Revert "(branch) Remove support for passing gui QVariants to KAuth helpers"

This reverts commit cb46ab970f.
6 years ago · 1721f49299
parent cb46ab970f
commit 1721f49299
2 changed files with 1 additions and 75 deletions
--- a/0003-Remove-support-for-passing-gui-QVariants-to-KAuth-he.patch
+++ b/0003-Remove-support-for-passing-gui-QVariants-to-KAuth-he.patch
@ -1,68 +0,0 @@
 From fc70fb0161c1b9144d26389434d34dd135cd3f4a Mon Sep 17 00:00:00 2001
 From: Albert Astals Cid <aacid@kde.org>
 Date: Sat, 2 Feb 2019 14:35:25 +0100
 Subject: [PATCH 3/6] Remove support for passing gui QVariants to KAuth helpers
 Supporting gui variants is very dangerous since they can end up triggering
 image loading plugins which are one of the biggest vectors for crashes, which
 for very smart people mean possible code execution, which is very dangerous
 in code that is executed as root.
 We've checked all the KAuth helpers inside KDE git and none seems to be using
 gui variants, so we're not actually limiting anything that people wanted to do.
 Reviewed by security@kde.org and Aleix Pol
 Issue reported by Fabian Vogt
 ---
 src/backends/dbus/DBusHelperProxy.cpp | 9 +++++++++
 src/kauthaction.h                     | 2 ++
 2 files changed, 11 insertions(+)
 diff --git a/src/backends/dbus/DBusHelperProxy.cpp b/src/backends/dbus/DBusHelperProxy.cpp
 index 10c14c6..8f0d336 100644
 --- a/src/backends/dbus/DBusHelperProxy.cpp
 +++ b/src/backends/dbus/DBusHelperProxy.cpp
@@ -31,6 +31,8 @@
 #include "kf5authadaptor.h"
 #include "kauthdebug.h"
 +extern Q_CORE_EXPORT const QMetaTypeInterface *qMetaTypeGuiHelper;
 +
 namespace KAuth
 {
@@ -229,10 +231,17 @@ QByteArray DBusHelperProxy::performAction(const QString &action, const QByteArra
         return ActionReply::HelperBusyReply().serialized();
     }
 +    // Make sure we don't try restoring gui variants, in particular QImage/QPixmap/QIcon are super dangerous
 +    // since they end up calling the image loaders and thus are a vector for crashing → executing code
 +    auto origMetaTypeGuiHelper = qMetaTypeGuiHelper;
 +    qMetaTypeGuiHelper = nullptr;
 +
     QVariantMap args;
     QDataStream s(&arguments, QIODevice::ReadOnly);
     s >> args;
 +    qMetaTypeGuiHelper = origMetaTypeGuiHelper;
 +
     m_currentAction = action;
     emit remoteSignal(ActionStarted, action, QByteArray());
     QEventLoop e;
 diff --git a/src/kauthaction.h b/src/kauthaction.h
 index c67a70a..01f3ba1 100644
 --- a/src/kauthaction.h
 +++ b/src/kauthaction.h
@@ -298,6 +298,8 @@ public:
      * This method sets the variant map that the application
      * can use to pass arbitrary data to the helper when executing the action.
      *
 +     * Only non-gui variants are supported.
 +     *
      * @param arguments The new arguments map
      */
     void setArguments(const QVariantMap &arguments);
 -- 
 2.17.2
--- a/kf5-kauth.spec
+++ b/kf5-kauth.spec
@ -2,7 +2,7 @@
 Name:           kf5-%{framework}
 Version: 5.54.0
-Release: 2%{?dist}
+Release: 1%{?dist}
 Summary:        KDE Frameworks 5 Tier 2 integration module to perform actions as privileged user
 License:        LGPLv2+
@ -17,9 +17,6 @@ URL:            https://cgit.kde.org/%{framework}.git
 %endif
 Source0:        http://download.kde.org/%{stable}/frameworks/%{majmin}/%{framework}-%{version}.tar.xz
 ## upstream patches
 Patch3: 0003-Remove-support-for-passing-gui-QVariants-to-KAuth-he.patch
 BuildRequires:  extra-cmake-modules >= %{majmin}
 BuildRequires:  kf5-kcoreaddons-devel >= %{majmin}
 BuildRequires:  kf5-rpm-macros
@ -81,9 +78,6 @@ make install/fast DESTDIR=%{buildroot} -C %{_target_platform}
 %changelog
 * Sat Feb 09 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.54.0-2
 - (branch) Remove support for passing gui QVariants to KAuth helpers
 * Tue Jan 08 2019 Rex Dieter <rdieter@fedoraproject.org> - 5.54.0-1
 - 5.54.0