Bug 1311648

Summary: polkit is not BE safe and won't work on PPC64
Product: Red Hat Enterprise Linux 7 Reporter: Richard Hughes <rhughes>
Component: polkitAssignee: Polkit Maintainers <polkit-devel>
Status: CLOSED WONTFIX QA Contact: qe-baseos-daemons
Severity: unspecified Docs Contact:
Priority: unspecified    
Version: 7.2CC: fsumsal, mclasen, rhughes
Target Milestone: rc   
Target Release: ---   
Hardware: ppc64   
OS: Linux   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2020-12-15 07:40:19 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Richard Hughes 2016-02-24 16:42:20 UTC
Description of problem:

src/polkitagent/polkitagenttextlistener.c is not big endian safe and *probably* hang when trying to get authentication on the console (e.g. over ssh). See the fix here: https://bugzilla.redhat.com/show_bug.cgi?id=1255079#c10

I copied the original PackageKit code from PolicyKit and I'm in the middle of the PackageKit fix so we figured we should let you know :)

Comment 2 Miloslav Trmač 2016-02-24 17:10:51 UTC
Thanks for your report.  What exactly is the affected code in polkit?

Looking at polkit-0.96 (RHEL 6), 0.112 (RHEL 7), 0.113 (Fedora), none of them use
> g_string_append_len (str, (const gchar *) &c, 1);

The most directly corresponding code (with a getc() loop) uses g_string_append_c(), and looking at git history, it has been doing so from the first version of that code.

Comment 4 Richard Hughes 2020-01-06 14:12:48 UTC
The full diagnostic is https://bugzilla.redhat.com/show_bug.cgi?id=1255079#c10 -- the fix is trivial to copy and here: https://github.com/hughsie/PackageKit/commit/710a9445777793e49160587882860cbb7b43e311

Comment 6 RHEL Program Management 2020-12-15 07:40:19 UTC
After evaluating this issue, there are no plans to address it further or fix it in an upcoming release.  Therefore, it is being closed.  If plans change such that this issue will be fixed in an upcoming release, then the bug can be reopened.