Toshaan Bharvani
5 months ago
commit
e87f5acd46
26 changed files with 3894 additions and 0 deletions
@ -0,0 +1,14 @@
@@ -0,0 +1,14 @@
|
||||
diff -up patch-2.7.6/lib/vasnprintf.c.me patch-2.7.6/lib/vasnprintf.c |
||||
--- patch-2.7.6/lib/vasnprintf.c.me 2018-11-26 14:02:03.401718842 +0100 |
||||
+++ patch-2.7.6/lib/vasnprintf.c 2018-11-26 14:03:02.923913446 +0100 |
||||
@@ -860,7 +860,9 @@ convert_to_decimal (mpn_t a, size_t extr |
||||
size_t a_len = a.nlimbs; |
||||
/* 0.03345 is slightly larger than log(2)/(9*log(10)). */ |
||||
size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1); |
||||
- char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes)); |
||||
+ /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the |
||||
+ digits of a, followed by 1 byte for the terminating NUL. */ |
||||
+ char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1)); |
||||
if (c_ptr != NULL) |
||||
{ |
||||
char *d_ptr = c_ptr; |
@ -0,0 +1,25 @@
@@ -0,0 +1,25 @@
|
||||
commit 9c986353e420ead6e706262bf204d6e03322c300 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Aug 17 13:35:40 2018 +0200 |
||||
|
||||
Fix swapping fake lines in pch_swap |
||||
|
||||
* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a |
||||
blank line in the middle of a context-diff hunk: that empty line stays |
||||
in the middle of the hunk and isn't swapped. |
||||
|
||||
Fixes: https://savannah.gnu.org/bugs/index.php?53133 |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index e92bc64..a500ad9 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2122,7 +2122,7 @@ pch_swap (void) |
||||
} |
||||
if (p_efake >= 0) { /* fix non-freeable ptr range */ |
||||
if (p_efake <= i) |
||||
- n = p_end - i + 1; |
||||
+ n = p_end - p_ptrn_lines; |
||||
else |
||||
n = -i; |
||||
p_efake += n; |
@ -0,0 +1,102 @@
@@ -0,0 +1,102 @@
|
||||
commit dce4683cbbe107a95f1f0d45fabc304acfb5d71a |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Mon Jul 15 16:21:48 2019 +0200 |
||||
|
||||
Don't follow symlinks unless --follow-symlinks is given |
||||
|
||||
* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file, |
||||
append_to_file): Unless the --follow-symlinks option is given, open files with |
||||
the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing |
||||
that consistently for input files. |
||||
* src/util.c (create_backup): When creating empty backup files, (re)create them |
||||
with O_CREAT | O_EXCL to avoid following symlinks in that case as well. |
||||
|
||||
diff --git a/src/inp.c b/src/inp.c |
||||
index 32d0919..22d7473 100644 |
||||
--- a/src/inp.c |
||||
+++ b/src/inp.c |
||||
@@ -238,8 +238,13 @@ plan_a (char const *filename) |
||||
{ |
||||
if (S_ISREG (instat.st_mode)) |
||||
{ |
||||
- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0); |
||||
+ int flags = O_RDONLY | binary_transput; |
||||
size_t buffered = 0, n; |
||||
+ int ifd; |
||||
+ |
||||
+ if (! follow_symlinks) |
||||
+ flags |= O_NOFOLLOW; |
||||
+ ifd = safe_open (filename, flags, 0); |
||||
if (ifd < 0) |
||||
pfatal ("can't open file %s", quotearg (filename)); |
||||
|
||||
@@ -340,6 +345,7 @@ plan_a (char const *filename) |
||||
static void |
||||
plan_b (char const *filename) |
||||
{ |
||||
+ int flags = O_RDONLY | binary_transput; |
||||
int ifd; |
||||
FILE *ifp; |
||||
int c; |
||||
@@ -353,7 +359,9 @@ plan_b (char const *filename) |
||||
|
||||
if (instat.st_size == 0) |
||||
filename = NULL_DEVICE; |
||||
- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0 |
||||
+ if (! follow_symlinks) |
||||
+ flags |= O_NOFOLLOW; |
||||
+ if ((ifd = safe_open (filename, flags, 0)) < 0 |
||||
|| ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r"))) |
||||
pfatal ("Can't open file %s", quotearg (filename)); |
||||
if (TMPINNAME_needs_removal) |
||||
diff --git a/src/util.c b/src/util.c |
||||
index 1cc08ba..fb38307 100644 |
||||
--- a/src/util.c |
||||
+++ b/src/util.c |
||||
@@ -388,7 +388,7 @@ create_backup (char const *to, const struct stat *to_st, bool leave_original) |
||||
|
||||
try_makedirs_errno = ENOENT; |
||||
safe_unlink (bakname); |
||||
- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0) |
||||
+ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0) |
||||
{ |
||||
if (errno != try_makedirs_errno) |
||||
pfatal ("Can't create file %s", quotearg (bakname)); |
||||
@@ -579,10 +579,13 @@ create_file (char const *file, int open_flags, mode_t mode, |
||||
static void |
||||
copy_to_fd (const char *from, int tofd) |
||||
{ |
||||
+ int from_flags = O_RDONLY | O_BINARY; |
||||
int fromfd; |
||||
ssize_t i; |
||||
|
||||
- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0) |
||||
+ if (! follow_symlinks) |
||||
+ from_flags |= O_NOFOLLOW; |
||||
+ if ((fromfd = safe_open (from, from_flags, 0)) < 0) |
||||
pfatal ("Can't reopen file %s", quotearg (from)); |
||||
while ((i = read (fromfd, buf, bufsize)) != 0) |
||||
{ |
||||
@@ -625,6 +628,8 @@ copy_file (char const *from, char const *to, struct stat *tost, |
||||
else |
||||
{ |
||||
assert (S_ISREG (mode)); |
||||
+ if (! follow_symlinks) |
||||
+ to_flags |= O_NOFOLLOW; |
||||
tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode, |
||||
to_dir_known_to_exist); |
||||
copy_to_fd (from, tofd); |
||||
@@ -640,9 +645,12 @@ copy_file (char const *from, char const *to, struct stat *tost, |
||||
void |
||||
append_to_file (char const *from, char const *to) |
||||
{ |
||||
+ int to_flags = O_WRONLY | O_APPEND | O_BINARY; |
||||
int tofd; |
||||
|
||||
- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0) |
||||
+ if (! follow_symlinks) |
||||
+ to_flags |= O_NOFOLLOW; |
||||
+ if ((tofd = safe_open (to, to_flags, 0)) < 0) |
||||
pfatal ("Can't reopen file %s", quotearg (to)); |
||||
copy_to_fd (from, tofd); |
||||
if (close (tofd) != 0) |
@ -0,0 +1,33 @@
@@ -0,0 +1,33 @@
|
||||
commit 3fcd042d26d70856e826a42b5f93dc4854d80bf0 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Apr 6 19:36:15 2018 +0200 |
||||
|
||||
Invoke ed directly instead of using the shell |
||||
|
||||
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell |
||||
command to avoid quoting vulnerabilities. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 4fd5a05..16e001a 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname, |
||||
*outname_needs_removal = true; |
||||
copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
} |
||||
- sprintf (buf, "%s %s%s", editor_program, |
||||
- verbosity == VERBOSE ? "" : "- ", |
||||
- outname); |
||||
fflush (stdout); |
||||
|
||||
pid = fork(); |
||||
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname, |
||||
else if (pid == 0) |
||||
{ |
||||
dup2 (tmpfd, 0); |
||||
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0); |
||||
+ assert (outname[0] != '!' && outname[0] != '-'); |
||||
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL); |
||||
_exit (2); |
||||
} |
||||
else |
@ -0,0 +1,46 @@
@@ -0,0 +1,46 @@
|
||||
commit b7b028a77bd855f6f56b17c8837fc1cca77b469d |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Jun 28 00:30:25 2019 +0200 |
||||
|
||||
Abort when cleaning up fails |
||||
|
||||
When a fatal error triggers during cleanup, another attempt will be made to |
||||
clean up, which will likely lead to the same fatal error. So instead, bail out |
||||
when that happens. |
||||
src/patch.c (cleanup): Bail out when called recursively. |
||||
(main): There is no need to call output_files() before cleanup() as cleanup() |
||||
already does that. |
||||
|
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 4616a48..02fd982 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -685,7 +685,6 @@ main (int argc, char **argv) |
||||
} |
||||
if (outstate.ofp && (ferror (outstate.ofp) || fclose (outstate.ofp) != 0)) |
||||
write_fatal (); |
||||
- output_files (NULL); |
||||
cleanup (); |
||||
delete_files (); |
||||
if (somefailed) |
||||
@@ -1991,7 +1990,6 @@ void |
||||
fatal_exit (int sig) |
||||
{ |
||||
cleanup (); |
||||
- |
||||
if (sig) |
||||
exit_with_signal (sig); |
||||
|
||||
@@ -2011,6 +2009,12 @@ remove_if_needed (char const *name, bool *needs_removal) |
||||
static void |
||||
cleanup (void) |
||||
{ |
||||
+ static bool already_cleaning_up; |
||||
+ |
||||
+ if (already_cleaning_up) |
||||
+ return; |
||||
+ already_cleaning_up = true; |
||||
+ |
||||
remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal); |
||||
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); |
||||
remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal); |
@ -0,0 +1,28 @@
@@ -0,0 +1,28 @@
|
||||
commit b5a91a01e5d0897facdd0f49d64b76b0f02b43e1 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Apr 6 11:34:51 2018 +0200 |
||||
|
||||
Allow input files to be missing for ed-style patches |
||||
|
||||
* src/pch.c (do_ed_script): Allow input files to be missing so that new |
||||
files will be created as with non-ed-style patches. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index bc6278c..0c5cc26 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char const *outname, |
||||
|
||||
if (! dry_run && ! skip_rest_of_patch) { |
||||
int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
- assert (! inerrno); |
||||
- *outname_needs_removal = true; |
||||
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
+ if (inerrno != ENOENT) |
||||
+ { |
||||
+ *outname_needs_removal = true; |
||||
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
+ } |
||||
sprintf (buf, "%s %s%s", editor_program, |
||||
verbosity == VERBOSE ? "" : "- ", |
||||
outname); |
@ -0,0 +1,21 @@
@@ -0,0 +1,21 @@
|
||||
commit 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Mon Jul 15 19:10:02 2019 +0200 |
||||
|
||||
Avoid invalid memory access in context format diffs |
||||
|
||||
* src/pch.c (another_hunk): Avoid invalid memory access in context format |
||||
diffs. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index a500ad9..cb54e03 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev) |
||||
ptrn_prefix_context = context; |
||||
ptrn_suffix_context = context; |
||||
if (repl_beginning |
||||
+ || p_end <= 0 |
||||
|| (p_end |
||||
!= p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n'))) |
||||
{ |
@ -0,0 +1,24 @@
@@ -0,0 +1,24 @@
|
||||
commit 3bbebbb29f6fbbf2988b9f2e75695b7c0b1f1c9b |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Wed Feb 7 12:01:22 2018 +0100 |
||||
|
||||
Avoid set_file_attributes sign conversion warnings |
||||
|
||||
* src/util.c (set_file_attributes): Avoid sign conversion warnings when |
||||
assigning -1 to uid_t / gid_t. |
||||
|
||||
diff --git a/src/util.c b/src/util.c |
||||
index b1c7266..1cc08ba 100644 |
||||
--- a/src/util.c |
||||
+++ b/src/util.c |
||||
@@ -256,8 +256,8 @@ set_file_attributes (char const *to, enum file_attributes attr, |
||||
} |
||||
if (attr & FA_IDS) |
||||
{ |
||||
- static uid_t euid = -1; |
||||
- static gid_t egid = -1; |
||||
+ static uid_t euid = (uid_t)-1; |
||||
+ static gid_t egid = (gid_t)-1; |
||||
uid_t uid; |
||||
uid_t gid; |
||||
|
@ -0,0 +1,85 @@
@@ -0,0 +1,85 @@
|
||||
commit ae81be0024ea4eaf139b7ba57e9a8ce9e4a163ec |
||||
Author: Jim Meyering <jim@meyering.net> |
||||
Date: Fri Apr 6 17:17:11 2018 -0700 |
||||
|
||||
maint: avoid warnings from GCC8 |
||||
|
||||
Hi Andreas, |
||||
|
||||
I configured with --enable-gcc-warnings and bleeding-edge gcc |
||||
(version 8.0.1 20180406) and hit some warning-escalated-to-errors. |
||||
This fixes them: |
||||
|
||||
>From a71ddb200dbe7ac0f9258796b5a51979b2740e88 Mon Sep 17 00:00:00 2001 |
||||
From: Jim Meyering <meyering@fb.com> |
||||
Date: Fri, 6 Apr 2018 16:47:00 -0700 |
||||
Subject: [PATCH] maint: avoid warnings from GCC8 |
||||
|
||||
* src/common.h (FALLTHROUGH): Define. |
||||
* src/patch.c (abort_hunk_context): Use FALLTHROUGH macro in place of |
||||
a comment. This avoids a warning from -Wimplicit-fallthrough=. |
||||
* src/pch.c (do_ed_script): Add otherwise unnecessary initialization |
||||
to avoid warning from -Wmaybe-uninitialized. |
||||
(another_hunk): Use FALLTHROUGH macro here, too, twice. |
||||
|
||||
diff --git a/src/common.h b/src/common.h |
||||
index ec50b40..904a3f8 100644 |
||||
--- a/src/common.h |
||||
+++ b/src/common.h |
||||
@@ -218,3 +218,11 @@ bool merge_hunk (int hunk, struct outstate *, lin where, bool *); |
||||
#else |
||||
# define merge_hunk(hunk, outstate, where, somefailed) false |
||||
#endif |
||||
+ |
||||
+#ifndef FALLTHROUGH |
||||
+# if __GNUC__ < 7 |
||||
+# define FALLTHROUGH ((void) 0) |
||||
+# else |
||||
+# define FALLTHROUGH __attribute__ ((__fallthrough__)) |
||||
+# endif |
||||
+#endif |
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 0fe6d72..1ae91d9 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -1381,7 +1381,7 @@ abort_hunk_context (bool header, bool reverse) |
||||
break; |
||||
case ' ': case '-': case '+': case '!': |
||||
fprintf (rejfp, "%c ", pch_char (i)); |
||||
- /* fall into */ |
||||
+ FALLTHROUGH; |
||||
case '\n': |
||||
pch_write_line (i, rejfp); |
||||
break; |
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 1055542..cda3dfa 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -1735,7 +1735,7 @@ another_hunk (enum diff difftype, bool rev) |
||||
break; |
||||
case '=': |
||||
ch = ' '; |
||||
- /* FALL THROUGH */ |
||||
+ FALLTHROUGH; |
||||
case ' ': |
||||
if (fillsrc > p_ptrn_lines) { |
||||
free(s); |
||||
@@ -1756,7 +1756,7 @@ another_hunk (enum diff difftype, bool rev) |
||||
p_end = fillsrc-1; |
||||
return -1; |
||||
} |
||||
- /* FALL THROUGH */ |
||||
+ FALLTHROUGH; |
||||
case '+': |
||||
if (filldst > p_end) { |
||||
free(s); |
||||
@@ -2394,8 +2394,7 @@ do_ed_script (char const *inname, char const *outname, |
||||
size_t chars_read; |
||||
FILE *tmpfp = 0; |
||||
char const *tmpname; |
||||
- int tmpfd; |
||||
- pid_t pid; |
||||
+ int tmpfd = -1; /* placate gcc's -Wmaybe-uninitialized */ |
||||
int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
char const **ed_argv; |
||||
int stdin_dup, status; |
@ -0,0 +1,75 @@
@@ -0,0 +1,75 @@
|
||||
commit 1e9104c18019e7dc6b5590aea4b1d4f9d8ecfd56 |
||||
Author: Bruno Haible <bruno@clisp.org> |
||||
Date: Sat Apr 7 12:21:04 2018 +0200 |
||||
|
||||
Fix check of return value of fwrite(). |
||||
|
||||
* src/patch.c (copy_till): Consider incomplete fwrite() write as an error. |
||||
* src/pch.c (pch_write_line, do_ed_script): Likewise. |
||||
|
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 1ae91d9..3fcaec5 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -2,7 +2,7 @@ |
||||
|
||||
/* Copyright (C) 1984, 1985, 1986, 1987, 1988 Larry Wall |
||||
|
||||
- Copyright (C) 1989-1993, 1997-1999, 2002-2003, 2006, 2009-2012 Free Software |
||||
+ Copyright (C) 1989-1993, 1997-1999, 2002-2003, 2006, 2009-2018 Free Software |
||||
Foundation, Inc. |
||||
|
||||
This program is free software: you can redistribute it and/or modify |
||||
@@ -1641,7 +1641,7 @@ copy_till (struct outstate *outstate, lin lastline) |
||||
if (size) |
||||
{ |
||||
if ((! outstate->after_newline && putc ('\n', fp) == EOF) |
||||
- || ! fwrite (s, sizeof *s, size, fp)) |
||||
+ || fwrite (s, sizeof *s, size, fp) < size) |
||||
write_fatal (); |
||||
outstate->after_newline = s[size - 1] == '\n'; |
||||
outstate->zero_output = false; |
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index cda3dfa..79a3c99 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2279,8 +2279,11 @@ pfetch (lin line) |
||||
bool |
||||
pch_write_line (lin line, FILE *file) |
||||
{ |
||||
- bool after_newline = (p_len[line] > 0) && (p_line[line][p_len[line] - 1] == '\n'); |
||||
- if (! fwrite (p_line[line], sizeof (*p_line[line]), p_len[line], file)) |
||||
+ bool after_newline = |
||||
+ (p_len[line] > 0) && (p_line[line][p_len[line] - 1] == '\n'); |
||||
+ |
||||
+ if (fwrite (p_line[line], sizeof (*p_line[line]), p_len[line], file) |
||||
+ < p_len[line]) |
||||
write_fatal (); |
||||
return after_newline; |
||||
} |
||||
@@ -2427,13 +2430,14 @@ do_ed_script (char const *inname, char const *outname, |
||||
ed_command_letter = get_ed_command_letter (buf); |
||||
if (ed_command_letter) { |
||||
if (tmpfp) |
||||
- if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) |
||||
+ if (fwrite (buf, sizeof *buf, chars_read, tmpfp) < chars_read) |
||||
write_fatal (); |
||||
if (ed_command_letter != 'd' && ed_command_letter != 's') { |
||||
p_pass_comments_through = true; |
||||
while ((chars_read = get_line ()) != 0) { |
||||
if (tmpfp) |
||||
- if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) |
||||
+ if (fwrite (buf, sizeof *buf, chars_read, tmpfp) |
||||
+ < chars_read) |
||||
write_fatal (); |
||||
if (chars_read == 2 && strEQ (buf, ".\n")) |
||||
break; |
||||
@@ -2448,7 +2452,7 @@ do_ed_script (char const *inname, char const *outname, |
||||
} |
||||
if (dry_run || skip_rest_of_patch) |
||||
return; |
||||
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 |
||||
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) < (size_t) 4 |
||||
|| fflush (tmpfp) != 0) |
||||
write_fatal (); |
||||
|
@ -0,0 +1,91 @@
@@ -0,0 +1,91 @@
|
||||
commit 2a32bf09f5e9572da4be183bb0dbde8164351474 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Apr 6 20:32:46 2018 +0200 |
||||
|
||||
Minor cleanups in do_ed_script |
||||
|
||||
* src/pch.c (do_ed_script): Minor cleanups. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 1f14624..1055542 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2396,6 +2396,10 @@ do_ed_script (char const *inname, char const *outname, |
||||
char const *tmpname; |
||||
int tmpfd; |
||||
pid_t pid; |
||||
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
+ char const **ed_argv; |
||||
+ int stdin_dup, status; |
||||
+ |
||||
|
||||
if (! dry_run && ! skip_rest_of_patch) |
||||
{ |
||||
@@ -2443,7 +2447,7 @@ do_ed_script (char const *inname, char const *outname, |
||||
break; |
||||
} |
||||
} |
||||
- if (!tmpfp) |
||||
+ if (dry_run || skip_rest_of_patch) |
||||
return; |
||||
if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 |
||||
|| fflush (tmpfp) != 0) |
||||
@@ -2452,36 +2456,29 @@ do_ed_script (char const *inname, char const *outname, |
||||
if (lseek (tmpfd, 0, SEEK_SET) == -1) |
||||
pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); |
||||
|
||||
- if (! dry_run && ! skip_rest_of_patch) { |
||||
- int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
- char const **ed_argv; |
||||
- int stdin_dup, status; |
||||
- |
||||
+ if (inerrno != ENOENT) |
||||
+ { |
||||
*outname_needs_removal = true; |
||||
- if (inerrno != ENOENT) |
||||
- { |
||||
- *outname_needs_removal = true; |
||||
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
- } |
||||
- fflush (stdout); |
||||
- |
||||
- if ((stdin_dup = dup (0)) == -1 |
||||
- || dup2 (tmpfd, 0) == -1) |
||||
- pfatal ("Failed to duplicate standard input"); |
||||
- assert (outname[0] != '!' && outname[0] != '-'); |
||||
- ed_argv = alloca (4 * sizeof * ed_argv); |
||||
- ed_argv[0] = editor_program; |
||||
- ed_argv[1] = "-"; |
||||
- ed_argv[2] = outname; |
||||
- ed_argv[3] = (char *) NULL; |
||||
- status = execute (editor_program, editor_program, (char **)ed_argv, |
||||
- false, false, false, false, true, false, NULL); |
||||
- if (status) |
||||
- fatal ("%s FAILED", editor_program); |
||||
- if (dup2 (stdin_dup, 0) == -1 |
||||
- || close (stdin_dup) == -1) |
||||
- pfatal ("Failed to duplicate standard input"); |
||||
- } |
||||
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
+ } |
||||
+ fflush (stdout); |
||||
+ |
||||
+ if ((stdin_dup = dup (0)) == -1 |
||||
+ || dup2 (tmpfd, 0) == -1) |
||||
+ pfatal ("Failed to duplicate standard input"); |
||||
+ assert (outname[0] != '!' && outname[0] != '-'); |
||||
+ ed_argv = alloca (4 * sizeof * ed_argv); |
||||
+ ed_argv[0] = editor_program; |
||||
+ ed_argv[1] = "-"; |
||||
+ ed_argv[2] = outname; |
||||
+ ed_argv[3] = (char *) NULL; |
||||
+ status = execute (editor_program, editor_program, (char **)ed_argv, |
||||
+ false, false, false, false, true, false, NULL); |
||||
+ if (status) |
||||
+ fatal ("%s FAILED", editor_program); |
||||
+ if (dup2 (stdin_dup, 0) == -1 |
||||
+ || close (stdin_dup) == -1) |
||||
+ pfatal ("Failed to duplicate standard input"); |
||||
|
||||
fclose (tmpfp); |
||||
safe_unlink (tmpname); |
@ -0,0 +1,84 @@
@@ -0,0 +1,84 @@
|
||||
commit 61d7788b83b302207a67b82786f4fd79e3538f30 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Thu Jun 27 11:10:43 2019 +0200 |
||||
|
||||
Don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY |
||||
|
||||
* src/safe.c (min_cached_fds): Define minimum number of cached dir file |
||||
descriptors. |
||||
(max_cached_fds): Change type to rlim_t to allow storing RLIM_INFINITY. |
||||
(init_dirfd_cache): Set max_cached_fds to RLIM_INFINITY when RLIMIT_NOFILE is |
||||
RLIM_INFINITY. Set the initial hash table size to min_cached_fds, independent |
||||
of RLIMIT_NOFILE: patches commonly only affect one or a few files, so a small |
||||
hash table will usually suffice; if needed, the hash table will grow. |
||||
(insert_cached_dirfd): Don't shrink the cache when max_cached_fds is |
||||
RLIM_INFINITY. |
||||
|
||||
diff --git a/src/safe.c b/src/safe.c |
||||
index 5a7202f..f147b0e 100644 |
||||
--- a/src/safe.c |
||||
+++ b/src/safe.c |
||||
@@ -67,7 +67,8 @@ struct cached_dirfd { |
||||
}; |
||||
|
||||
static Hash_table *cached_dirfds = NULL; |
||||
-static size_t max_cached_fds; |
||||
+static rlim_t min_cached_fds = 8; |
||||
+static rlim_t max_cached_fds; |
||||
LIST_HEAD (lru_list); |
||||
|
||||
static size_t hash_cached_dirfd (const void *entry, size_t table_size) |
||||
@@ -98,11 +99,17 @@ static void init_dirfd_cache (void) |
||||
{ |
||||
struct rlimit nofile; |
||||
|
||||
- max_cached_fds = 8; |
||||
if (getrlimit (RLIMIT_NOFILE, &nofile) == 0) |
||||
- max_cached_fds = MAX (nofile.rlim_cur / 4, max_cached_fds); |
||||
+ { |
||||
+ if (nofile.rlim_cur == RLIM_INFINITY) |
||||
+ max_cached_fds = RLIM_INFINITY; |
||||
+ else |
||||
+ max_cached_fds = MAX (nofile.rlim_cur / 4, min_cached_fds); |
||||
+ } |
||||
+ else |
||||
+ max_cached_fds = min_cached_fds; |
||||
|
||||
- cached_dirfds = hash_initialize (max_cached_fds, |
||||
+ cached_dirfds = hash_initialize (min_cached_fds, |
||||
NULL, |
||||
hash_cached_dirfd, |
||||
compare_cached_dirfds, |
||||
@@ -148,20 +155,23 @@ static void insert_cached_dirfd (struct cached_dirfd *entry, int keepfd) |
||||
if (cached_dirfds == NULL) |
||||
init_dirfd_cache (); |
||||
|
||||
- /* Trim off the least recently used entries */ |
||||
- while (hash_get_n_entries (cached_dirfds) >= max_cached_fds) |
||||
+ if (max_cached_fds != RLIM_INFINITY) |
||||
{ |
||||
- struct cached_dirfd *last = |
||||
- list_entry (lru_list.prev, struct cached_dirfd, lru_link); |
||||
- if (&last->lru_link == &lru_list) |
||||
- break; |
||||
- if (last->fd == keepfd) |
||||
+ /* Trim off the least recently used entries */ |
||||
+ while (hash_get_n_entries (cached_dirfds) >= max_cached_fds) |
||||
{ |
||||
- last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link); |
||||
+ struct cached_dirfd *last = |
||||
+ list_entry (lru_list.prev, struct cached_dirfd, lru_link); |
||||
if (&last->lru_link == &lru_list) |
||||
break; |
||||
+ if (last->fd == keepfd) |
||||
+ { |
||||
+ last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link); |
||||
+ if (&last->lru_link == &lru_list) |
||||
+ break; |
||||
+ } |
||||
+ remove_cached_dirfd (last); |
||||
} |
||||
- remove_cached_dirfd (last); |
||||
} |
||||
|
||||
/* Only insert if the parent still exists. */ |
@ -0,0 +1,95 @@
@@ -0,0 +1,95 @@
|
||||
commit 19599883ffb6a450d2884f081f8ecf68edbed7ee |
||||
Author: Jean Delvare <jdelvare@suse.de> |
||||
Date: Thu May 3 14:31:55 2018 +0200 |
||||
|
||||
Don't leak temporary file on failed ed-style patch |
||||
|
||||
Now that we write ed-style patches to a temporary file before we |
||||
apply them, we need to ensure that the temporary file is removed |
||||
before we leave, even on fatal error. |
||||
|
||||
* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local |
||||
tmpname. Don't unlink the file directly, instead tag it for removal |
||||
at exit time. |
||||
* src/patch.c (cleanup): Unlink TMPEDNAME at exit. |
||||
|
||||
This closes bug #53820: |
||||
https://savannah.gnu.org/bugs/index.php?53820 |
||||
|
||||
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)") |
||||
|
||||
diff --git a/src/common.h b/src/common.h |
||||
index 904a3f8..53c5e32 100644 |
||||
--- a/src/common.h |
||||
+++ b/src/common.h |
||||
@@ -94,10 +94,12 @@ XTERN char const *origsuff; |
||||
XTERN char const * TMPINNAME; |
||||
XTERN char const * TMPOUTNAME; |
||||
XTERN char const * TMPPATNAME; |
||||
+XTERN char const * TMPEDNAME; |
||||
|
||||
XTERN bool TMPINNAME_needs_removal; |
||||
XTERN bool TMPOUTNAME_needs_removal; |
||||
XTERN bool TMPPATNAME_needs_removal; |
||||
+XTERN bool TMPEDNAME_needs_removal; |
||||
|
||||
#ifdef DEBUGGING |
||||
XTERN int debug; |
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 3fcaec5..9146597 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -1999,6 +1999,7 @@ cleanup (void) |
||||
remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal); |
||||
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); |
||||
remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal); |
||||
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal); |
||||
remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal); |
||||
output_files (NULL); |
||||
} |
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 79a3c99..1bb3153 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -2396,7 +2396,6 @@ do_ed_script (char const *inname, char const *outname, |
||||
file_offset beginning_of_this_line; |
||||
size_t chars_read; |
||||
FILE *tmpfp = 0; |
||||
- char const *tmpname; |
||||
int tmpfd = -1; /* placate gcc's -Wmaybe-uninitialized */ |
||||
int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
char const **ed_argv; |
||||
@@ -2411,12 +2410,13 @@ do_ed_script (char const *inname, char const *outname, |
||||
invalid commands and treats the next line as a new command, which |
||||
can lead to arbitrary command execution. */ |
||||
|
||||
- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); |
||||
+ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0); |
||||
if (tmpfd == -1) |
||||
- pfatal ("Can't create temporary file %s", quotearg (tmpname)); |
||||
+ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME)); |
||||
+ TMPEDNAME_needs_removal = true; |
||||
tmpfp = fdopen (tmpfd, "w+b"); |
||||
if (! tmpfp) |
||||
- pfatal ("Can't open stream for file %s", quotearg (tmpname)); |
||||
+ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME)); |
||||
} |
||||
|
||||
for (;;) { |
||||
@@ -2457,7 +2457,7 @@ do_ed_script (char const *inname, char const *outname, |
||||
write_fatal (); |
||||
|
||||
if (lseek (tmpfd, 0, SEEK_SET) == -1) |
||||
- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); |
||||
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME)); |
||||
|
||||
if (inerrno != ENOENT) |
||||
{ |
||||
@@ -2484,7 +2484,6 @@ do_ed_script (char const *inname, char const *outname, |
||||
pfatal ("Failed to duplicate standard input"); |
||||
|
||||
fclose (tmpfp); |
||||
- safe_unlink (tmpname); |
||||
|
||||
if (ofp) |
||||
{ |
@ -0,0 +1,71 @@
@@ -0,0 +1,71 @@
|
||||
commit 369dcccdfa6336e5a873d6d63705cfbe04c55727 |
||||
Author: Jean Delvare <jdelvare@suse.de> |
||||
Date: Mon May 7 15:14:45 2018 +0200 |
||||
|
||||
Don't leak temporary file on failed multi-file ed-style patch |
||||
|
||||
The previous fix worked fine with single-file ed-style patches, but |
||||
would still leak temporary files in the case of multi-file ed-style |
||||
patch. Fix that case as well, and extend the test case to check for |
||||
it. |
||||
|
||||
* src/patch.c (main): Unlink TMPEDNAME if needed before moving to |
||||
the next file in a patch. |
||||
|
||||
This closes bug #53820: |
||||
https://savannah.gnu.org/bugs/index.php?53820 |
||||
|
||||
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)") |
||||
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch") |
||||
|
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 9146597..81c7a02 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -236,6 +236,7 @@ main (int argc, char **argv) |
||||
} |
||||
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); |
||||
} |
||||
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal); |
||||
|
||||
if (! skip_rest_of_patch && ! file_type) |
||||
{ |
||||
diff --git a/tests/ed-style b/tests/ed-style |
||||
index 6b6ef9d..504e6e5 100644 |
||||
--- a/tests/ed-style |
||||
+++ b/tests/ed-style |
||||
@@ -38,3 +38,34 @@ EOF |
||||
check 'cat foo' <<EOF |
||||
foo |
||||
EOF |
||||
+ |
||||
+# Test the case where one ed-style patch modifies several files |
||||
+ |
||||
+cat > ed3.diff <<EOF |
||||
+--- foo |
||||
++++ foo |
||||
+1c |
||||
+bar |
||||
+. |
||||
+--- baz |
||||
++++ baz |
||||
+0a |
||||
+baz |
||||
+. |
||||
+EOF |
||||
+ |
||||
+# Apparently we can't create a file with such a patch, while it works fine |
||||
+# when the file name is provided on the command line |
||||
+cat > baz <<EOF |
||||
+EOF |
||||
+ |
||||
+check 'patch -e -i ed3.diff' <<EOF |
||||
+EOF |
||||
+ |
||||
+check 'cat foo' <<EOF |
||||
+bar |
||||
+EOF |
||||
+ |
||||
+check 'cat baz' <<EOF |
||||
+baz |
||||
+EOF |
@ -0,0 +1,29 @@
@@ -0,0 +1,29 @@
|
||||
commit 76e775847f4954b63dc72afe34d9d921c6688b31 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Tue Jul 16 01:16:28 2019 +0200 |
||||
|
||||
Fix failed assertion 'outstate->after_newline' |
||||
|
||||
The assertion triggers when the -o FILE option is used, more than one output |
||||
