diff --git a/0002-applet-application-Fix-use-after-free.patch b/0002-applet-application-Fix-use-after-free.patch new file mode 100644 index 0000000..f68ec6f --- /dev/null +++ b/0002-applet-application-Fix-use-after-free.patch @@ -0,0 +1,38 @@ +From cf78b299371995cbd7607a536f4b1469c09b40cf Mon Sep 17 00:00:00 2001 +From: Ernestas Kulik +Date: Sat, 12 Jan 2019 10:50:24 +0100 +Subject: [PATCH] applet: application: Fix use after free +MIME-Version: 1.0 +Content-Type: text/plain; charset=UTF-8 +Content-Transfer-Encoding: 8bit + +dirlist_name is erroneously freed before it’s used to create a +directory. + +Fixes https://bugzilla.redhat.com/show_bug.cgi?id=1665521 + +Signed-off-by: Ernestas Kulik +--- + src/applet/abrt-applet-application.c | 4 ++-- + 1 file changed, 2 insertions(+), 2 deletions(-) + +diff --git a/src/applet/abrt-applet-application.c b/src/applet/abrt-applet-application.c +index 6e7ac00a..4b1d9a3c 100644 +--- a/src/applet/abrt-applet-application.c ++++ b/src/applet/abrt-applet-application.c +@@ -296,10 +296,10 @@ new_dir_exists (GList **new_dirs) + cachedir = g_get_user_cache_dir (); + dirlist_name = concat_path_file (cachedir, "abrt"); + +- g_free (dirlist_name); +- + g_mkdir_with_parents (dirlist_name, 0777); + ++ g_free (dirlist_name); ++ + dirlist_name = concat_path_file (cachedir, "abrt/applet_dirlist"); + fp = fopen (dirlist_name, "r+"); + if (fp == NULL) +-- +2.20.1 + diff --git a/abrt.spec b/abrt.spec index a029a6f..357763f 100644 --- a/abrt.spec +++ b/abrt.spec @@ -60,6 +60,7 @@ Source: https://github.com/abrt/%{name}/archive/%{version}/%{name}-%{version}.ta # With new glib it is not possible to build in rawhide # https://github.com/abrt/abrt/commit/21bdee7 Patch0: 0001-dbus-task-Use-modern-GLib-type-macros.patch +Patch1: 0002-applet-application-Fix-use-after-free.patch BuildRequires: %{dbus_devel} BuildRequires: hostname BuildRequires: gtk3-devel