodes[i]->children->content); + else if (g_str_equal((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_VARIANT + sizeof("treeinfo-"))) ++ OSINFO_TREE_PROP_TREEINFO_VARIANT + strlen("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_VARIANT, + (const gchar *)nodes[i]->children->content); + else if (g_str_equal((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_VERSION + sizeof("treeinfo-"))) ++ OSINFO_TREE_PROP_TREEINFO_VERSION + strlen("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_VERSION, + (const gchar *)nodes[i]->children->content); + else if (g_str_equal((const gchar *)nodes[i]->name, +- OSINFO_TREE_PROP_TREEINFO_ARCH + sizeof("treeinfo-"))) ++ OSINFO_TREE_PROP_TREEINFO_ARCH + strlen("treeinfo-"))) + osinfo_entity_set_param(OSINFO_ENTITY(tree), + OSINFO_TREE_PROP_TREEINFO_ARCH, + (const gchar *)nodes[i]->children->content); +-- +2.21.0 + diff --git a/SOURCES/0004-db-improve-_guess_os_from_tree-checks.patch b/SOURCES/0004-db-improve-_guess_os_from_tree-checks.patch new file mode 100644 index 0000000..bcf2036 --- /dev/null +++ b/SOURCES/0004-db-improve-_guess_os_from_tree-checks.patch @@ -0,0 +1,38 @@ +From 327e4c4f27fdedefc89317e4a42f5382fadefbf3 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Sun, 2 Dec 2018 16:37:59 +0100 +Subject: [PATCH] db: improve _guess_os_from_tree() checks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Do not check against a distro which doesn't have treeinfo data as +match_regex() would just match whatever we compare to it. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Christophe Fergeau +(cherry picked from commit 705b08bb3fa44a2266abdd5d145544c67ef0d882) +--- + osinfo/osinfo_db.c | 6 ++++++ + 1 file changed, 6 insertions(+) + +diff --git a/osinfo/osinfo_db.c b/osinfo/osinfo_db.c +index fa14c6d..4f8684a 100644 +--- a/osinfo/osinfo_db.c ++++ b/osinfo/osinfo_db.c +@@ -763,6 +763,12 @@ OsinfoOs *osinfo_db_guess_os_from_tree(OsinfoDb *db, + const gchar *os_version = osinfo_tree_get_treeinfo_version(os_tree); + const gchar *os_arch = osinfo_tree_get_treeinfo_arch(os_tree); + ++ if (os_family == NULL && ++ os_variant == NULL && ++ os_version == NULL && ++ os_arch == NULL) ++ continue; ++ + if (match_regex(os_family, tree_family) && + match_regex(os_variant, tree_variant) && + match_regex(os_version, tree_version) && +-- +2.21.0 + diff --git a/SOURCES/0005-tree-cleanup-load_key_info.patch b/SOURCES/0005-tree-cleanup-load_key_info.patch new file mode 100644 index 0000000..23f18ec --- /dev/null +++ b/SOURCES/0005-tree-cleanup-load_key_info.patch @@ -0,0 +1,113 @@ +From c90388dda9f8f694e4458ca315430b0d37336530 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 10 Dec 2018 15:42:21 +0100 +Subject: [PATCH] tree: cleanup load_key_info() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Instead of doing the same checks for key or group not found all over the +place, let's just add a new function that does that and replace the old +check for the new function. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Christophe Fergeau +(cherry picked from commit 6eab80bac760dc44dbefe403ef67a3a80dca2392) +--- + osinfo/osinfo_tree.c | 63 ++++++++++++++++++++++++-------------------- + 1 file changed, 35 insertions(+), 28 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index 565ccfe..f256f8a 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -472,6 +472,13 @@ static gboolean is_str_empty(const gchar *str) { + return ret; + } + ++static gboolean is_unknown_group_or_key_error(const GError *error) ++{ ++ return (g_error_matches(error, G_KEY_FILE_ERROR, ++ G_KEY_FILE_ERROR_KEY_NOT_FOUND) || ++ g_error_matches(error, G_KEY_FILE_ERROR, ++ G_KEY_FILE_ERROR_GROUP_NOT_FOUND)); ++} + + static OsinfoTree *load_keyinfo(const gchar *location, + const gchar *content, +@@ -493,44 +500,44 @@ static OsinfoTree *load_keyinfo(const gchar *location, + G_KEY_FILE_NONE, error)) + goto cleanup; + +- if (!(family = g_key_file_get_string(file, "general", "family", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(family = g_key_file_get_string(file, "general", "family", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + +- if (!(variant = g_key_file_get_string(file, "general", "variant", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(variant = g_key_file_get_string(file, "general", "variant", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + +- if (!(version = g_key_file_get_string(file, "general", "version", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(version = g_key_file_get_string(file, "general", "version", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + +- if (!