file is written into FILE, and one of those files (except the last one) ends in |
||||
the middle of a line. |
||||
* src/patch.c (main): Fix the case described above. |
||||
|
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 02fd982..3794319 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -369,6 +369,13 @@ main (int argc, char **argv) |
||||
/* outstate.ofp now owns the file descriptor */ |
||||
outfd = -1; |
||||
} |
||||
+ else |
||||
+ { |
||||
+ /* When writing to a single output file (-o FILE), always pretend |
||||
+ that the output file ends in a newline. Otherwise, when another |
||||
+ file is written to the same output file, apply_hunk will fail. */ |
||||
+ outstate.after_newline = true; |
||||
+ } |
||||
|
||||
/* find out where all the lines are */ |
||||
if (!skip_rest_of_patch) { |
@ -0,0 +1,22 @@
@@ -0,0 +1,22 @@
|
||||
commit 458ac51a05426c1af9aa6bf1342ecf60728c19b4 |
||||
Author: Bruno Haible <bruno@clisp.org> |
||||
Date: Sat Apr 7 12:34:03 2018 +0200 |
||||
|
||||
Fix 'ed-style' test failure. |
||||
|
||||
* tests/ed-style: Remove '?' line from expected output. |
||||
|
||||
diff --git a/tests/ed-style b/tests/ed-style |
||||
index d8c0689..6b6ef9d 100644 |
||||
--- a/tests/ed-style |
||||
+++ b/tests/ed-style |
||||
@@ -31,8 +31,7 @@ r !echo bar |
||||
,p |
||||
EOF |
||||
|
||||
-check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF |
||||
-? |
||||
+check 'patch -e foo -i ed2.diff > /dev/null 2> /dev/null || echo "Status: $?"' <<EOF |
||||
Status: 2 |
||||
EOF |
||||
|
@ -0,0 +1,21 @@
@@ -0,0 +1,21 @@
|
||||
commit 074e2395f81d0ecaa66b71a6c228c70b49db72e5 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Wed Feb 7 17:05:00 2018 +0100 |
||||
|
||||
Test suite: fix Korn shell incompatibility |
||||
|
||||
tests/merge: In a Korn shell, shift apparently fails when $# is 0. |
||||
|
||||
diff --git a/tests/merge b/tests/merge |
||||
index b628891..e950b92 100644 |
||||
--- a/tests/merge |
||||
+++ b/tests/merge |
||||
@@ -32,7 +32,7 @@ x2() { |
||||
shift |
||||
done > b.sed |
||||
echo "$body" | sed -f b.sed > b |
||||
- shift |
||||
+ test $# -eq 0 || shift |
||||
while test $# -gt 0 ; do |
||||
echo "$1" |
||||
shift |
@ -0,0 +1,24 @@
@@ -0,0 +1,24 @@
|
||||
commit f290f48a621867084884bfff87f8093c15195e6a |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Mon Feb 12 16:48:24 2018 +0100 |
||||
|
||||
Fix segfault with mangled rename patch |
||||
|
||||
http://savannah.gnu.org/bugs/?53132 |
||||
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified |
||||
for renames and copies (fix the existing check). |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index ff9ed2c..bc6278c 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) |
||||
if ((pch_rename () || pch_copy ()) |
||||
&& ! inname |
||||
&& ! ((i == OLD || i == NEW) && |
||||
- p_name[! reverse] && |
||||
+ p_name[reverse] && p_name[! reverse] && |
||||
+ name_is_valid (p_name[reverse]) && |
||||
name_is_valid (p_name[! reverse]))) |
||||
{ |
||||
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy"); |
@ -0,0 +1,48 @@
@@ -0,0 +1,48 @@
|
||||
commit 2b584aec9e5f2806b1eccadcabe7e901fcfa0b0a |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Thu Jun 27 11:02:02 2019 +0200 |
||||
|
||||
Improve support for memory leak detection |
||||
|
||||
When building with the address sanitizer on, free some more resources before |
||||
exiting. (This is unnecessary when not looking for memory leaks.) |
||||
* src/patch.c (init_files_to_delete): Add dispose function for freeing |
||||
filenames. |
||||
|
||||
diff --git a/src/patch.c b/src/patch.c |
||||
index 81c7a02..4616a48 100644 |
||||
--- a/src/patch.c |
||||
+++ b/src/patch.c |
||||
@@ -36,6 +36,10 @@ |
||||
#include <minmax.h> |
||||
#include <safe.h> |
||||
|
||||
+#ifdef __SANITIZE_ADDRESS__ |
||||
+# define FREE_BEFORE_EXIT |
||||
+#endif |
||||
+ |
||||
/* procedures */ |
||||
|
||||
static FILE *create_output_file (char const *, int); |
||||
@@ -1777,10 +1781,20 @@ struct file_to_delete { |
||||
|
||||
static gl_list_t files_to_delete; |
||||
|
||||
+#ifdef FREE_BEFORE_EXIT |
||||
+void dispose_file_to_delete (const void *elt) |
||||
+{ |
||||
+ free ((void *) elt); |
||||
+} |
||||
+#else |
||||
+#define dispose_file_to_delete NULL |
||||
+#endif |
||||
+ |
||||
static void |
||||
init_files_to_delete (void) |
||||
{ |
||||
- files_to_delete = gl_list_create_empty (GL_LINKED_LIST, NULL, NULL, NULL, true); |
||||
+ files_to_delete = gl_list_create_empty (GL_LINKED_LIST, NULL, NULL, |
||||
+ dispose_file_to_delete, true); |
||||
} |
||||
|
||||
static void |
@ -0,0 +1,40 @@
@@ -0,0 +1,40 @@
|
||||
commit ff81775f4eb6ab9a91b75e4031e8216654c0c76a |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Aug 17 10:31:22 2018 +0200 |
||||
|
||||
Make the (debug & 2) output more useful |
||||
|
||||
* src/pch.c (another_hunk): In the (debug & 2) output, fix how empty |
||||
lines that are not part of the patch context are printed. Also, add |
||||
newlines to lines that are missing them to keep the output readable. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 1bb3153..e92bc64 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -1916,8 +1916,13 @@ another_hunk (enum diff difftype, bool rev) |
||||
lin i; |
||||
|
||||
for (i = 0; i <= p_end + 1; i++) { |
||||
- fprintf (stderr, "%s %c", |
||||
- format_linenum (numbuf0, i), |
||||
+ fputs (format_linenum (numbuf0, i), stderr); |
||||
+ if (p_Char[i] == '\n') |
||||
+ { |
||||
+ fputc('\n', stderr); |
||||
+ continue; |
||||
+ } |
||||
+ fprintf (stderr, " %c", |
||||
p_Char[i]); |
||||
if (p_Char[i] == '*') |
||||
fprintf (stderr, " %s,%s\n", |
||||
@@ -1930,7 +1935,8 @@ another_hunk (enum diff difftype, bool rev) |
||||
else if (p_Char[i] != '^') |
||||
{ |
||||
fputs(" |", stderr); |
||||
- pch_write_line (i, stderr); |
||||
+ if (! pch_write_line (i, stderr)) |
||||
+ fputc('\n', stderr); |
||||
} |
||||
else |
||||
fputc('\n', stderr); |
@ -0,0 +1,20 @@
@@ -0,0 +1,20 @@
|
||||
commit a5b442ce01b80a758606ede316f739426a12bc33 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Thu Jun 27 11:09:31 2019 +0200 |
||||
|
||||
Skip "ed" test when the ed utility is not installed |
||||
|
||||
* tests/ed-style: Require ed. |
||||
|
||||
diff --git a/tests/ed-style b/tests/ed-style |
||||
index 504e6e5..9907cb6 100644 |
||||
--- a/tests/ed-style |
||||
+++ b/tests/ed-style |
||||
@@ -7,6 +7,7 @@ |
||||
. $srcdir/test-lib.sh |
||||
|
||||
require cat |
||||
+require ed |
||||
use_local_patch |
||||
use_tmpdir |
||||
|
File diff suppressed because it is too large
Load Diff
@ -0,0 +1,124 @@
@@ -0,0 +1,124 @@
|
||||
commit f6bc5b14bd193859851d15a049bafb1007acd288 |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Wed Feb 7 12:10:41 2018 +0100 |
||||
|
||||
Test suite compatibility fixes |
||||
|
||||
* tests/crlf-handling, tests/git-cleanup, tests/test-lib.sh: Use printf |
||||
instead of echo -e / echo -n for compatibility with systems that don't |
||||
support these echo options. |
||||
* tests/merge: Minor other cleanups. |
||||
|
||||
diff --git a/tests/crlf-handling b/tests/crlf-handling |
||||
index 239149c..c192cac 100644 |
||||
--- a/tests/crlf-handling |
||||
+++ b/tests/crlf-handling |
||||
@@ -14,7 +14,7 @@ use_local_patch |
||||
use_tmpdir |
||||
|
||||
lf2crlf() { |
||||
- while read l; do echo -e "$l\r"; done |
||||
+ while read l; do printf "%s\r\n" "$l"; done |
||||
} |
||||
|
||||
echo 1 > a |
||||
diff --git a/tests/git-cleanup b/tests/git-cleanup |
||||
index 2e3e4c6..ca527a1 100644 |
||||
--- a/tests/git-cleanup |
||||
+++ b/tests/git-cleanup |
||||
@@ -36,8 +36,8 @@ BAD PATCH |
||||
EOF |
||||
|
||||
echo 1 > f |
||||
-echo -n '' > g |
||||
-echo -n '' > h |
||||
+printf '' > g |
||||
+printf '' > h |
||||
|
||||
check 'patch -f -i 1.diff || echo status: $?' <<EOF |
||||
patching file f |
||||
diff --git a/tests/merge b/tests/merge |
||||
index 22d787b..b628891 100644 |
||||
--- a/tests/merge |
||||
+++ b/tests/merge |
||||
@@ -30,30 +30,28 @@ x2() { |
||||
while test $# -gt 0 && test "$1" != -- ; do |
||||
echo "$1" |
||||
shift |
||||
- done > a.sed |
||||
- echo "$body" | sed -f a.sed > b |
||||
+ done > b.sed |
||||
+ echo "$body" | sed -f b.sed > b |
||||
shift |
||||
while test $# -gt 0 ; do |
||||
echo "$1" |
||||
shift |
||||
- done > b.sed |
||||
- echo "$body" | sed -f b.sed > c |
||||
- rm -f a.sed b.sed |
||||
+ done > c.sed |
||||
+ echo "$body" | sed -f c.sed > c |
||||
+ rm -f b.sed c.sed |
||||
output=`diff -u a b | patch $ARGS -f c` |
||||
status=$? |
||||
echo "$output" | sed -e '/^$/d' -e '/^patching file c$/d' |
||||
cat c |
||||
- test $status == 0 || echo "Status: $status" |
||||
+ test $status = 0 || echo "Status: $status" |
||||
} |
||||
|
||||
x() { |
||||
- ARGS="$ARGS --merge" x2 "$@" |
||||
+ ARGS="--merge" x2 "$@" |
||||
echo |
||||
- ARGS="$ARGS --merge=diff3" x2 "$@" |
||||
+ ARGS="--merge=diff3" x2 "$@" |
||||
} |
||||
|
||||
-unset ARGS |
||||
- |
||||
# ============================================================== |
||||
|
||||
check 'x 3' <<EOF |
||||
diff --git a/tests/test-lib.sh b/tests/test-lib.sh |
||||
index be0d7e3..661da52 100644 |
||||
--- a/tests/test-lib.sh |
||||
+++ b/tests/test-lib.sh |
||||
@@ -41,7 +41,7 @@ use_local_patch() { |
||||
|
||||
eval 'patch() { |
||||
if test -n "$GDB" ; then |
||||
- echo -e "\n" >&3 |
||||
+ printf "\n\n" >&3 |
||||
gdbserver localhost:53153 $PATCH "$@" 2>&3 |
||||
else |
||||
$PATCH "$@" |
||||
@@ -113,22 +113,15 @@ cleanup() { |
||||
exit $status |
||||
} |
||||
|
||||
-if test -z "`echo -n`"; then |
||||
- if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then |
||||
- eval ' |
||||
- _start_test() { |
||||
- echo -n "[${BASH_LINENO[2]}] $* -- " |
||||
- }' |
||||
- else |
||||
- eval ' |
||||
- _start_test() { |
||||
- echo -n "* $* -- " |
||||
- }' |
||||
- fi |
||||
+if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then |
