OpenWrt
/
xiaomi-ax3600
mirror of https://github.com/immortalwrt/immortalwrt.git
1
0
Fork 0
Code Issues Packages Projects Releases Wiki Activity

tools/patch: bump version to v2.8 

drop upstream patches

  $ git log --no-merges --oneline v2.7.6..v2.8
  48ceda8 Version 2.8
  b3d0c93 Regression in commit abe92e8010ab affecting MariaDB tests
  29fced6 Count traditional diff pattern lines correctly
  b5d2124 patch: fix --no-backup-if-mismatch regression
  86ac7e2 Fix dodgy assert with side-effects in insert_cached_dirfd
  7d87652 Declare an expected test failure on Haiku.
  86baf97 build: update gnulib submodule to latest
  1ba2c1b Fix two test failures on Haiku.
  1da6bf8 Check for newlines only when creating a file name
  30ee610 Gnulib renamed some modules
  6dbc381 maint: update bootstrap from gnulib
  05ac924 build: update gnulib submodule to latest
  95e0092 maint: make update-copyright
  5bac274 Set --no-backup-if-mismatch when in --posix mode
  910fecf Add missing feature tests to the test suite
  be8b3c6 Disable release-prep
  c61485b Fix "make release" to handle alpha releases
  499916f Add announce-gen module for "make release"
  adb1ebc Pacify gcc -fsanitize=address
  6bdae94 Fix memory leak when malformed unidiff patch
  72a146c Port to clang address sanitizer
  e2e6820 Refactor argc+argv processing
  606c091 Omit needless get_some_switches code
  ee3cc40 Revert "Remove obsolete require_gnu_diff function"
  8cae4fc Remove obsolete require_gnu_diff function
  164b529 savebuf can return a null pointer
  91c1e4f Spelling fixes
  a03e1ba Port other reject-format test to non-GNU diff
  9ba5eb0 Don’t be fooled by NUL bytes in diff directives
  79dd5e7 Don’t be fooled by "\000" in file name
  8492a6a Port to quasi-GNU diff
  f6f2c6f In previous patch, make w_q static
  0525681 Pacify -Wunterminated-string-initialization
  301411d Spelling fixes
  4615206 Remove double semicolon
  923e0ef Prefer angle bracket headers
  5d17ca0 Update more old copyright notices
  5f4edd3 Simplify memory allocation of files to delete
  802511c Report patch read errors more immediately
  a93b50d Port fflush usage to OpenBSD 7.5
  55e224b Update old copyright notices
  33a7fd8 Fix gl_gcc_warnings typo in ‘configure’
  2313b37 build: update gnulib submodule to latest
  37fec39 Remove some dependencies no longer needed
  cc87173 Update NEWS as per recent changes
  7887622 Update POSIX citations
  18f4dd6 Use “Gruenbacher” in international contexts
  638675c Adjust libs to match recent Gnulib
  53400a1 Pacify clang -Wbitwise-conditional-parentheses
  e8e1bcb Remove “support” for nested critical sections
  b963510 Simplify critical section code in util fns
  85949fb Shrink critical sections
  448ff9b Defer signals by hand with sigatomic_t
  b95a603 output_file_later avoid a malloc+free pair
  2663228 Defend against closed stdin/stdout/stderr
  fc77964 Stop using Gnulib ‘execute’ module
  470699c Move defer_signals up
  f696e4e Make sigs, NUM_SIGS local
  4d3a4ab Rename block_signals
  b3bb925 Trade a bit of space for time in parse_c_string
  070d859 Allocate first patchbuf statically
  f46a90f Use bigger buffer size by default
  2e64cfd Preinitialize fatal_act.sa_hander
  45de0d9 Prefer EXIT_SUCCESS etc. to literal integers
  82c4940 Fix some signal handling races
  eceea61 Fix --set-utc TZ setting
  9c55d3f Improve logic for when rename removes source
  61c72f0 Fix signal race when renaming file
  705c9bc Simplify traverse_another_path via last_component
  77f21a6 Stop using Gnulib dirname module
  fe8ffd9 Fix implausible overflow when reading symlinks
  5e84bda Access checks should use effective, not real
  8d4ca49 Don’t assume AT_FDCWD != -1
  fe5d4a0 Copy input to output attributes via fd if possible
  ca4c431 Simplify timestamp epoch checking
  0ad4347 Check for ftello failures
  c49a16d Remove format_linenum
  22efdee Fix "with multiple words" line number
  5a70a1b Drop Plan B
  c0d465f Prefer ximemdup0 to xmemdup0
  b91aab2 Refactor ifetch API
  55c8a5c Do not attempt huge I/Os
  e0e121e Use outfd when setting file attributes
  241e57e Don’t assume Linux-like S_IFREG
  0f8c628 Use STDOUT_FILENO etc
  f2c3676 Fix unlikely glitch with ed diffs
  cec6407 Use fds to copy attrs in create_backup_copy
  6b7b01b Be more careful about (time_t) -1
  0433553 X == -1 → X < 0
  0a66dee Let set_file_attributes use fds not names
  36ff2c9 Port to narrow unsigned uid_t
  3951496 Check for output errors more systematically
  6429630 Report input error right away
  03cb187 Simplify EOF testing
  cc7cde7 Prefer other types to ‘int’
  4c6650b Detect unlikely integer overflow in size calcs
  abe92e8 Prefer idx_t, ptrdiff_t to lin
  30449e2 Fix compatibility issue with blanks in patches
  9228a8c pch_swap return type cleanup
  c1c438d Fix unlikely int overflow in hunk counts
  5d3f41f Use char for char in plan_a
  fb056f2 Cache cwd_is_root dev, ino
  84b5f34 Avoid ‘unsigned’ in safe.c
  d2e113e Simplify get_sha1
  f73718b Avoid casts in patch.c
  79eef3e Prefer idx_t in util.c
  11588d0 Prefer idx_t in pch.c
