GHSL-2021-074: authentication bypass vulnerability in polkit

initial values returned if error caught
author: Jan Rybar <jrybar@redhat.com> 2021-06-02 15:43:38 +0200
committer: Jan Rybar <jrybar@redhat.com> 2021-06-02 15:54:08 +0200
commit: a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 (patch)
tree: 0d6a0254a2d090630661612ba87fd9b3ff791544 /src
parent: cd18b017a57b1fbed0542d4f9719f979a98d3f35 (diff)
download: polkit-a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81.tar.gz
1 files changed, 3 insertions, 0 deletions
diff --git a/src/polkit/polkitsystembusname.c b/src/polkit/polkitsystembusname.c
index 8daa12c..8ed1363 100644
--- a/src/polkit/polkitsystembusname.c
+++ b/src/polkit/polkitsystembusname.c
@@ -435,6 +435,9 @@ polkit_system_bus_name_get_creds_sync (PolkitSystemBusName           *system_bus
   while (!((data.retrieved_uid && data.retrieved_pid) || data.caught_error))
     g_main_context_iteration (tmp_context, TRUE);
 
+  if (data.caught_error)
+    goto out;
+
   if (out_uid)
     *out_uid = data.uid;
   if (out_pid)
author	Jan Rybar <jrybar@redhat.com>	2021-06-02 15:43:38 +0200
committer	Jan Rybar <jrybar@redhat.com>	2021-06-02 15:54:08 +0200
commit	a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81 (patch)
tree	0d6a0254a2d090630661612ba87fd9b3ff791544 /src
parent	cd18b017a57b1fbed0542d4f9719f979a98d3f35 (diff)
download	polkit-a04d13affe0fa53ff618e07aa8f57f4c0e3b9b81.tar.gz