Skip to content

[Backport release-21.11] nixos/wrappers: require argc to be at least one#173287

Closed
github-actions[bot] wants to merge 2 commits intorelease-21.11from
backport-156822-to-release-21.11
Closed

[Backport release-21.11] nixos/wrappers: require argc to be at least one#173287
github-actions[bot] wants to merge 2 commits intorelease-21.11from
backport-156822-to-release-21.11

Conversation

@github-actions
Copy link
Contributor

@github-actions github-actions bot commented May 16, 2022

Bot-based backport to release-21.11, triggered by a label in #156822.

  • Before merging, ensure that this backport complies with the Criteria for Backporting.
    • Even as a non-commiter, if you find that it does not comply, leave a comment.

sugar700 added 2 commits May 16, 2022 16:57
@sugar700 @github-actions
nixos/wrappers: create a new assert macro that always asserts
1cf7a63 
C's assert macro only works when NDEBUG is undefined. Previously
NDEBUG was undefined incorrectly which meant that the assert
macros in wrapper.c did not work.

(cherry picked from commit 1009d6e)
@sugar700 @github-actions
nixos/wrappers: require argc to be at least one
6a894d3 
setuid applications were exploited in the past with an empty
argv, such as pkexec using CVE-2021-4034.

(cherry picked from commit 2a6a3d2)
@github-actions github-actions bot requested a review from jonringer as a code owner May 16, 2022 16:57
@github-actions github-actions bot requested a review from Mic92 May 16, 2022 16:57
@github-actions github-actions bot mentioned this pull request May 16, 2022
Merged
13 tasks
@ofborg ofborg bot added 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux. labels May 16, 2022
@lheckemann lheckemann added the 1.severity: security Issues which raise a security issue, or PRs that fix one label May 17, 2022
@mweinelt
Copy link
Member

mweinelt commented Jul 1, 2022

Unfortunately NixOS 21.11 has reached its end-of-life status on 2022-07-01, one month after the release of NixOS 22.05.

Since we do not accept any changes to its branches anymore, I'm closing this pull request.

@mweinelt mweinelt closed this Jul 1, 2022
@mweinelt mweinelt deleted the backport-156822-to-release-21.11 branch July 1, 2022 21:48
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@jonringer jonringer Awaiting requested review from jonringer

@Mic92 Mic92 Awaiting requested review from Mic92

Assignees

No one assigned

Labels

1.severity: security Issues which raise a security issue, or PRs that fix one 10.rebuild-darwin: 0 This PR does not cause any packages to rebuild on Darwin. 10.rebuild-linux: 1-10 This PR causes between 1 and 10 packages to rebuild on Linux.

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

3 participants

@mweinelt @lheckemann @sugar700