  e16037d Prefer idx_t in patch.c
  388926f Prefer idx_t in list.h
  3582fdb Prefer idx_t in inp.c
  4a47c00 build: update gnulib submodule to latest
  4f8c4b8 Don’t limit strip counts etc. to INT_MAX
  0a810b6 Fix unlikely integer overflows in patch.c
  bac3b6d Fix unlikely integer overflows in pch.c
  8fb784b Fix unlikely integer overflows in inp.c
  e10f3ca Promote minmax.h to common.h
  57e2165 Avoid some memory allocation by not using ‘const’
  eb18b39 Remove unnecessary char * casts in inp.c
  d60cb72 Pacify gcc -Wunused-parameter when !USE_XATTR
  05ef886 Pacify gcc -Wunused-parameter when !USE_XATTR
  1f8d192 maint: stop using alloca
  ba92722 Don’t assume O_RDONLY == 0
  0f98e03 Avoid syscall when nested signal block
  1235ccc Add signal comment
  43ee674 build: update gnulib submodule to latest
  e381947 Update NEWS, README-prereq
  2c2a83b Omit _Noreturn when easy
  a13c2ea Replace __attribute__ with attribute.h
  6eb2d13 Switch from ctype.h to c-ctype.h
  d1a6847 Simplify warning configuration
  d6631b3 Prefer ATTRIBUTE_* to _GL_ATTRIBUTE_*
  bc6899d Pacify gcc -Wno-unused-parameter
  da25985 Improve ‘git diff’ output if desired
  248ef13 Prefer strerror to perror
  6cb321a A bit more long-string fixing
  47bc09d Prefer nullptr to NULL
  7608746 More fixing of printing of very long strings
  323da0d Don’t assume string sizes fit in int when printing
  53d1014 Avoid fprintf INT_MAX overflow when merging
  59681c8 Avoid sprintf INT_MAX overflow
  4278b91 Reject output file names containing '\n'
  34b45bc Update man page a bit.
  d18c05d Update copyright notices
  af828e5 Fix some races involving signals
  b3a6c95 Don’t attempt to remove files we didn’t create
  9abc949 Omit goto in try_safe_open
  90e62d5 Pacify clang re obsolete O_CREAT test
  2b87c1e Allow nested block/unblock of signals
  7aa1c3b Adjust to new Gnulib bootstrap post imports
  99c0c0b maint: remove generated file lib/Makefile.am
  1c087d6 Rely on Gnulib inttypes module
  7214f8d Update main locals more consistently
  6785b2c Use struct outfile * in function args
  72d7ed0 Refactor temp names into struct
  abf6fb1 Simplify by using Gnulib sigaction
  d3816ac Avoid unnecessary freeing in output_files
  346d3ac Clean up cleanup
  ff2317b Port better to GNU/Hurd
  c2d9792 Don’t say empty backups are unreadable
  8c27a03 Spelling fixes
  d46d729 Change manywarnings usage to be more like coreutils
  924698b Pacify clang, which dislikes n + "y"
  8939519 Pacify -Wstrict-overflow in pch.c
  531cc2b Pacify -Wsuggest-attribute=format in util.c
  ff13fea Port to non-VLA C compilers
  3d5c0d1 Rename vars to pacify gcc -Wshadow
  56788ce Stop including stdbool.h
  c10da77 Recommend 64-bit time_t on 32-bit platforms
  1e21767 Remove pch_sha1
  39005cf Move skip_spaces
  755712d Remove pch_timestamp function
  04f0eeb Prefer extern inline to static inline for list.h
  f06c123 maint: pacify gcc 14 -Wcast-align
  aab6e7b maint: pacify -Wanalyzer-null-argument
  d1d32c9 maint: work around GCC bug 109839
  7575694 maint: pacify gcc -Wmissing-variable-declarations
  8f78b09 maint: pacify gcc -Winline
  bb841fd maint: port _FORTIFY_SOURCE to Ubuntu
  4887683 maint: assume STDC_HEADERS
  5b8ecde maint: spruce up our .m4 files a bit
  009a424 maint: omit obsolete macro calls
  299167f maint: simplify .gitignore
  3ec44a4 build: update gnulib submodule to latest
  68cb529 build: update gnulib submodule to latest
  f144b35 build: Enable the 'subdir-objects' Automake option.
  faafc79 build: update gnulib submodule to latest
  c835ecc Pass the correct stat to backup files
  24f81be maint: modernize README-{hacking,prereq}
  7623b2d Fix test for presence of BASH_LINENO[0]
  0993940 gnulib: update to latest
  78ed9de Add missing-section tests to context-format test case
  76e7758 Fix failed assertion 'outstate->after_newline'
  15b158d Avoid invalid memory access in context format diffs
  dce4683 Don't follow symlinks unless --follow-symlinks is given
  61d7788 Don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY
  b7b028a Abort when cleaning up fails
  a5b442c Skip "ed" test when the ed utility is not installed
  2b584ae Improve support for memory leak detection
  9c98635 Fix swapping fake lines in pch_swap
  ff81775 Make the (debug & 2) output more useful
  369dccc Don't leak temporary file on failed multi-file ed-style patch
  1959988 Don't leak temporary file on failed ed-style patch
  f322a7e Request 'alloca' module from gnulib.
  458ac51 Fix 'ed-style' test failure.
  1e9104c Fix check of return value of fwrite().
  ae81be0 maint: avoid warnings from GCC8
  2a32bf0 Minor cleanups in do_ed_script
  ff1d3a6 Use gnulib execute module
  3fcd042 Invoke ed directly instead of using the shell
  123eaff Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)
  b5a91a0 Allow input files to be missing for ed-style patches
  f290f48 Fix segfault with mangled rename patch
  074e239 Test suite: fix Korn shell incompatibility
  f6bc5b1 Test suite compatibility fixes
  3bbebbb Avoid set_file_attributes sign conversion warnings