(arch = g_key_file_get_string(file, "general", "arch", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(arch = g_key_file_get_string(file, "general", "arch", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + + + if (arch) { + group = g_strdup_printf("images-%s", arch); + +- if (!(kernel = g_key_file_get_string(file, group, "kernel", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(kernel = g_key_file_get_string(file, group, "kernel", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + +- if (!(initrd = g_key_file_get_string(file, group, "initrd", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(initrd = g_key_file_get_string(file, group, "initrd", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + +- if (!(bootiso = g_key_file_get_string(file, group, "boot.iso", error)) && +- (*error && (*error)->code != G_KEY_FILE_ERROR_KEY_NOT_FOUND && +- (*error)->code != G_KEY_FILE_ERROR_GROUP_NOT_FOUND)) +- goto cleanup; ++ if (!(bootiso = g_key_file_get_string(file, group, "boot.iso", error))) { ++ if (!is_unknown_group_or_key_error(*error)) ++ goto cleanup; ++ } + } + + tree = osinfo_tree_new(location, arch ? arch : "i386"); +-- +2.21.0 + diff --git a/SOURCES/0006-tree-cleanup-non-fatal-errors-in-load_key_info.patch b/SOURCES/0006-tree-cleanup-non-fatal-errors-in-load_key_info.patch new file mode 100644 index 0000000..15969b6 --- /dev/null +++ b/SOURCES/0006-tree-cleanup-non-fatal-errors-in-load_key_info.patch @@ -0,0 +1,80 @@ +From d5fbca9987b595c3f277a39cc04aca810bde02bc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 10 Dec 2018 15:46:17 +0100 +Subject: [PATCH] tree: cleanup non-fatal errors in load_key_info() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There are errors which are not fatal and just ignored in load_keyinfo. +However, as those have not been cleaned up, we could see messages like: +(lt-osinfo-detect:20658): GLib-WARNING **: GError set over the top of a +previous GError or uninitialized memory. +This indicates a bug in someone's code. You must ensure an error is NULL +before it's set. +The overwriting error message was: Key file does not have key “boot.iso” +in group “images-x86_64” + +In order to avoid this, let's just call g_clear_error() after situations +where an error may have been set but it can just be ignored. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Christophe Fergeau +(cherry picked from commit 1c4deff7dc94da6157f64c398a58375a2c97e35b) +--- + osinfo/osinfo_tree.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index f256f8a..ef82807 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -503,21 +503,25 @@ static OsinfoTree *load_keyinfo(const gchar *location, + if (!(family = g_key_file_get_string(file, "general", "family", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + if (!(variant = g_key_file_get_string(file, "general", "variant", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + if (!(version = g_key_file_get_string(file, "general", "version", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + if (!(arch = g_key_file_get_string(file, "general", "arch", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + +@@ -527,16 +531,19 @@ static OsinfoTree *load_keyinfo(const gchar *location, + if (!(kernel = g_key_file_get_string(file, group, "kernel", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + if (!(initrd = g_key_file_get_string(file, group, "initrd", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + + if (!(bootiso = g_key_file_get_string(file, group, "boot.iso", error))) { + if (!is_unknown_group_or_key_error(*error)) + goto cleanup; ++ g_clear_error(error); + } + } + +-- +2.21.0 + diff --git a/SOURCES/0007-tree-Also-check-fore-treeinfo-in-addition-to-.treein.patch b/SOURCES/0007-tree-Also-check-fore-treeinfo-in-addition-to-.treein.patch new file mode 100644 index 0000000..bdb11f2 --- /dev/null +++ b/SOURCES/0007-tree-Also-check-fore-treeinfo-in-addition-to-.treein.patch @@ -0,0 +1,136 @@ +From 5d327081b489bd58e5fbafc5cff9c893b46e996c Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 25 Mar 2019 11:44:29 +0100 +Subject: [PATCH] tree: Also check fore "treeinfo" in addition to ".treeinfo" +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Akamai CDN hosted files can't start with a dot, making trees published to +a CDN having their ".treeinfo" files renamed to "treeinfo". + +https://gitlab.com/libosinfo/libosinfo/issues/18 + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit e8e0ca9024847aca9d079ffb34a2bbd0494fe978) +--- + osinfo/osinfo_tree.c | 67 +++++++++++++++++++++++++++++++++----------- + 1 file changed, 50 insertions(+), 17 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index ef82807..eaac54f 