[gdm/gnome-3-30] GdmManager: Don't perform timed login if session gets started

[Ray Strode <halfline src gnome org>]

commit dd45295425c5a843c30aa8797b02d59ff488acb8
Author: Iain Lane <iainl gnome org>
Date:   Mon Feb 4 15:12:38 2019 +0000

    GdmManager: Don't perform timed login if session gets started
    
    At the moment it's possible for the login screen to initiate
    a timed login operation shortly after a user successfully starts
    their session.
    
    GDM won't complete the timed login operation, since a session is
    already running, but will erroneously overwrite the username
    associated with the session, misattributing the users session
    to the timed login user.
    
    Later, attempts to log in as the timed user will instead unlock the
    session for the other user, since that session is now associated
    with the timed login user.
    
    This commit refuses timed login requests on sessions that are
    already running, so the username doesn't get corrupted.
    
    CVE-2019-3825
    
    Closes https://gitlab.gnome.org/GNOME/gdm/issues/460

 daemon/gdm-manager.c | 8 ++++++++
 1 file changed, 8 insertions(+)
---
diff --git a/daemon/gdm-manager.c b/daemon/gdm-manager.c
index 1e571955..b8619fbb 100644
--- a/daemon/gdm-manager.c
+++ b/daemon/gdm-manager.c
@@ -2079,6 +2079,14 @@ on_session_client_connected (GdmSession      *session,
 
         g_debug ("GdmManager: client with pid %d connected", (int) pid_of_client);
 
+        if (gdm_session_is_running (session)) {
+                const char *session_username;
+                session_username = gdm_session_get_username (session);
+                g_debug ("GdmManager: ignoring connection, since session already running (for user %s)",
+                         session_username);
+                return;
+        }
+
         display = get_display_for_user_session (session);
 
         if (display == NULL) {