diff options
Diffstat (limited to 'debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch')
-rw-r--r-- | debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch | 26 |
1 files changed, 26 insertions, 0 deletions
diff --git a/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch b/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch new file mode 100644 index 000000000..b49030904 --- /dev/null +++ b/debian/patches/CVE-2022-3650_2_ceph-crash_fix_stderr_handling.patch @@ -0,0 +1,26 @@ +Description: CVE-2022-3650: ceph-crash: fix stderr handling + Popen.communicate() returns a tuple (stdout, stderr), and stderr + will be of type bytes, hence the need to decode it before checking + if it's an empty string or not. +Author: Tim Serong <tserong@suse.com> +Date: Wed, 2 Nov 2022 14:23:20 +1100 +Bug: a77b47eeeb5770eeefcf4619ab2105ee7a6a003e +Signed-off-by: Tim Serong <tserong@suse.com> +Bug-Debian: https://bugs.debian.org/1024932 +Origin: upstream, https://github.com/ceph/ceph/commit/45915540559126a652f8d9d105723584cfc63439 +Last-Update: 2022-11-28 + +diff --git a/src/ceph-crash.in b/src/ceph-crash.in +index 0fffd59a96df5..e2a7be59da701 100755 +--- a/src/ceph-crash.in ++++ b/src/ceph-crash.in +@@ -50,7 +50,8 @@ def post_crash(path): + stderr=subprocess.PIPE, + ) + f = open(os.path.join(path, 'meta'), 'rb') +- stderr = pr.communicate(input=f.read()) ++ (_, stderr) = pr.communicate(input=f.read()) ++ stderr = stderr.decode() + rc = pr.wait() + f.close() + if rc != 0 or stderr != "": |