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -35,6 +35,7 @@ typedef struct _CreateFromLocationAsyncData CreateFromLocationAsyncData; + struct _CreateFromLocationAsyncData { + GFile *file; + gchar *location; ++ gchar *treeinfo; + + GTask *res; + +@@ -594,6 +595,11 @@ static OsinfoTree *load_keyinfo(const gchar *location, + return tree; + } + ++static void ++osinfo_tree_create_from_location_async_helper(const gchar *url, ++ const gchar *treeinfo, ++ GCancellable *cancellable, ++ CreateFromLocationAsyncData *data); + + static void on_location_read(GObject *source, + GAsyncResult *res, +@@ -613,7 +619,17 @@ static void on_location_read(GObject *source, + &length, + NULL, + &error)) { +- g_prefix_error(&error, _("Failed to load .treeinfo file: ")); ++ /* It means no ".treeinfo" file has been found. Try again, this time ++ * looking for a "treeinfo" file. */ ++ if (g_str_equal(data->treeinfo, ".treeinfo")) { ++ osinfo_tree_create_from_location_async_helper(data->location, ++ "treeinfo", ++ g_task_get_cancellable(data->res), ++ data); ++ return; ++ } ++ ++ g_prefix_error(&error, _("Failed to load .treeinfo|treeinfo file: ")); + g_task_return_error(data->res, error); + create_from_location_async_data_free(data); + return; +@@ -635,6 +651,35 @@ static void on_location_read(GObject *source, + g_free(content); + } + ++static void ++osinfo_tree_create_from_location_async_helper(const gchar *url, ++ const gchar *treeinfo, ++ GCancellable *cancellable, ++ CreateFromLocationAsyncData *data) ++{ ++ gchar *location; ++ ++ g_return_if_fail(url != NULL); ++ g_return_if_fail(treeinfo != NULL); ++ ++ location = g_strdup_printf("%s/%s", url, treeinfo); ++ ++ g_clear_object(&data->file); ++ data->file = g_file_new_for_uri(location); ++ ++ g_free(data->location); ++ data->location = g_strdup(url); ++ ++ g_free(data->treeinfo); ++ data->treeinfo = g_strdup(treeinfo); ++ ++ g_file_load_contents_async(data->file, ++ cancellable, ++ on_location_read, ++ data); ++ g_free(location); ++} ++ + /** + * osinfo_tree_create_from_location_async: + * @location: the location of an installation tree +@@ -652,11 +697,6 @@ void osinfo_tree_create_from_location_async(const gchar *location, + gpointer user_data) + { + CreateFromLocationAsyncData *data; +- gchar *treeinfo; +- +- g_return_if_fail(location != NULL); +- +- treeinfo = g_strdup_printf("%s/.treeinfo", location); + + data = g_slice_new0(CreateFromLocationAsyncData); + data->res = g_task_new(NULL, +@@ -665,17 +705,10 @@ void osinfo_tree_create_from_location_async(const gchar *location, + user_data); + g_task_set_priority(data->res, priority); + +- data->file = g_file_new_for_uri(treeinfo); +- data->location = g_strdup(location); +- +- /* XXX priority ? */ +- /* XXX probe other things besides just tree info */ +- g_file_load_contents_async(data->file, +- cancellable, +- on_location_read, +- data); +- +- g_free(treeinfo); ++ osinfo_tree_create_from_location_async_helper(location, ++ ".treeinfo", ++ cancellable, ++ data); + } + + +-- +2.21.0 + diff --git a/SOURCES/0008-tree-Avoid-use-of-memory-after-it-s-freed.patch b/SOURCES/0008-tree-Avoid-use-of-memory-after-it-s-freed.patch new file mode 100644 index 0000000..9bf2ee5 --- /dev/null +++ b/SOURCES/0008-tree-Avoid-use-of-memory-after-it-s-freed.patch @@ -0,0 +1,50 @@ +From ba648511089973f86b5345abfab9fd2fdbdd9ca6 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 21 May 2019 13:29:18 +0200 +Subject: [PATCH] tree: Avoid use of memory after it's freed +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +We've been passing data->location as the @url argument of +osinfo_tree_create_from_location_async_helper(), freeing it and trying +to g_strdup() it as the new content of data->location. + +In order to avoid doing so, let's set the data->location only once, in +the first caller of osinfo_tree_create_from_location_async_helper(), as +its content is always going to be the same doesn't matter the treeinfo +format to be used with. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit d7bc838a96acf5f058e13d2b49157b4ba396cd87) +--- + osinfo/osinfo_tree.c | 5 ++--- + 1 file changed, 2 insertions(+), 3 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index eaac54f..2e6a4ee 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -667,9 +667,6 @@ osinfo_tree_create_from_location_async_helper(const gchar *url, + g_clear_object(&data->file); + data->file = g_file_new_for_uri(location); + +- g_free(data->location); +- data->location = g_strdup(url); +- + g_free(data->treeinfo); + data->treeinfo = g_strdup(treeinfo); + +@@ -705,6 +702,8 @@ void osinfo_tree_create_from_location_async(const gchar *location, + user_data); + g_task_set_priority(data->res, priority); + ++ data->location = g_strdup(location); ++ + osinfo_tree_create_from_location_async_helper(location, + ".treeinfo", + cancellable, +-- +2.21.0 + diff --git a/SOURCES/0009-tree-Cleanup-_create_from_location_async_helper.patch b/SOURCES/0009-tree-Cleanup-_create_from_location_async_helper.patch new file mode 100644 index 0000000..603e27e --- /dev/null +++ b/SOURCES/0009-tree-Cleanup-_create_from_location_async_helper.patch @@ -0,0 +1,92 @@ +From be4906d64b091397b897d351fd09c1146bc10f93 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Tue, 21 May 2019 13:33:27 +0200 +Subject: [PATCH] tree: Cleanup _create_from_location_async_helper() +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +There's no need to pass neither the URL nor the cancellable to this +function as those can be taken directly from data. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Cole Robinson +(cherry picked from commit dfda02598034737610b69fdd08d62f62cbf5b0cb) +--- + osinfo/osinfo_tree.c | 27 ++++++++------------------- + 1 file changed, 8 insertions(+), 19 deletions(-) + +diff --git a/osinfo/osinfo_tree.c b/osinfo/osinfo_tree.c +index 2e6a4ee..df03303 100644 +--- a/osinfo/osinfo_tree.c ++++ b/osinfo/osinfo_tree.c +@@ -596,10 +596,8 @@ static OsinfoTree *load_keyinfo(const gchar *location, + } + + static void +-osinfo_tree_create_from_location_async_helper(const gchar *url, +- const gchar *treeinfo, +- GCancellable *cancellable, +- CreateFromLocationAsyncData *data); ++osinfo_tree_create_from_location_async_helper(CreateFromLocationAsyncData *data, ++ const gchar *treeinfo); + + static void on_location_read(GObject *source, + GAsyncResult *res, +@@ -622,10 +620,7 @@ static void on_location_read(GObject *source, + /* It means no ".treeinfo" file has been found. Try again, this time + * looking for a "treeinfo" file. */ + if (g_str_equal(data->treeinfo, ".treeinfo")) { +- osinfo_tree_create_from_location_async_helper(data->location, +- "treeinfo", +- g_task_get_cancellable(data->res), +- data); ++ osinfo_tree_create_from_location_async_helper(data, "treeinfo"); + return; + } + +@@ -652,17 +647,14 @@ static void on_location_read(GObject *source, + } + + static void +-osinfo_tree_create_from_location_async_helper(const gchar *url, +- const gchar *treeinfo, +- GCancellable *cancellable, +- CreateFromLocationAsyncData *data) ++osinfo_tree_create_from_location_async_helper(CreateFromLocationAsyncData *data, ++ const gchar *treeinfo) + { + gchar *location; + +- g_return_if_fail(url != NULL); + g_return_if_fail(treeinfo != NULL); + +- location = g_strdup_printf("%s/%s", url, treeinfo); ++ location = g_strdup_printf("%s/%s", data->location, treeinfo); + + g_clear_object(&data->file); + data->file = g_file_new_for_uri(location); +@@ -671,7 +663,7 @@ osinfo_tree_create_from_location_async_helper(const gchar *url, + data->treeinfo = g_strdup(treeinfo); + + g_file_load_contents_async(data->file, +- cancellable, ++ g_task_get_cancellable(data->res), + on_location_read, + data); + g_free(location); +@@ -704,10 +696,7 @@ void osinfo_tree_create_from_location_async(const gchar *location, + + data->location = g_strdup(location); + +- osinfo_tree_create_from_location_async_helper(location, +- ".treeinfo", +- cancellable, +- data); ++ osinfo_tree_create_from_location_async_helper(data, ".treeinfo"); + } + + +-- +2.21.0 + diff --git a/SOURCES/0010-db-improve-_guess_os_from_media-checks.patch b/SOURCES/0010-db-improve-_guess_os_from_media-checks.patch new file mode 100644 index 0000000..3501a0b --- /dev/null +++ b/SOURCES/0010-db-improve-_guess_os_from_media-checks.patch @@ -0,0 +1,39 @@ +From ff471e84587597029ab0f1f67b1dc11f5578a0ee Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 14 Jan 2019 17:08:11 +0100 +Subject: [PATCH] db: improve _guess_os_from_media() checks +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Do not check against a distro which doesn't have *any* of the values we +use to check as match_regex() would just match whatever we compare to +it. + +Signed-off-by: Fabiano Fidêncio +(cherry picked from commit 8969c436ebc6e9610172b124e638efea21d9eae8) +--- + osinfo/osinfo_db.c | 7 +++++++ + 1 file changed, 7 insertions(+) + +diff --git a/osinfo/osinfo_db.c b/osinfo/osinfo_db.c +index 4f8684a..5dc0aac 100644 +--- a/osinfo/osinfo_db.c ++++ b/osinfo/osinfo_db.c +@@ -577,6 +577,13 @@ osinfo_db_guess_os_from_media_internal(OsinfoDb *db, + const gchar *os_application = osinfo_media_get_application_id(os_media); + gint64 os_vol_size = osinfo_media_get_volume_size(os_media); + ++ if (os_volume == NULL && ++ os_system == NULL && ++ os_publisher == NULL && ++ os_application == NULL && ++ os_vol_size <= 0) ++ continue; ++ + if (os_vol_size <= 0) + os_vol_size = media_vol_size; + +-- +2.21.0 + diff --git a/SOURCES/0011-tools-install-script-Add-config-file-f-option.patch b/SOURCES/0011-tools-install-script-Add-config-file-f-option.patch new file mode 100644 index 0000000..680af7b --- /dev/null +++ b/SOURCES/0011-tools-install-script-Add-config-file-f-option.patch @@ -0,0 +1,169 @@ +From 08fb8316b4ac42fe74c1fa5ca0ac593222cdf81a Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Wed, 3 Jul 2019 14:55:24 +0200 +Subject: [PATCH] tools,install-script: Add --config-file (-f) option +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Let's add a new option so users can set their config from a file, +instead of directly passing the values via command-line. + +CVE-2019-13313 +Libosinfo: osinfo-install-script option leaks password via command line +argument. 'osinfo-install-script' is used to generate a script for +automated guest installations. It accepts user and admin passwords via +command line arguments, thus leaking them via process listing. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Daniel P. Berrangé +--- + tools/osinfo-install-script.c | 102 +++++++++++++++++++++++++++++++++- + 1 file changed, 101 insertions(+), 1 deletion(-) + +diff --git a/tools/osinfo-install-script.c b/tools/osinfo-install-script.c +index 15af48d..af58440 100644 +--- a/tools/osinfo-install-script.c ++++ b/tools/osinfo-install-script.c +@@ -37,6 +37,33 @@ static gboolean list_profile = FALSE; + static gboolean list_inj_method = FALSE; + static gboolean quiet = FALSE; + ++static const gchar *configs[] = { ++ OSINFO_INSTALL_CONFIG_PROP_HARDWARE_ARCH, ++ OSINFO_INSTALL_CONFIG_PROP_L10N_TIMEZONE, ++ OSINFO_INSTALL_CONFIG_PROP_L10N_LANGUAGE, ++ OSINFO_INSTALL_CONFIG_PROP_L10N_KEYBOARD, ++ OSINFO_INSTALL_CONFIG_PROP_ADMIN_PASSWORD, ++ OSINFO_INSTALL_CONFIG_PROP_USER_PASSWORD, ++ OSINFO_INSTALL_CONFIG_PROP_USER_LOGIN, ++ OSINFO_INSTALL_CONFIG_PROP_USER_REALNAME, ++ OSINFO_INSTALL_CONFIG_PROP_USER_AUTOLOGIN, ++ OSINFO_INSTALL_CONFIG_PROP_USER_ADMIN, ++ OSINFO_INSTALL_CONFIG_PROP_REG_LOGIN, ++ OSINFO_INSTALL_CONFIG_PROP_REG_PASSWORD, ++ OSINFO_INSTALL_CONFIG_PROP_REG_PRODUCTKEY, ++ OSINFO_INSTALL_CONFIG_PROP_HOSTNAME, ++ OSINFO_INSTALL_CONFIG_PROP_TARGET_DISK, ++ OSINFO_INSTALL_CONFIG_PROP_SCRIPT_DISK, ++ OSINFO_INSTALL_CONFIG_PROP_AVATAR_LOCATION, ++ OSINFO_INSTALL_CONFIG_PROP_AVATAR_DISK, ++ OSINFO_INSTALL_CONFIG_PROP_PRE_INSTALL_DRIVERS_DISK, ++ OSINFO_INSTALL_CONFIG_PROP_PRE_INSTALL_DRIVERS_LOCATION, ++ OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_DISK, ++ OSINFO_INSTALL_CONFIG_PROP_POST_INSTALL_DRIVERS_LOCATION, ++ OSINFO_INSTALL_CONFIG_PROP_DRIVER_SIGNING, ++ NULL ++}; ++ + static OsinfoInstallConfig *config; + + static gboolean handle_config(const gchar *option_name G_GNUC_UNUSED, +@@ -65,6 +93,47 @@ static gboolean handle_config(const gchar *option_name G_GNUC_UNUSED, + } + + ++static gboolean handle_config_file(const gchar *option_name G_GNUC_UNUSED, ++ const gchar *value, ++ gpointer data G_GNUC_UNUSED, ++ GError **error) ++{ ++ GKeyFile *key_file = NULL; ++ gchar *val = NULL; ++ gsize i; ++ gboolean ret = FALSE; ++ ++ key_file = g_key_file_new(); ++ if (!g_key_file_load_from_file(key_file, value, G_KEY_FILE_NONE, error)) ++ goto error; ++ ++ for (i = 0; configs[i] != NULL; i++) { ++ val = g_key_file_get_string(key_file, "install-script", configs[i], error); ++ if (val == NULL) { ++ if (g_error_matches(*error, G_KEY_FILE_ERROR, ++ G_KEY_FILE_ERROR_KEY_NOT_FOUND)) { ++ g_clear_error(error); ++ continue; ++ } ++ ++ goto error; ++ } ++ ++ osinfo_entity_set_param(OSINFO_ENTITY(config), ++ configs[i], ++ val); ++ g_free(val); ++ } ++ ++ ret = TRUE; ++ ++error: ++ g_key_file_unref(key_file); ++ ++ return ret; ++} ++ ++ + static GOptionEntry entries[] = + { + { "profile", 'p', 0, G_OPTION_ARG_STRING, (void*)&profile, +@@ -78,6 +147,9 @@ static GOptionEntry entries[] = + { "config", 'c', 0, G_OPTION_ARG_CALLBACK, + handle_config, + N_("Set configuration parameter"), "key=value" }, ++ { "config-file", 'f', 0, G_OPTION_ARG_CALLBACK, ++ handle_config_file, ++ N_("Set configuration parameters"), "file:///path/to/config/file" }, + { "list-config", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_config, + N_("List configuration parameters"), NULL }, + { "list-profiles", '\0', 0, G_OPTION_ARG_NONE, (void*)&list_profile, +@@ -448,6 +520,15 @@ script. Defaults to C, but can also be C. + + Set the configuration parameter C to C. + ++=item B<--config-file=config-file> ++ ++Set the configurations parameters according to the config-file passed. ++ ++Note that