display: Exit with failure if loading existing users fails

Given not having users may make GDM to launch initial setup, that allows to create new users (potentially with sudo capabilities), it's better to make look_for_existing_users() to return its status and only if it didn't fail continue the gdm execution. GHSL-2020-202 CVE-2020-16125 Fixes #642 (cherry picked from commit dc8235128c3a1fcd5da8f30ab6839d413d353f28)
author: Marco Trevisan (Treviño) <mail@3v1n0.net> 2020-10-27 14:14:27 +0000
committer: Ray Strode <halfline@gmail.com> 2020-11-03 18:30:13 +0000
commit: e08852be74db77a1ca13e279715e02e756bbfbf6 (patch)
tree: 2813409c19f4dec35a7c2d8a5d76f7c490d34cbc
parent: 0766824ec5398dac34d3b22835e8ce5a383826ba (diff)
download: gdm-e08852be74db77a1ca13e279715e02e756bbfbf6.tar.gz
1 files changed, 7 insertions, 4 deletions
diff --git a/daemon/gdm-display.c b/daemon/gdm-display.c
index d1d24956..687e7da4 100644
--- a/daemon/gdm-display.c
+++ b/daemon/gdm-display.c
@@ -510,7 +510,7 @@ gdm_display_real_prepare (GdmDisplay *self)
         return TRUE;
 }
 
-static void
+static gboolean
 look_for_existing_users_sync (GdmDisplay *self)
 {
         GdmDisplayPrivate *priv;
@@ -528,7 +528,7 @@ look_for_existing_users_sync (GdmDisplay *self)
                                                              &error);
 
         if (!priv->accountsservice_proxy) {
-                g_warning ("Failed to contact accountsservice: %s", error->message);
+                g_critical ("Failed to contact accountsservice: %s", error->message);
                 goto out;
         }
 
@@ -541,7 +541,7 @@ look_for_existing_users_sync (GdmDisplay *self)
                                               &error);
 
         if (!call_result) {
-                g_warning ("Failed to list cached users: %s", error->message);
+                g_critical ("Failed to list cached users: %s", error->message);
                 goto out;
         }
 
@@ -551,6 +551,7 @@ look_for_existing_users_sync (GdmDisplay *self)
         g_variant_unref (call_result);
 out:
         g_clear_error (&error);
+        return priv->accountsservice_proxy != NULL && call_result != NULL;
 }
 
 gboolean
@@ -568,7 +569,9 @@ gdm_display_prepare (GdmDisplay *self)
         /* FIXME: we should probably do this in a more global place,
          * asynchronously
          */
-        look_for_existing_users_sync (self);
+        if (!look_for_existing_users_sync (self)) {
+                exit (EXIT_FAILURE);
+        }
 
         priv->doing_initial_setup = wants_initial_setup (self);
author	Marco Trevisan (Treviño) <mail@3v1n0.net>	2020-10-27 14:14:27 +0000
committer	Ray Strode <halfline@gmail.com>	2020-11-03 18:30:13 +0000
commit	e08852be74db77a1ca13e279715e02e756bbfbf6 (patch)
tree	2813409c19f4dec35a7c2d8a5d76f7c490d34cbc
parent	0766824ec5398dac34d3b22835e8ce5a383826ba (diff)
download	gdm-e08852be74db77a1ca13e279715e02e756bbfbf6.tar.gz