||||
+ eval ' |
||||
+ _start_test() { |
||||
+ printf "[${BASH_LINENO[2]}] %s -- " "$*" |
||||
+ }' |
||||
else |
||||
eval ' |
||||
_start_test() { |
||||
- echo "* $*" |
||||
+ printf "* %s -- " "$*" |
||||
}' |
||||
fi |
||||
|
@ -0,0 +1,202 @@
@@ -0,0 +1,202 @@
|
||||
commit 123eaff0d5d1aebe128295959435b9ca5909c26d |
||||
Author: Andreas Gruenbacher <agruen@gnu.org> |
||||
Date: Fri Apr 6 12:14:49 2018 +0200 |
||||
|
||||
Fix arbitrary command execution in ed-style patches (CVE-2018-1000156) |
||||
|
||||
* src/pch.c (do_ed_script): Write ed script to a temporary file instead |
||||
of piping it to ed: this will cause ed to abort on invalid commands |
||||
instead of rejecting them and carrying on. |
||||
* tests/ed-style: New test case. |
||||
* tests/Makefile.am (TESTS): Add test case. |
||||
|
||||
diff --git a/src/pch.c b/src/pch.c |
||||
index 0c5cc26..4fd5a05 100644 |
||||
--- a/src/pch.c |
||||
+++ b/src/pch.c |
||||
@@ -33,6 +33,7 @@ |
||||
# include <io.h> |
||||
#endif |
||||
#include <safe.h> |
||||
+#include <sys/wait.h> |
||||
|
||||
#define INITHUNKMAX 125 /* initial dynamic allocation size */ |
||||
|
||||
@@ -2389,24 +2390,28 @@ do_ed_script (char const *inname, char const *outname, |
||||
static char const editor_program[] = EDITOR_PROGRAM; |
||||
|
||||
file_offset beginning_of_this_line; |
||||
- FILE *pipefp = 0; |
||||
size_t chars_read; |
||||
+ FILE *tmpfp = 0; |
||||
+ char const *tmpname; |
||||
+ int tmpfd; |
||||
+ pid_t pid; |
||||
+ |
||||
+ if (! dry_run && ! skip_rest_of_patch) |
||||
+ { |
||||
+ /* Write ed script to a temporary file. This causes ed to abort on |
||||
+ invalid commands such as when line numbers or ranges exceed the |
||||
+ number of available lines. When ed reads from a pipe, it rejects |
||||
+ invalid commands and treats the next line as a new command, which |
||||
+ can lead to arbitrary command execution. */ |
||||
+ |
||||
+ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); |
||||
+ if (tmpfd == -1) |
||||
+ pfatal ("Can't create temporary file %s", quotearg (tmpname)); |
||||
+ tmpfp = fdopen (tmpfd, "w+b"); |
||||
+ if (! tmpfp) |
||||
+ pfatal ("Can't open stream for file %s", quotearg (tmpname)); |
||||
+ } |
||||
|
||||
- if (! dry_run && ! skip_rest_of_patch) { |
||||
- int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
- if (inerrno != ENOENT) |
||||
- { |
||||
- *outname_needs_removal = true; |
||||
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
- } |
||||
- sprintf (buf, "%s %s%s", editor_program, |
||||
- verbosity == VERBOSE ? "" : "- ", |
||||
- outname); |
||||
- fflush (stdout); |
||||
- pipefp = popen(buf, binary_transput ? "wb" : "w"); |
||||
- if (!pipefp) |
||||
- pfatal ("Can't open pipe to %s", quotearg (buf)); |
||||
- } |
||||
for (;;) { |
||||
char ed_command_letter; |
||||
beginning_of_this_line = file_tell (pfp); |
||||
@@ -2417,14 +2422,14 @@ do_ed_script (char const *inname, char const *outname, |
||||
} |
||||
ed_command_letter = get_ed_command_letter (buf); |
||||
if (ed_command_letter) { |
||||
- if (pipefp) |
||||
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) |
||||
+ if (tmpfp) |
||||
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) |
||||
write_fatal (); |
||||
if (ed_command_letter != 'd' && ed_command_letter != 's') { |
||||
p_pass_comments_through = true; |
||||
while ((chars_read = get_line ()) != 0) { |
||||
- if (pipefp) |
||||
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) |
||||
+ if (tmpfp) |
||||
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) |
||||
write_fatal (); |
||||
if (chars_read == 2 && strEQ (buf, ".\n")) |
||||
break; |
||||
@@ -2437,13 +2442,49 @@ do_ed_script (char const *inname, char const *outname, |
||||
break; |
||||
} |
||||
} |
||||
- if (!pipefp) |
||||
+ if (!tmpfp) |
||||
return; |
||||
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0 |
||||
- || fflush (pipefp) != 0) |
||||
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 |
||||
+ || fflush (tmpfp) != 0) |
||||
write_fatal (); |
||||
- if (pclose (pipefp) != 0) |
||||
- fatal ("%s FAILED", editor_program); |
||||
+ |
||||
+ if (lseek (tmpfd, 0, SEEK_SET) == -1) |
||||
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); |
||||
+ |
||||
+ if (! dry_run && ! skip_rest_of_patch) { |
||||
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL; |
||||
+ *outname_needs_removal = true; |
||||
+ if (inerrno != ENOENT) |
||||
+ { |
||||
+ *outname_needs_removal = true; |
||||
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); |
||||
+ } |
||||
+ sprintf (buf, "%s %s%s", editor_program, |
||||
+ verbosity == VERBOSE ? "" : "- ", |
||||
+ outname); |
||||
+ fflush (stdout); |
||||
+ |
||||
+ pid = fork(); |
||||
+ if (pid == -1) |
||||
+ pfatal ("Can't fork"); |
||||
+ else if (pid == 0) |
||||
+ { |
||||
+ dup2 (tmpfd, 0); |
||||
+ execl ("/bin/sh", "sh", "-c", buf, (char *) 0); |
||||
+ _exit (2); |
||||
+ } |
||||
+ else |
||||
+ { |
||||
+ int wstatus; |
||||
+ if (waitpid (pid, &wstatus, 0) == -1 |
||||
+ || ! WIFEXITED (wstatus) |
||||
+ || WEXITSTATUS (wstatus) != 0) |
||||
+ fatal ("%s FAILED", editor_program); |
||||
+ } |
||||
+ } |
||||
+ |
||||
+ fclose (tmpfp); |
||||
+ safe_unlink (tmpname); |
||||
|
||||
if (ofp) |
||||
{ |
||||
diff --git a/tests/Makefile.am b/tests/Makefile.am |
||||
index 6b6df63..16f8693 100644 |
||||
--- a/tests/Makefile.am |
||||
+++ b/tests/Makefile.am |
||||
@@ -32,6 +32,7 @@ TESTS = \ |
||||
crlf-handling \ |
||||
dash-o-append \ |
||||
deep-directories \ |
||||
+ ed-style \ |
||||
empty-files \ |
||||
false-match \ |
||||
fifo \ |
||||
diff --git a/tests/ed-style b/tests/ed-style |
||||
new file mode 100644 |
||||
index 0000000..d8c0689 |
||||
--- /dev/null |
||||
+++ b/tests/ed-style |
||||
@@ -0,0 +1,41 @@ |
||||
+# Copyright (C) 2018 Free Software Foundation, Inc. |
||||
+# |
||||
+# Copying and distribution of this file, with or without modification, |
||||
+# in any medium, are permitted without royalty provided the copyright |
||||
+# notice and this notice are preserved. |
||||
+ |
||||
+. $srcdir/test-lib.sh |
||||
+ |
||||
+require cat |
||||
+use_local_patch |
||||
+use_tmpdir |
||||
+ |
||||
+# ============================================================== |
||||
+ |
||||
+cat > ed1.diff <<EOF |
||||
+0a |
||||
+foo |
||||
+. |
||||
+EOF |
||||
+ |
||||
+check 'patch -e foo -i ed1.diff' <<EOF |
||||
+EOF |
||||
+ |
||||
+check 'cat foo' <<EOF |
||||
+foo |
||||
+EOF |
||||
+ |
||||
+cat > ed2.diff <<EOF |
||||
+1337a |
||||
+r !echo bar |
||||
+,p |
||||
+EOF |
||||
+ |
||||
+check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF |
||||
+? |
||||
+Status: 2 |
||||
+EOF |
||||
+ |
||||
+check 'cat foo' <<EOF |
||||
+foo |
||||
+EOF |
@ -0,0 +1,326 @@
@@ -0,0 +1,326 @@
|
||||
diff -up patch-2.7.6/src/common.h.selinux patch-2.7.6/src/common.h |
||||
--- patch-2.7.6/src/common.h.selinux 2018-02-03 12:41:49.000000000 +0000 |
||||
+++ patch-2.7.6/src/common.h 2018-02-12 12:29:44.415225377 +0000 |
||||
@@ -30,6 +30,8 @@ |
||||
#include <sys/types.h> |
||||
#include <time.h> |
||||
|
||||
+#include <selinux/selinux.h> |
||||
+ |
||||
#include <sys/stat.h> |
||||
|
||||
#include <limits.h> |
||||
@@ -84,6 +86,7 @@ XTERN char *outfile; |
||||
XTERN int inerrno; |
||||
XTERN int invc; |
||||
XTERN struct stat instat; |
||||
+XTERN security_context_t incontext; |
||||
XTERN bool dry_run; |
||||
XTERN bool posixly_correct; |
||||
|
||||
diff -up patch-2.7.6/src/inp.c.selinux patch-2.7.6/src/inp.c |
||||
--- patch-2.7.6/src/inp.c.selinux 2017-09-04 12:34:16.000000000 +0100 |
||||
+++ patch-2.7.6/src/inp.c 2018-02-12 12:29:44.415225377 +0000 |
||||
@@ -145,7 +145,7 @@ get_input_file (char const *filename, ch |
||||
char *getbuf; |
||||
|
||||
if (inerrno == -1) |
||||
- inerrno = stat_file (filename, &instat); |
||||
+ inerrno = stat_file (filename, &instat, &incontext); |
||||
|
||||
/* Perhaps look for RCS or SCCS versions. */ |
||||
if (S_ISREG (file_type) |
||||
@@ -190,7 +190,7 @@ get_input_file (char const *filename, ch |
||||
} |
||||
|
||||
if (cs && version_get (filename, cs, ! inerrno, elsewhere, getbuf, |
||||
- &instat)) |
||||
+ &instat, &incontext)) |
||||
inerrno = 0; |
||||
|
||||
free (getbuf); |
||||
@@ -201,6 +201,7 @@ get_input_file (char const *filename, ch |
||||
{ |
||||
instat.st_mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH; |
||||
instat.st_size = 0; |
||||
+ incontext = NULL; |
||||
} |
||||
else if (! ((S_ISREG (file_type) || S_ISLNK (file_type)) |
||||
&& (file_type & S_IFMT) == (instat.st_mode & S_IFMT))) |
||||
diff -up patch-2.7.6/src/Makefile.am.selinux patch-2.7.6/src/Makefile.am |
||||
--- patch-2.7.6/src/Makefile.am.selinux 2017-09-04 12:34:16.000000000 +0100 |
||||
+++ patch-2.7.6/src/Makefile.am 2018-02-12 12:29:44.415225377 +0000 |
||||
@@ -37,7 +37,7 @@ patch_SOURCES = \ |
||||
|
||||
AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib |
||||
patch_LDADD = $(LDADD) $(top_builddir)/lib/libpatch.a $(LIB_CLOCK_GETTIME) \ |
||||
- $(LIB_XATTR) $(LIB_EACCESS) |
||||
+ $(LIB_XATTR) $(LIB_EACCESS) -lselinux |
||||
|
||||
if ENABLE_MERGE |
||||
patch_SOURCES += merge.c |
||||
diff -up patch-2.7.6/src/Makefile.in.selinux patch-2.7.6/src/Makefile.in |
||||
--- patch-2.7.6/src/Makefile.in.selinux 2018-02-03 13:33:56.000000000 +0000 |
||||
+++ patch-2.7.6/src/Makefile.in 2018-02-12 12:29:44.415225377 +0000 |
||||
@@ -1147,7 +1147,7 @@ patch_SOURCES = bestmatch.h common.h inp |
||||
AM_CPPFLAGS = -I$(top_builddir)/lib -I$(top_srcdir)/lib \ |
||||
$(am__append_2) |
||||
patch_LDADD = $(LDADD) $(top_builddir)/lib/libpatch.a $(LIB_CLOCK_GETTIME) \ |
||||
- $(LIB_XATTR) $(LIB_EACCESS) |
||||
+ $(LIB_XATTR) $(LIB_EACCESS) -lselinux |
||||
|
||||
all: all-am |
||||
|
||||
diff -up patch-2.7.6/src/patch.c.selinux patch-2.7.6/src/patch.c |
||||
--- patch-2.7.6/src/patch.c.selinux 2018-02-03 12:41:49.000000000 +0000 |
||||