use of --config-file is strongly recommended if the user or ++admin passwords need to be set. Providing passwords directly using ++B<--config=> is insecure as the password is visible to all processes ++and users on the same host. ++ + =back + + =head1 CONFIGURATION KEYS +@@ -510,9 +591,29 @@ The software registration user password + + =back + ++=head1 CONFIGURATION FILE FORMAT ++ ++The configuration file must consist in a file which contains a ++`install-script` group and, under this group, C=C ++pairs, as shown below: ++ ++[install-script] ++l10n-timezone=GMT ++l10n-keyboard=uk ++l10n-language=en_GB ++admin-password=123456 ++user-login=berrange ++user-password=123456 ++user-realname="Daniel P Berrange" ++ + =head1 EXAMPLE USAGE + +-The following usage generates a Fedora 16 kickstart script ++The following usages generates a Fedora 16 kickstart script ++ ++ # osinfo-install-script \ ++ --profile jeos \ ++ --config-file /path/to/config/file \ ++ fedora16 + + # osinfo-install-script \ + --profile jeos \ +-- +2.21.0 + diff --git a/SOURCES/0012-tools-install-script-Deprecate-config-user-admin-pas.patch b/SOURCES/0012-tools-install-script-Deprecate-config-user-admin-pas.patch new file mode 100644 index 0000000..3889bfd --- /dev/null +++ b/SOURCES/0012-tools-install-script-Deprecate-config-user-admin-pas.patch @@ -0,0 +1,59 @@ +From 3654abee6ead9f11f8bb9ba8fc71efd6fa4dabbc Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Wed, 3 Jul 2019 14:59:07 +0200 +Subject: [PATCH] tools,install-script: Deprecate --config + {user,admin}-password +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +Let's deprecate user-password and admin-password options of --config and +also warn out whenever they're passed to osinfo-install-script. + +CVE-2019-13313 +Libosinfo: osinfo-install-script option leaks password via command line +argument. 'osinfo-install-script' is used to generate a script for +automated guest installations. It accepts user and admin passwords via +command line arguments, thus leaking them via process listing. + +Signed-off-by: Fabiano Fidêncio +Reviewed-by: Daniel P. Berrangé +--- + tools/osinfo-install-script.c | 10 ++++++++++ + 1 file changed, 10 insertions(+) + +diff --git a/tools/osinfo-install-script.c b/tools/osinfo-install-script.c +index af58440..c0528e7 100644 +--- a/tools/osinfo-install-script.c ++++ b/tools/osinfo-install-script.c +@@ -85,6 +85,12 @@ static gboolean handle_config(const gchar *option_name G_GNUC_UNUSED, + val++; + key = g_strndup(value, len); + ++ if (g_str_equal(key, OSINFO_INSTALL_CONFIG_PROP_USER_PASSWORD) || ++ g_str_equal(key, OSINFO_INSTALL_CONFIG_PROP_ADMIN_PASSWORD)) { ++ g_warning("When setting user or admin password, use --config-file " ++ "instead.\n"); ++ } ++ + osinfo_entity_set_param(OSINFO_ENTITY(config), + key, + val); +@@ -556,10 +562,14 @@ The local language + =item C + + The administrator password ++This option has been deprecated, use B<--config-file> ++for setting the admin password. + + =item C + + The user password ++This option has been deprecated, use B<--config-file> ++for setting the user password. + + =item C + +-- +2.21.0 + diff --git a/SOURCES/0013-loader-Don-t-expand-entities-when-parsing-XML.patch b/SOURCES/0013-loader-Don-t-expand-entities-when-parsing-XML.patch new file mode 100644 index 0000000..8916caa --- /dev/null +++ b/SOURCES/0013-loader-Don-t-expand-entities-when-parsing-XML.patch @@ -0,0 +1,37 @@ +From f02004601780c9281a192293f963854e8ecf1179 Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 12 Aug 2019 15:25:40 +0200 +Subject: [PATCH] loader: Don't expand entities when parsing XML +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The XML_PARSE_NOENT flag to libxml will cause it to expand all entities +in the input XML document when parsing. Doing this is bad practice if the +XML input file comes from an untrusted source, because it can cause the +XML parser to load arbitrary files that are readable by the user running +XML parsing. + +This is basically the same fix as 47233d0b9dc (from osinfo-db-tools) + +Signed-off-by: Fabiano Fidêncio +--- + osinfo/osinfo_loader.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/osinfo/osinfo_loader.c b/osinfo/osinfo_loader.c +index 51bd8ac..833a7e5 100644 +--- a/osinfo/osinfo_loader.c ++++ b/osinfo/osinfo_loader.c +@@ -1844,7 +1844,7 @@ static void osinfo_loader_process_xml(OsinfoLoader *loader, + pctxt->sax->error = catchXMLError; + + xml = xmlCtxtReadDoc(pctxt, BAD_CAST xmlStr, src, NULL, +- XML_PARSE_NOENT | XML_PARSE_NONET | ++ XML_PARSE_NONET | + XML_PARSE_NOWARNING); + if (!xml) + goto cleanup; +-- +2.21.0 + diff --git a/SOURCES/0014-install-script-Don-t-expand-entities-when-parsing-XM.patch b/SOURCES/0014-install-script-Don-t-expand-entities-when-parsing-XM.patch new file mode 100644 index 0000000..9f906e0 --- /dev/null +++ b/SOURCES/0014-install-script-Don-t-expand-entities-when-parsing-XM.patch @@ -0,0 +1,37 @@ +From 518ac5029578b07471ed2aa15f6c924073075ddf Mon Sep 17 00:00:00 2001 +From: =?UTF-8?q?Fabiano=20Fid=C3=AAncio?