Security hole in initramdisk script #1
Comments
shr-project
added a commit
that referenced
this issue
Apr 8, 2018
* fixes:
WARNING: libhybris-1_0.1.0+gitrAUTOINC+3cda04985d-r1 do_patch:
Some of the context lines in patches were ignored. This can lead to
incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch 0001-hooks.c-Fix-build-with-glibc-2.26.patch
patching file hybris/common/hooks.c
Hunk #1 succeeded at 65 (offset 1 line).
Hunk #2 succeeded at 2460 with fuzz 1 (offset 34 lines).
Now at patch 0001-hooks.c-Fix-build-with-glibc-2.26.patch
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Apr 8, 2018
* fixes:
WARNING: libhybris-1_0.1.0+gitrAUTOINC+3cda04985d-r1 do_patch:
Some of the context lines in patches were ignored. This can lead to
incorrectly applied patches.
The context lines in the patches can be updated with devtool:
devtool modify <recipe>
devtool finish --force-patch-refresh <recipe> <layer_path>
Then the updated patches and the source tree (in devtool's workspace)
should be reviewed to make sure the patches apply in the correct place
and don't introduce duplicate lines (which can, and does happen
when some of the context is ignored). Further information:
http://lists.openembedded.org/pipermail/openembedded-core/2018-March/148675.html
https://bugzilla.yoctoproject.org/show_bug.cgi?id=10450
Details:
Applying patch 0001-hooks.c-Fix-build-with-glibc-2.26.patch
patching file hybris/common/hooks.c
Hunk #1 succeeded at 65 (offset 1 line).
Hunk #2 succeeded at 2460 with fuzz 1 (offset 34 lines).
Now at patch 0001-hooks.c-Fix-build-with-glibc-2.26.patch
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
May 22, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
May 29, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
May 29, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
May 30, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Jun 2, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Jun 3, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Jun 3, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Nov 8, 2019
* from github.com/shr-distribution/linux.git with both patches already applied on top of postmarketos-linux-qcom branch * fixes: ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: Fuzz detected: Applying patch 0002-Add-ramconsole.patch patching file drivers/android/Kconfig Hunk #1 succeeded at 8 with fuzz 1. patching file drivers/android/Makefile Hunk #1 succeeded at 2 with fuzz 1 (offset -1 lines). patching file drivers/android/persistent_ram.c patching file drivers/android/persistent_ram.h patching file drivers/android/ram_console.c patching file drivers/android/ram_console.h The context lines in the patches can be updated with devtool: devtool modify linux-lg-hammerhead devtool finish --force-patch-refresh linux-lg-hammerhead <layer_path> Don't forget to review changes done by devtool! ERROR: linux-lg-hammerhead-4.17+gitrAUTOINC+e9fc9b4e4a-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
shr-project
added a commit
that referenced
this issue
Apr 7, 2021
…ction.patch to apply on v247 version * fixes: ERROR: systemd-1_247.4-r0 do_patch: Fuzz detected: Applying patch 0001-systemd-hostnamed-disable-network-protection.patch patching file units/systemd-hostnamed.service.in Hunk #1 succeeded at 23 with fuzz 2 (offset 2 lines). Hunk #2 succeeded at 34 (offset 3 lines). The context lines in the patches can be updated with devtool: devtool modify systemd devtool finish --force-patch-refresh systemd <layer_path> Don't forget to review changes done by devtool! ERROR: systemd-1_247.4-r0 do_patch: QA Issue: Patch log indicates that patches do not apply cleanly. [patch-fuzz] Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
Hi,
I'm using meta-smartphone for one of my projects and when reading the initramdisk script I noticed this line. It basicaly means that if a user adds an innocent script to the sdcard (he probably has rw rights on it), it will be executed with full root rights on the next boot.
I think we can agree on the fact that it's not desirable and we should find a workaround.
The text was updated successfully, but these errors were encountered: