Skip to content

Commit

Permalink
Add missing authorization checking in Helper::flushPageCache()
Browse files Browse the repository at this point in the history
  • Loading branch information
@JonMagon
JonMagon committed Sep 4, 2022
1 parent 5931633 commit 3c90083
Showing 1 changed file with 4 additions and 0 deletions.
4 changes: 4 additions & 0 deletions src/helper.cpp
View file
Original file line number Diff line number Diff line change
Expand Up @@ -190,6 +190,10 @@ void Helper::startBenchmarkTest(int measuringTime, int fileSize, int randomReadP

QVariantMap Helper::flushPageCache()
{
if (!isCallerAuthorized()) {
return {};
}

QVariantMap reply;
reply[QStringLiteral("success")] = true;

Expand Down

3 comments on commit 3c90083

@RoestVrijStaal
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Turns out 2.x.x is unaffected by the CVE, because 2.x.x does not use Polkit nor D-Bus at all?

@JonMagon
Copy link
Owner Author

@JonMagon JonMagon commented on 3c90083 Oct 5, 2023 via email

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@RoestVrijStaal
Copy link

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

@JonMagon Thank you for confirming that 👍🏻

Please # to comment.