= +Date: Mon, 12 Aug 2019 15:28:07 +0200 +Subject: [PATCH] install-script: Don't expand entities when parsing XML +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +The XML_PARSE_NOENT flag to libxml will cause it to expand all entities +in the input XML document when parsing. Doing this is bad practice if the +XML input file comes from an untrusted source, because it can cause the +XML parser to load arbitrary files that are readable by the user running +XML parsing. + +This is basically the same fix as 47233d0b9dc (from osinfo-db-tools) + +Signed-off-by: Fabiano Fidêncio +--- + osinfo/osinfo_install_script.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/osinfo/osinfo_install_script.c b/osinfo/osinfo_install_script.c +index 906fb83..5cd00a0 100644 +--- a/osinfo/osinfo_install_script.c ++++ b/osinfo/osinfo_install_script.c +@@ -725,7 +725,7 @@ static xsltStylesheetPtr osinfo_install_script_load_template(const gchar *uri, + } + + if (!(doc = xmlCtxtReadDoc(pctxt, BAD_CAST template, uri, NULL, +- XML_PARSE_NOENT | XML_PARSE_NONET | ++ XML_PARSE_NONET | + XML_PARSE_NOWARNING))) { + g_set_error_literal(error, OSINFO_ERROR, 0, + _("Unable to read XSL template")); +-- +2.21.0 + diff --git a/SPECS/libosinfo.spec b/SPECS/libosinfo.spec index 66dc3d3..c9ecc3d 100644 --- a/SPECS/libosinfo.spec +++ b/SPECS/libosinfo.spec @@ -1,30 +1,45 @@ # -*- rpm-spec -*- -%global optflags %(echo %{optflags} | sed 's/-D_FORTIFY_SOURCE=2//') Summary: A library for managing OS information for virtualization Name: libosinfo -Version: 1.7.1 -Release: 1%{?dist} +Version: 1.1.0 +Release: 5%{?dist}%{?extra_release} License: LGPLv2+ -Source: https://releases.pagure.org/%{name}/%{name}-%{version}.tar.xz +Group: Development/Libraries +Source: https://releases.pagure.io/%{name}/%{name}-%{version}.tar.gz URL: https://libosinfo.org/ ### Patches ### - -BuildRequires: meson -BuildRequires: gcc -BuildRequires: gtk-doc -BuildRequires: gettext-devel +# https://bugzilla.redhat.com/show_bug.cgi?id=1712458 +Patch0001: 0001-Use-g_list_free_full-where-easily-possible.patch +Patch0002: 0002-loader-Replace-strcmp-with-g_str_equal.patch +Patch0003: 0003-loader-properly-load-the-treeinfo-attributes.patch +Patch0004: 0004-db-improve-_guess_os_from_tree-checks.patch +Patch0005: 0005-tree-cleanup-load_key_info.patch +Patch0006: 0006-tree-cleanup-non-fatal-errors-in-load_key_info.patch +Patch0007: 0007-tree-Also-check-fore-treeinfo-in-addition-to-.treein.patch +Patch0008: 0008-tree-Avoid-use-of-memory-after-it-s-freed.patch +Patch0009: 0009-tree-Cleanup-_create_from_location_async_helper.patch +Patch0010: 0010-db-improve-_guess_os_from_media-checks.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1727842 +Patch0011: 0011-tools-install-script-Add-config-file-f-option.patch +Patch0012: 0012-tools-install-script-Deprecate-config-user-admin-pas.patch +# https://bugzilla.redhat.com/show_bug.cgi?id=1740212 +Patch0013: 0013-loader-Don-t-expand-entities-when-parsing-XML.patch +Patch0014: 0014-install-script-Don-t-expand-entities-when-parsing-XM.patch + +BuildRequires: intltool BuildRequires: glib2-devel +BuildRequires: check-devel BuildRequires: libxml2-devel >= 2.6.0 BuildRequires: libxslt-devel >= 1.0.0 -BuildRequires: libsoup-devel BuildRequires: vala +BuildRequires: vala-tools +BuildRequires: libsoup-devel BuildRequires: /usr/bin/pod2man BuildRequires: hwdata BuildRequires: gobject-introspection-devel BuildRequires: osinfo-db -BuildRequires: git Requires: hwdata Requires: osinfo-db Requires: osinfo-db-tools @@ -36,12 +51,10 @@ combination. %package devel Summary: Libraries, includes, etc. to compile with the libosinfo library +Group: Development/Libraries Requires: %{name} = %{version}-%{release} Requires: pkgconfig Requires: glib2-devel -# -vala subpackage removed in F30 -Obsoletes: libosinfo-vala < 1.3.0-3 -Provides: libosinfo-vala = %{version}-%{release} %description devel libosinfo is a library that allows virtualization provisioning tools to @@ -50,27 +63,47 @@ combination. Libraries, includes, etc. to compile with the libosinfo library +%package vala +Summary: Vala bindings +Group: Development/Libraries +Requires: %{name} = %{version}-%{release} + +%description vala +libosinfo is a library that allows virtualization provisioning tools to +determine the optimal device settings for a hypervisor/operating system +combination. + +This package provides the Vala bindings for libosinfo library. + %prep -%autosetup -S git +%setup -q +for p in %patches ; do + %__patch -p1 -i $p +done %build -%meson \ - -Denable-gtk-doc=true \ - -Denable-tests=true \ - -Denable-introspection=enabled \ - -Denable-vala=enabled +%configure --enable-introspection=yes --enable-vala=yes +%__make %{?