+++ patch-2.7.6/src/patch.c 2018-02-12 12:30:27.315164138 +0000 |
||||
@@ -269,19 +269,19 @@ main (int argc, char **argv) |
||||
if (! strcmp (inname, outname)) |
||||
{ |
||||
if (inerrno == -1) |
||||
- inerrno = stat_file (inname, &instat); |
||||
+ inerrno = stat_file (inname, &instat, NULL); |
||||
outstat = instat; |
||||
outerrno = inerrno; |
||||
} |
||||
else |
||||
- outerrno = stat_file (outname, &outstat); |
||||
+ outerrno = stat_file (outname, &outstat, NULL); |
||||
|
||||
if (! outerrno) |
||||
{ |
||||
if (has_queued_output (&outstat)) |
||||
{ |
||||
output_files (&outstat); |
||||
- outerrno = stat_file (outname, &outstat); |
||||
+ outerrno = stat_file (outname, &outstat, NULL); |
||||
inerrno = -1; |
||||
} |
||||
if (! outerrno) |
||||
@@ -598,7 +598,7 @@ main (int argc, char **argv) |
||||
} |
||||
else |
||||
{ |
||||
- attr |= FA_IDS | FA_MODE | FA_XATTRS; |
||||
+ attr |= FA_IDS | FA_MODE | FA_XATTRS | FA_SECCONTEXT; |
||||
set_file_attributes (TMPOUTNAME, attr, inname, &instat, |
||||
mode, &new_time); |
||||
} |
||||
@@ -658,7 +658,7 @@ main (int argc, char **argv) |
||||
struct stat oldst; |
||||
int olderrno; |
||||
|
||||
- olderrno = stat_file (rej, &oldst); |
||||
+ olderrno = stat_file (rej, &oldst, NULL); |
||||
if (olderrno && olderrno != ENOENT) |
||||
write_fatal (); |
||||
if (! olderrno && lookup_file_id (&oldst) == CREATED) |
||||
@@ -1790,7 +1790,7 @@ delete_file_later (const char *name, con |
||||
|
||||
if (! st) |
||||
{ |
||||
- if (stat_file (name, &st_tmp) != 0) |
||||
+ if (stat_file (name, &st_tmp, NULL) != 0) |
||||
pfatal ("Can't get file attributes of %s %s", "file", name); |
||||
st = &st_tmp; |
||||
} |
||||
diff -up patch-2.7.6/src/pch.c.selinux patch-2.7.6/src/pch.c |
||||
--- patch-2.7.6/src/pch.c.selinux 2018-02-03 12:41:49.000000000 +0000 |
||||
+++ patch-2.7.6/src/pch.c 2018-02-12 12:29:44.416225375 +0000 |
||||
@@ -1,6 +1,6 @@ |
||||
/* reading patches */ |
||||
|
||||
-/* Copyright (C) 1986, 1987, 1988 Larry Wall |
||||
+/* Copyright (C) 1986, 1987, 1988, 2012 Larry Wall |
||||
|
||||
Copyright (C) 1990-1993, 1997-2003, 2006, 2009-2012 Free Software |
||||
Foundation, Inc. |
||||
@@ -296,7 +296,7 @@ there_is_another_patch (bool need_header |
||||
if (t > buf + 1 && *(t - 1) == '\n') |
||||
{ |
||||
inname = xmemdup0 (buf, t - buf - 1); |
||||
- inerrno = stat_file (inname, &instat); |
||||
+ inerrno = stat_file (inname, &instat, &incontext); |
||||
if (inerrno) |
||||
{ |
||||
perror (inname); |
||||
@@ -433,6 +433,7 @@ intuit_diff_type (bool need_header, mode |
||||
bool extended_headers = false; |
||||
enum nametype i; |
||||
struct stat st[3]; |
||||
+ security_context_t con[3]; |
||||
int stat_errno[3]; |
||||
int version_controlled[3]; |
||||
enum diff retval; |
||||
@@ -473,6 +474,7 @@ intuit_diff_type (bool need_header, mode |
||||
version_controlled[OLD] = -1; |
||||
version_controlled[NEW] = -1; |
||||
version_controlled[INDEX] = -1; |
||||
+ con[OLD] = con[NEW] = con[INDEX] = NULL; |
||||
p_rfc934_nesting = 0; |
||||
p_timestamp[OLD].tv_sec = p_timestamp[NEW].tv_sec = -1; |
||||
p_says_nonexistent[OLD] = p_says_nonexistent[NEW] = 0; |
||||
@@ -883,7 +885,7 @@ intuit_diff_type (bool need_header, mode |
||||
} |
||||
else |
||||
{ |
||||
- stat_errno[i] = stat_file (p_name[i], &st[i]); |
||||
+ stat_errno[i] = stat_file (p_name[i], &st[i], &con[i]); |
||||
if (! stat_errno[i]) |
||||
{ |
||||
if (lookup_file_id (&st[i]) == DELETE_LATER) |
||||
@@ -922,7 +924,7 @@ intuit_diff_type (bool need_header, mode |
||||
if (cs) |
||||
{ |
||||
if (version_get (p_name[i], cs, false, readonly, |
||||
- getbuf, &st[i])) |
||||
+ getbuf, &st[i], &con[i])) |
||||
stat_errno[i] = 0; |
||||
else |
||||
version_controlled[i] = 0; |
||||
@@ -985,7 +987,7 @@ intuit_diff_type (bool need_header, mode |
||||
{ |
||||
if (inname) |
||||
{ |
||||
- inerrno = stat_file (inname, &instat); |
||||
+ inerrno = stat_file (inname, &instat, &incontext); |
||||
if (inerrno || (instat.st_mode & S_IFMT) == file_type) |
||||
maybe_reverse (inname, inerrno, inerrno || instat.st_size == 0); |
||||
} |
||||
@@ -998,8 +1000,14 @@ intuit_diff_type (bool need_header, mode |
||||
inerrno = stat_errno[i]; |
||||
invc = version_controlled[i]; |
||||
instat = st[i]; |
||||
+ incontext = con[i]; |
||||
+ con[i] = NULL; |
||||
} |
||||
|
||||
+ for (i = OLD; i <= INDEX; i++) |
||||
+ if (con[i]) |
||||
+ freecon (con[i]); |
||||
+ |
||||
return retval; |
||||
} |
||||
|
||||
diff -up patch-2.7.6/src/util.c.selinux patch-2.7.6/src/util.c |
||||
--- patch-2.7.6/src/util.c.selinux 2018-02-03 12:41:49.000000000 +0000 |
||||
+++ patch-2.7.6/src/util.c 2018-02-12 12:29:44.417225374 +0000 |
||||
@@ -300,6 +300,23 @@ set_file_attributes (char const *to, enu |
||||
S_ISLNK (mode) ? "symbolic link" : "file", |
||||
quotearg (to)); |
||||
} |
||||
+ if (attr & FA_SECCONTEXT) |
||||
+ { |
||||
+ security_context_t outcontext; |
||||
+ if (incontext && getfilecon (to, &outcontext) != -1 && outcontext) |
||||
+ { |
||||
+ if (strcmp (outcontext, incontext) && |
||||
+ setfilecon (to, incontext) != 0) |
||||
+ { |
||||
+ freecon (outcontext); |
||||
+ if (errno != ENOTSUP && errno != EPERM) |
||||
+ pfatal ("Can't set security context on file %s", |
||||
+ quotearg (to)); |
||||
+ } |
||||
+ else |
||||
+ freecon (outcontext); |
||||
+ } |
||||
+ } |
||||
} |
||||
|
||||
static void |
||||
@@ -446,7 +463,7 @@ move_file (char const *from, bool *from_ |
||||
struct stat to_st; |
||||
int to_errno; |
||||
|
||||
- to_errno = stat_file (to, &to_st); |
||||
+ to_errno = stat_file (to, &to_st, NULL); |
||||
if (backup) |
||||
create_backup (to, to_errno ? NULL : &to_st, false); |
||||
if (! to_errno) |
||||
@@ -818,7 +835,8 @@ version_controller (char const *filename |
||||
Return true if successful. */ |
||||
bool |
||||
version_get (char const *filename, char const *cs, bool exists, bool readonly, |
||||
- char const *getbuf, struct stat *filestat) |
||||
+ char const *getbuf, struct stat *filestat, |
||||
+ security_context_t *filecontext) |
||||
{ |
||||
if (patch_get < 0) |
||||
{ |
||||
@@ -843,6 +861,13 @@ version_get (char const *filename, char |
||||
fatal ("Can't get file %s from %s", quotearg (filename), cs); |
||||
if (safe_stat (filename, filestat) != 0) |
||||
pfatal ("%s", quotearg (filename)); |
||||
+ if (filecontext && getfilecon (filename, filecontext) == -1) |
||||
+ { |
||||
+ if (errno == ENODATA || errno == ENOTSUP) |
||||
+ *filecontext = NULL; |
||||
+ else |
||||
+ pfatal ("%s", quotearg (filename)); |
||||
+ } |
||||
} |
||||
|
||||
return 1; |
||||
@@ -1670,12 +1695,28 @@ make_tempfile (char const **name, char l |
||||
return fd; |
||||
} |
||||
|
||||
-int stat_file (char const *filename, struct stat *st) |
||||
+int stat_file (char const *filename, struct stat *st, security_context_t *con) |
||||
{ |
||||
int (*xstat)(char const *, struct stat *) = |
||||
follow_symlinks ? safe_stat : safe_lstat; |
||||
+ int (*xgetfilecon)(char const *, security_context_t *) = |
||||
+ follow_symlinks ? getfilecon : lgetfilecon; |
||||
+ |
||||
+ if (xstat (filename, st) == 0) |
||||
+ { |
||||
+ if (con) |
||||
+ { |
||||
+ if (xgetfilecon (filename, con) != -1 || |
||||
+ errno == ENODATA || errno == ENOTSUP) |
||||
+ return 0; |
||||
|
||||
- return xstat (filename, st) == 0 ? 0 : errno; |
||||
+ *con = NULL; |
||||
+ } |
||||
+ else |
||||
+ return 0; |
||||
+ } |
||||
+ |
||||
+ return errno; |
||||
} |
||||
|
||||
/* Check if a filename is relative and free of ".." components. |
||||
diff -up patch-2.7.6/src/util.h.selinux patch-2.7.6/src/util.h |
||||
--- patch-2.7.6/src/util.h.selinux 2018-02-03 12:41:49.000000000 +0000 |
||||
+++ patch-2.7.6/src/util.h 2018-02-12 12:30:08.533190949 +0000 |
||||
@@ -44,7 +44,7 @@ char *parse_name (char const *, int, cha |
||||
char *savebuf (char const *, size_t); |
||||
char *savestr (char const *); |
||||
char const *version_controller (char const *, bool, struct stat const *, char **, char **); |
||||
-bool version_get (char const *, char const *, bool, bool, char const *, struct stat *); |
||||
+bool version_get (char const *, char const *, bool, bool, char const *, struct stat *, security_context_t *); |
||||
int create_file (char const *, int, mode_t, bool); |
||||
int systemic (char const *); |
||||
char *format_linenum (char[LINENUM_LENGTH_BOUND + 1], lin); |
||||
@@ -67,7 +67,7 @@ void insert_file_id (struct stat const * |
||||
enum file_id_type lookup_file_id (struct stat const *); |
||||
void set_queued_output (struct stat const *, bool); |
||||
bool has_queued_output (struct stat const *); |
||||
-int stat_file (char const *, struct stat *); |
||||
+int stat_file (char const *, struct stat *, security_context_t *); |
||||
bool filename_is_safe (char const *) _GL_ATTRIBUTE_PURE; |
||||
bool cwd_is_root (char const *); |
||||
|
||||
@@ -75,7 +75,8 @@ enum file_attributes { |
||||
FA_TIMES = 1, |
||||
FA_IDS = 2, |
||||
FA_MODE = 4, |
||||
- FA_XATTRS = 8 |
||||
+ FA_XATTRS = 8, |
||||
+ FA_SECCONTEXT = 16 |
||||
}; |
||||
|
||||
void set_file_attributes (char const *, enum file_attributes, char const *, |
@ -0,0 +1,470 @@
@@ -0,0 +1,470 @@
|
||||
%global gnulib_ver 20180203 |
||||
|
||||
Summary: Utility for modifying/upgrading files |
||||
Name: patch |
||||
Version: 2.7.6 |
||||
Release: 16%{?dist} |
||||
License: GPLv3+ |
||||
URL: https://savannah.gnu.org/projects/patch/ |
||||
Source: https://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz |
||||
Patch0: patch-2.7.6-avoid-set_file_attributes-sign-conversion-warnings.patch |
||||
patch1: patch-2.7.6-test-suite-compatibility-fixes.patch |
||||
Patch2: patch-2.7.6-fix-korn-shell-incompatibility.patch |
||||
Patch3: patch-2.7.6-fix-segfault-with-mangled-rename-patch.patch |
||||
Patch4: patch-2.7.6-allow-input-files-to-be-missing-for-ed-style-patches.patch |
||||
Patch5: patch-CVE-2018-1000156.patch |
||||
