Fix a bug where Avahi does not verify the source of netlink messages

(Closes #69)
Update NEWS/configure for 0.6.15

git-svn-id: file:///home/lennart/svn/public/avahi/trunk@1331 941a03a8-eaeb-0310-b9a0-b1bbd8fe43fe

diff --git a/avahi-core/netlink.c b/avahi-core/netlink.c
index b2a6684c60445fd93356a6ec789c47863990cbdf..893295dd741bc8ab4c321bc8dceef8cbe7cfe97d 100644 (file)
--- a/avahi-core/netlink.c
+++ b/avahi-core/netlink.c
@@ -62,6 +62,12 @@ int avahi_netlink_work(AvahiNetlink *nl, int block) {
 
     p = (struct nlmsghdr *) nl->buffer;
     
+    /* Check that this message originated from the kernel,
+       or a request from avahi itself, and not another process */
+    if ((p->nlmsg_pid != 0) && (p->nlmsg_pid != getpid())) {
+        return -1;
+    }
+
     assert(nl->callback);
     
     for (; bytes > 0; p = NLMSG_NEXT(p, bytes)) {

diff --git a/configure.ac b/configure.ac
index 0acb7dc88b70db01de9f409810c4ea497c28bbe9..fe26066a689393868cab07f1aed28208c3934c5a 100644 (file)
--- a/configure.ac
+++ b/configure.ac
@@ -21,7 +21,7 @@
 # USA.
 
 AC_PREREQ(2.57)
-AC_INIT([avahi],[0.6.14],[avahi (at) lists (dot) freedesktop (dot) org])
+AC_INIT([avahi],[0.6.15],[avahi (at) lists (dot) freedesktop (dot) org])
 AC_CONFIG_SRCDIR([avahi-core/server.c])
 AC_CONFIG_HEADERS([config.h])
 AM_INIT_AUTOMAKE([foreign 1.9 -Wall])

diff --git a/docs/NEWS b/docs/NEWS
index 212d157c03e7226aaaaf6639947ef02b7aac9061..f6d04c629233eccb386bf90ac4ca95c1bec3f786 100644 (file)
--- a/docs/NEWS
+++ b/docs/NEWS
@@ -1,3 +1,15 @@
+Avahi 0.6.15
+============
+
+This is a bugfix release, this bug is potentially security sensitive
+
+ * Check that netlink messages actually originate from the kernel
+   and not another process.
+ * Fix build on NetBSD (thanks to Daniel S. Haischt)
+ * Fix dbus_service_browser not setting AVAHI_LOOKUP_RESULT_OUR_OWN.
+
+This release is backwards compatible with Avahi 0.6.x with x < 15.
+
 Avahi 0.6.14
 ============