_smp_mflags} V=1 + +chmod a-x examples/*.js examples/*.py %install -%meson_install +rm -fr %{buildroot} +%__make install DESTDIR=%{buildroot} +rm -f %{buildroot}%{_libdir}/*.a +rm -f %{buildroot}%{_libdir}/*.la %find_lang %{name} -%check -%meson_test +%clean +rm -fr %{buildroot} + +%post -p /sbin/ldconfig -%ldconfig_scriptlets +%postun -p /sbin/ldconfig %files -f %{name}.lang +%defattr(-, root, root) %doc AUTHORS ChangeLog COPYING.LIB NEWS README %{_bindir}/osinfo-detect %{_bindir}/osinfo-query @@ -82,6 +115,9 @@ Libraries, includes, etc. to compile with the libosinfo library %{_libdir}/girepository-1.0/Libosinfo-1.0.typelib %files devel +%defattr(-, root, root) +%doc examples/demo.js +%doc examples/demo.py %{_libdir}/%{name}-1.0.so %dir %{_includedir}/%{name}-1.0/ %dir %{_includedir}/%{name}-1.0/osinfo/ @@ -90,89 +126,29 @@ Libraries, includes, etc. to compile with the libosinfo library %{_datadir}/gir-1.0/Libosinfo-1.0.gir %{_datadir}/gtk-doc/html/Libosinfo -%dir %{_datadir}/vala -%dir %{_datadir}/vala/vapi -%{_datadir}/vala/vapi/libosinfo-1.0.deps +%files vala +%defattr(-, root, root) %{_datadir}/vala/vapi/libosinfo-1.0.vapi %changelog -* Wed Dec 04 2019 Fabiano Fidêncio - 1.7.1-1 -- Update to 1.7.1 release - -* Fri Nov 29 2019 Fabiano Fidêncio - 1.7.0-1 -- Update to 1.7.0 release - -* Fri Nov 08 2019 Fabiano Fidêncio - 1.6.0-2 -- Improve ISO detection mechanism - -* Fri Jul 26 2019 Fabiano Fidêncio - 1.6.0-1 -- Update to 1.6.0 release - -* Thu Jul 25 2019 Fedora Release Engineering - 1.5.0-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild +* Tue Aug 13 2019 Fabiano Fidêncio - 1.1.0-5 +- Resolves: rhbz#1740212 - New defect found in libosinfo-1.1.0-4.el7 -* Wed Jul 10 2019 Fabiano Fidêncio - 1.5.0-3 -- rhbz#1727767 - CVE-2019-13313 libosinfo: osinfo-install-script - option leaks password via command line argument +* Fri Aug 02 2019 Fabiano Fidêncio - 1.1.0-4 +- Resolves: rhbz#1727842 - CVE-2019-13313 libosinfo: osinfo-install-script + option leaks password via command line argument -* Mon Jun 03 2019 Fabiano Fidêncio - 1.5.0-2 -- Fix coverity issues +* Thu May 23 2019 Fabiano Fidêncio - 1.1.0-3 +- Resolves: rhbz#1712458 - [machines] The function of 'Auto-detect guest + operating system' is not available on rhel 7.7 -* Thu May 09 2019 Fabiano Fidêncio - 1.5.0-1 -- Update to 1.5.0 release - -* Thu Apr 11 2019 Fabiano Fidêncio - 1.4.0-3 -- rhbz#1698845: Require GVFS - -* Wed Apr 10 2019 Fabiano Fidêncio - 1.4.0-2 -- Fix usage of application ID -- Fix images' load -- Remove tests depending on osinfo-db - -* Fri Mar 01 2019 Fabiano Fidêncio 1.4.0-1 -- Update to 1.4.0 release - -* Mon Feb 04 2019 Kalev Lember - 1.3.0-3 -- Use standard vala packaging pattern where vapi files are in -devel - -* Fri Feb 01 2019 Fedora Release Engineering - 1.3.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild - -* Wed Jan 30 2019 Daniel P. Berrangé - 1.3.0-1 -- Update to 1.3.0 release - -* Thu Oct 11 2018 Fabiano Fidêncio - 1.2.0-5 -- Do not force anchored patterns on libosinfo, leave it for osinfo-db - -* Thu Sep 20 2018 Fabiano Fidêncio - 1.2.0-4 -- Require osinfo-db >= 20180920-1 - -* Thu Sep 20 2018 Fabiano Fidêncio - 1.2.0-3 -- Force anchored patterns when matching regex - -* Fri Jul 13 2018 Fedora Release Engineering - 1.2.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild - -* Wed Jun 20 2018 Daniel P. Berrangé - 1.2.0-1 -- Update to 1.2.0 release - -* Tue Feb 06 2018 Igor Gnatenko - 1.1.0-2 -- Switch to %%ldconfig_scriptlets - -* Tue Aug 15 2017 Daniel P. Berrange 1.1.0-1 +* Wed Jun 06 2018 Richard Hughes 1.1.0-2 - New upstream release 1.1.0 +- Resolves: #1584263 -* Thu Aug 03 2017 Fedora Release Engineering - 1.0.0-4 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild - -* Wed Jul 26 2017 Fedora Release Engineering - 1.0.0-3 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild - -* Fri Feb 10 2017 Fedora Release Engineering - 1.0.0-2 -- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild - -* Fri Oct 7 2016 Daniel P. Berrange 1.0.0-1 -- New upstream release 1.0.0 +* Thu Feb 23 2017 Matthias Clasen 1.0.0-1 +- Rebase to 1.0.0 + Resolves: rhbz#1387014 * Fri Jul 1 2016 Daniel P. Berrange 0.3.1-1 - New upstream release 0.3.1