Patch6: patch-2.7.6-CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell.patch |
||||
Patch7: patch-2.7.6-switch-from-fork-execlp-to-execute.patch |
||||
Patch8: patch-2.7.6-cleanups-in-do_ed_script.patch |
||||
Patch9: patch-2.7.6-avoid-warnings-gcc8.patch |
||||
Patch10: patch-2.7.6-check-of-return-value-of-fwrite.patch |
||||
Patch11: patch-2.7.6-fix-ed-style-test-failure.patch |
||||
Patch12: patch-2.7.6-dont-leak-temporary-file-on-failed-ed-style-patch.patch |
||||
Patch13: patch-2.7.6-dont-leak-temporary-file-on-failed-multi-file-ed-style-patch.patch |
||||
Patch14: patch-2.7.6-make-debug-output-more-useful.patch |
||||
Patch15: patch-2.7.6-CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap.patch |
||||
Patch16: patch-2.7.6-improve_support_for_memory_leak_detection.patch |
||||
patch17: patch-2.7.6-skip-ed-test-when-the-ed-utility-is-not-installed.patch |
||||
Patch18: patch-2.7.6-abort_when_cleaning_up_fails.patch |
||||
Patch19: patch-2.7.6-crash-RLIMIT_NOFILE.patch |
||||
Patch20: patch-2.7.6-CVE-2019-13636-symlinks.patch |
||||
Patch21: patch-2.7.6-avoid-invalid-memory-access-in-context-format-diffs.patch |
||||
Patch22: patch-2.7.6-CVE-2018-17942.patch |
||||
Patch23: patch-2.7.6-failed_assertion.patch |
||||
Patch100: patch-selinux.patch |
||||
|
||||
BuildRequires: make |
||||
BuildRequires: gcc |
||||
BuildRequires: libselinux-devel |
||||
BuildRequires: libattr-devel |
||||
BuildRequires: ed |
||||
BuildRequires: autoconf automake |
||||
|
||||
Requires: ed |
||||
|
||||
Provides: bundled(gnulib) = %{gnulib_ver} |
||||
|
||||
%description |
||||
The patch program applies diff files to originals. The diff command |
||||
is used to compare an original to a changed file. Diff lists the |
||||
changes made to the file. A person who has the original file can then |
||||
use the patch command with the diff file to add the changes to their |
||||
original file (patching the file). |
||||
|
||||
Patch should be installed because it is a common way of upgrading |
||||
applications. |
||||
|
||||
%prep |
||||
%setup -q |
||||
%patch0 -p1 -b .avoid-set_file_attributes-sign-conversion-warnings |
||||
%patch1 -p1 -b .test-suite-compatibility-fixes |
||||
%patch2 -p1 -b .fix-korn-shell-incompatibility |
||||
%patch3 -p1 -b .fix-segfault-with-mangled-rename-patch |
||||
%patch4 -p1 -b .allow-input-files-to-be-missing-for-ed-style-patches |
||||
# CVE-2018-1000156, Malicious patch files cause ed to execute arbitrary commands |
||||
%patch5 -p1 -b .CVE-2018-1000156 |
||||
%patch6 -p1 -b .CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell |
||||
%patch7 -p1 -b .switch-from-fork-execlp-to-execute |
||||
%patch8 -p1 -b .cleanups-in-do_ed_script |
||||
%patch9 -p1 -b .avoid-warnings-gcc8 |
||||
%patch10 -p1 -b .check-of-return-value-of-fwrite |
||||
%patch11 -p1 -b .fix-ed-style-test-failure |
||||
%patch12 -p1 -b .dont-leak-temporary-file-on-failed-ed-style-patch |
||||
%patch13 -p1 -b .dont-leak-temporary-file-on-failed-multi-file-ed-style-patch |
||||
%patch14 -p1 -b .make-debug-output-more-useful |
||||
%patch15 -p1 -b .CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap |
||||
%patch16 -p1 -b .improve_support_for_memory_leak_detection |
||||
%patch17 -p1 -b .skip-ed-test-when-the-ed-utility-is-not-installed |
||||
%patch18 -p1 -b .abort_when_cleaning_up_fails |
||||
%patch19 -p1 -b .crash-RLIMIT_NOFILE |
||||
%patch20 -p1 -b .CVE-2019-13636-symlinks |
||||
%patch21 -p1 -b .avoid-invalid-memory-access-in-context-format-diffs |
||||
# CVE-2018-17942 gnulib: heap-based buffer overflow |
||||
%patch22 -p1 -b .CVE-2018-17942-gnulib_buffer_overflow |
||||
%patch23 -p1 -b .failed_assertion |
||||
# SELinux support. |
||||
%patch100 -p1 -b .selinux |
||||
|
||||
%build |
||||
CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE" |
||||
%ifarch sparcv9 |
||||
CFLAGS=`echo $CFLAGS|sed -e 's|-fstack-protector||g'` |
||||
%endif |
||||
autoreconf |
||||
%configure --disable-silent-rules |
||||
%make_build |
||||
|
||||
%check |
||||
make check |
||||
|
||||
%install |
||||
%makeinstall |
||||
|
||||
%files |
||||
%license COPYING |
||||
%doc NEWS README |
||||
%{_bindir}/* |
||||
%{_mandir}/*/* |
||||
|
||||
%changelog |
||||
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.7.6-16 |
||||
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags |
||||
Related: rhbz#1991688 |
||||
|
||||
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.7.6-15 |
||||
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937 |
||||
|
||||
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-14 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild |
||||
|
||||
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-13 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild |
||||
|
||||
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-12 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild |
||||
|
||||
* Mon Jul 29 2019 Than Ngo <than@redhat.com> - 2.7.6-11 |
||||
- fixed #1733917, CVE-2019-13638 patch: OS shell command injection when processing crafted patch files |
||||
|
||||
* Wed Jul 24 2019 Than Ngo <than@redhat.com> - 2.7.6-10 |
||||
- backported patch, abort when cleaning up fails |
||||
- backported patch, improve support for memory leak detection |
||||
- backported patch, don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY |
||||
- backported patch, CVE-2019-13636, don't follow symlinks unless --follow-symlinks is given |
||||
- backported patch, avoid invalid memory accessin context format diffs |
||||
- backported patch, fix failed assertion |
||||
|
||||
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-9 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild |
||||
|
||||
* Mon Nov 26 2018 Than Ngo <than@redhat.com> - 2.7.6-8 |
||||
- Added virtual provides for bundled gnulib library |
||||
- Fixed CVE-2018-17942, gnulib: heap-based buffer overflow |
||||
|
||||
* Thu Oct 11 2018 Than Ngo <than@redhat.com> - 2.7.6-7 |
||||
- Fixed #1582675 - Patch can be crashed and coredumped with a trivial wrong command |
||||
|
||||
* Wed Aug 15 2018 Than Ngo <than@redhat.com> - 2.7.6-6 |
||||
- Fixed #1554752 - Double free of memory, CVE-2018-6952 |
||||
|
||||
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-5 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild |
||||
|
||||
* Thu May 3 2018 Tim Waugh <twaugh@redhat.com> - 2.7.6-4 |
||||
- Fixed CVE-2018-1000156 - Malicious patch files cause ed to execute arbitrary |
||||
commands. |
||||
|
||||
* Mon Feb 12 2018 Tim Waugh <twaugh@redhat.com> - 2.7.6-3 |
||||
- 2.7.6 (CVE-2016-10713, CVE-2018-6951, CVE-2018-6952). |
||||
|
||||
* Thu Feb 08 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-7 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_28_Mass_Rebuild |
||||
|
||||
* Thu Aug 03 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-6 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Binutils_Mass_Rebuild |
||||
|
||||
* Thu Jul 27 2017 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-5 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild |
||||
|
||||
* Wed Feb 01 2017 Stephen Gallagher <sgallagh@redhat.com> - 2.7.5-4 |
||||
- Add missing %%license macro |
||||
|
||||
* Thu Feb 04 2016 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.5-3 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild |
||||
|
||||
* Thu Jun 18 2015 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.5-2 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild |
||||
|
||||
* Mon Mar 9 2015 Tim Waugh <twaugh@redhat.com> - 2.7.5-1 |
||||
- Fixed memory leak in selinux patch. |
||||
- 2.7.5, including an even better fix for CVE-2015-1196 that still |
||||
allows relative symlinks to be created/used. |
||||
|
||||
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 2.7.4-2 |
||||
- Rebuilt for Fedora 23 Change |
||||
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code |
||||
|
||||
* Sun Feb 1 2015 Tim Waugh <twaugh@redhat.com> - 2.7.4-1 |
||||
- 2.7.4, including a better fix for CVE-2015-1196 that still allows |
||||
symlinks referencing ".." to be created. |
||||
|
||||
* Fri Jan 23 2015 Tim Waugh <twaugh@redhat.com> - 2.7.3-1 |
||||
- 2.7.3 (bug #1182157, CVE-2015-1196, bug #1184491, CVE-2014-9637). |
||||
|
||||
* Tue Jan 20 2015 Tim Waugh <twaugh@redhat.com> - 2.7.1-12 |
||||
- Apply upstream patch to fix line numbering integer overflow. |
||||
|
||||
* Tue Jan 20 2015 Tim Waugh <twaugh@redhat.com> - 2.7.1-11 |
||||
- Apply upstream patch to fix directory traversal via symlinks |
||||
(bug #1182157, CVE-2015-1196). |
||||
|
||||
* Sun Aug 17 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-9 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild |
||||
|
||||
* Fri Jun 06 2014 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-8 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild |
||||
|
||||
* Sat Aug 03 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-7 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild |
||||
|
||||
* Wed Jun 12 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-6 |
||||
- Don't segfault when given bad arguments (bug #972330). |
||||
|
||||
* Thu Apr 11 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-5 |
||||
- Don't document unsupported -m option; document -x option (bug #948972). |
||||
|
||||
* Mon Mar 25 2013 Ville Skyttä <ville.skytta@iki.fi> - 2.7.1-4 |
||||
- Build with xattr support. |
||||
- Make build output more verbose. |
||||
- Fix bogus date in %%changelog. |
||||
|
||||
* Mon Mar 11 2013 Tim Waugh <twaugh@redhat.com> 2.7.1-3 |
||||
- Upstream patch to fix removal of empty directories (bug #919489). |
||||
|
||||
* Thu Feb 14 2013 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.7.1-2 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild |
||||
|
||||
* Thu Oct 18 2012 Tim Waugh <twaugh@redhat.com> 2.7.1-1 |
||||
- Fixed license (since 2.6 it has been GPLv3+). |
||||
- 2.7.1. |
||||
|
||||
* Thu Oct 18 2012 Tim Waugh <twaugh@redhat.com> 2.7-1 |
||||
- 2.7. No longer need sigsegv, get-arg, CVE-2010-4651, |
||||
backup-if-mismatch or coverity-leak patches. |
||||
|
||||
* Fri Jul 20 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-13 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild |
||||
|
||||
* Fri Jan 13 2012 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.6.1-12 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild |
||||
|
||||
* Fri Nov 25 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-11 |
||||
- Fixed NULL dereference in selinux patch. |
||||
|
||||
* Mon May 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-10 |
||||
- Applied Jiri Popelka's fixes from Coverity scan (bug #704554): |
||||
- Avoid unchecked return from getfilecon() in patch-selinux.patch. |
||||
- Fix memory leak. |
||||
|
||||
* Wed Feb 16 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-9 |
||||
- Let --posix cause --no-backup-if-mismatch (bug #678016). |
||||
|
||||
* Thu Feb 10 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-8 |
||||
- Incorporate upstream fix for CVE-2010-4651 patch so that a target |
||||
name given on the command line is not validated (bug #667529). |
||||
|
||||
* Tue Feb 8 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-7 |
||||
- Applied upstream patch to fix CVE-2010-4651 so that malicious |
||||
patches cannot create files above the current directory |
||||
(bug #667529). |
||||
|
||||
* Tue Jan 4 2011 Tim Waugh <twaugh@redhat.com> 2.6.1-6 |
||||
- Use smp_mflags correctly (bug #665770). |
||||
|
||||
* Mon Aug 16 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-5 |
||||
- Another fix for the selinux patch (bug #618215). |
||||
|
||||
* Fri Aug 6 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-4 |
||||
- Fixed interpretation of return value from getfilecon(). |
||||
- Fixed argument type for --get (bug #553624). |
||||
|
||||
* Fri Aug 6 2010 Dennis Gilmore <dennis@ausil.us> |
||||
- using -fstack-projector causes weirdness on 32 bit sparc so disabling for now |
||||
|
||||
* Tue Jul 27 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-3 |
||||
- Fixed argument type for --get (bug #553624). |
||||
|
||||
* Wed Mar 3 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-2 |
||||
- Added comments for all patches. |
||||
- Ship COPYING file. |
||||
- Removed sparc ifdefs in spec file. |
||||
|
||||
* Mon Jan 4 2010 Tim Waugh <twaugh@redhat.com> 2.6.1-1 |
||||
- 2.6.1 (bug #551569). No longer need best-name patch. |
||||
|
||||
* Thu Dec 24 2009 Tim Waugh <twaugh@redhat.com> 2.6-2 |
||||
- Applied upstream patch to prevent incorrect filename being chosen |
||||
when adding a new file (bug #549122). |
||||
|
||||
* Mon Nov 16 2009 Tim Waugh <twaugh@redhat.com> 2.6-1 |
||||
- 2.6. No longer need stderr, suffix, stripcr, parse, allow-spaces, |
||||
ifdef, program_name, or posix-backup patches. |
||||
|
||||
* Sat Jul 25 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.5.4-40 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild |
||||
|
||||
* Wed Apr 29 2009 Tim Waugh <twaugh@redhat.com> 2.5.4-39 |
||||
- Fixed operation when SELinux is disabled (bug #498102). Patch from |
||||
Jan Kratochvil. |
||||
|
||||
* Thu Feb 26 2009 Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 2.5.4-38 |
||||
- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild |
||||
|
||||
* Tue Feb 17 2009 Tim Waugh <twaugh@redhat.com> 2.5.4-37 |
||||
- Don't set SELinux file context if it is already correct. |
||||
|
||||
* Mon Nov 24 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-36 |
||||
- Better summary. |
||||
|
||||
* Mon Jun 30 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-35 |
||||
- Don't fail if setfilecon() returns EPERM (bug #453365), although the |
||||
setfilecon man page suggests that ENOTSUP will be returned in this |
||||
case. |
||||
|
||||
* Mon Jun 16 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-34 |
||||
- Only write simple backups for each file once during a run |
||||
(bug #234822). |
||||
|
||||
* Thu Jun 12 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-33 |
||||
- Fix selinux patch and apply it. Build requires libselinux-devel. |
||||
|
||||
* Fri Feb 8 2008 Tim Waugh <twaugh@redhat.com> 2.5.4-32 |
||||
- Applied patch from 2.5.9 to allow spaces in filenames (bug #431887). |
||||
|
||||
* Mon Dec 3 2007 Tim Waugh <twaugh@redhat.com> 2.5.4-31 |
||||
- Convert spec file to UTF-8 (bug #226233). |
||||
- Use _bindir macro in %%files (bug #226233). |
||||
- Parallel make (bug #226233). |
||||
- Better defattr declaration (bug #226233). |
||||
|
||||
* Thu Oct 4 2007 Tim Waugh <twaugh@redhat.com> |
||||
- Beginnings of an SELinux patch (bug #165799); not applied yet. |
||||
|
||||
* Wed Aug 29 2007 Tim Waugh <twaugh@redhat.com> 2.5.4-30 |
||||
- Added dist tag. |
||||
- More specific license tag. |
||||
- Fixed summary. |
||||
- Better buildroot tag. |
||||
|
||||
* Wed Jul 12 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2.2 |
||||
- rebuild |
||||
|
||||
* Fri Feb 10 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2.1 |
||||
- bump again for double-long bug on ppc(64) |
||||
|
||||
* Tue Feb 07 2006 Jesse Keating <jkeating@redhat.com> - 2.5.4-29.2 |
||||
- rebuilt for new gcc4.1 snapshot and glibc changes |
||||
|
||||
* Fri Dec 09 2005 Jesse Keating <jkeating@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Thu Sep 8 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-29 |
||||
- Remove SELinux patch for now (bug #167822). |
||||
|
||||
* Wed Sep 7 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-27 |
||||
- Applied patch from Ulrich Drepper to fix string overread (bug #167675). |
||||
|
||||
* Tue Sep 6 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-26 |
||||
- Preserve SELinux file contexts (bug #165799). |
||||
|
||||
* Thu Aug 11 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-25 |
||||
- Fixed CRLF detection (bug #154283). |
||||
|
||||
* Wed May 4 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-24 |
||||
- Reverted last change (bug #154283, bug #156762). |
||||
|
||||
* Fri Apr 29 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-23 |
||||
- Applied patch from Toshio Kuratomi to avoid problems with DOS-format |
||||
newlines (bug #154283). |
||||
|
||||
* Wed Mar 2 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-22 |
||||
- Rebuild for new GCC. |
||||
|
||||
* Wed Feb 9 2005 Tim Waugh <twaugh@redhat.com> 2.5.4-21 |
||||
- Rebuilt. |
||||
|
||||
* Tue Jun 15 2004 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Fri Feb 13 2004 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Sat Oct 25 2003 Tim Waugh <twaugh@redhat.com> 2.5.4-18 |
||||
- Rebuilt. |
||||
|
||||
* Wed Jun 04 2003 Elliot Lee <sopwith@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Wed Jan 22 2003 Tim Powers <timp@redhat.com> |
||||
- rebuilt |
||||
|
||||
* Wed Nov 20 2002 Tim Powers <timp@redhat.com> |
||||
- rebuilt in current collinst |
||||
|
||||
* Fri Jun 21 2002 Tim Powers <timp@redhat.com> |
||||
- automated rebuild |
||||
|
||||
* Thu May 23 2002 Tim Powers <timp@redhat.com> |
||||
- automated rebuild |
||||
|
||||
* Tue Apr 9 2002 Tim Waugh <twaugh@redhat.com> 2.5.4-12 |
||||
- Fix error reporting when given bad options (bug #62981). |
||||
|
||||
* Tue Mar 5 2002 Tim Waugh <twaugh@redhat.com> 2.5.4-11 |
||||
- s/Copyright:/License:/. |
||||
- Fix -D behaviour (bug #60688). |
||||
|
||||
* Tue May 29 2001 Tim Waugh <twaugh@redhat.com> 2.5.4-10 |
||||
- Merge Mandrake patch: |
||||
- fix possible segfault |
||||
|
||||
* Fri Dec 1 2000 Tim Waugh <twaugh@redhat.com> |
||||
- Rebuild because of fileutils bug. |
||||
|
||||
* Thu Nov 2 2000 Tim Waugh <twaugh@redhat.com> |
||||
- use .orig as default suffix, as per man page and previous behaviour |
||||
(bug #20202). |
||||
- use better patch for this, from maintainer. |
||||
|
||||
* Wed Oct 4 2000 Tim Waugh <twaugh@redhat.com> |
||||
- actually use the RPM_OPT_FLAGS |
||||
|
||||
* Wed Jul 12 2000 Prospector <bugzilla@redhat.com> |
||||
- automatic rebuild |
||||
|
||||
* Tue Jun 13 2000 Trond Eivind Glomsrød <teg@redhat.com> |
||||
- Use %%makeinstall, %%{_tmppath} and %%{_mandir} |
||||
|
||||
* Fri May 12 2000 Trond Eivind Glomsrød <teg@redhat.com> |
||||
- added URL |
||||
|
||||
* Wed Feb 16 2000 Bernhard Rosenkraenzer <bero@redhat.com> |
||||
- 2.5.4 |
||||
- Fix up LFS support on Alpha (Bug #5732) |
||||
|
||||
* Mon Feb 7 2000 Bill Nottingham <notting@redhat.com> |
||||
- handle compressed manpages |
||||
|
||||
* Sun Jun 06 1999 Alan Cox <alan@redhat.com> |
||||
- Fix the case where stderr isnt flushed for ask(). Now the 'no such file' |
||||
appears before the skip patch question, not at the very end, Doh! |
||||
|
||||
* Mon Mar 22 1999 Jeff Johnson <jbj@redhat.com> |
||||
- (ultra?) sparc was getting large file system support. |
||||
|
||||
* Sun Mar 21 1999 Cristian Gafton <gafton@redhat.com> |
||||
- auto rebuild in the new build environment (release 7) |
||||
|
||||
* Fri Dec 18 1998 Cristian Gafton <gafton@redhat.com> |
||||
- build against glibc 2.1 |
||||
|
||||
* Tue Sep 1 1998 Jeff Johnson <jbj@redhat.com> |
||||
- bump release to preserve newer than back-ported 4.2. |
||||
|
||||
* Tue Jun 09 1998 Prospector System <bugs@redhat.com> |
||||
- translations modified for de, fr |
||||
|
||||
* Tue Jun 9 1998 Jeff Johnson <jbj@redhat.com> |
||||
- Fix for problem #682 segfault. |
||||
|
||||
* Fri Apr 24 1998 Prospector System <bugs@redhat.com> |
||||
- translations modified for de, fr, tr |
||||
|
||||
* Tue Apr 07 1998 Cristian Gafton <gafton@redhat.com> |
||||
- added buildroot |
||||
|
||||
* Tue Oct 21 1997 Cristian Gafton <gafton@redhat.com> |
||||
- updated to 2.5 |
||||
|
||||
* Mon Jun 02 1997 Erik Troan <ewt@redhat.com> |
||||
- built against glibc |
Loading…
Reference in new issue