Signed-off-by: Russell Senior <russell@personaltelco.net>
Link: https://github.com/openwrt/openwrt/pull/18479
Signed-off-by: Robert Marko <robimarko@gmail.com>
This commit is contained in:
Russell Senior 2025-04-02 05:47:29 -07:00 committed by Robert Marko
parent 493b0cd817
commit f45df2167b
8 changed files with 3 additions and 414 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

6
tools/patch/Makefile
View File

@ -7,13 +7,13 @@
include $(TOPDIR)/rules.mk
PKG_NAME:=patch
PKG_VERSION:=2.7.6
PKG_RELEASE:=7
PKG_VERSION:=2.8
PKG_RELEASE:=1
PKG_CPE_ID:=cpe:/a:gnu:patch
PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.gz
PKG_SOURCE_URL:=@GNU/patch
PKG_HASH:=8cf86e00ad3aaa6d26aca30640e86b0e3e1f395ed99f189b06d4c9f74bc58a4e
PKG_HASH:=308a4983ff324521b9b21310bfc2398ca861798f02307c79eb99bb0e0d2bf980
HOST_BUILD_PARALLEL := 1

24
tools/patch/patches/010-CVE-2018-6951.patch
View File

@ -1,24 +0,0 @@
From 1f7853c05f9949d81da9be7a02b90cc64284d1f8 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: [PATCH] Fix segfault with mangled rename patch
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
---
src/pch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");

142
tools/patch/patches/020-CVE-2018-1000156.patch
View File

@ -1,142 +0,0 @@
From b3a0ca3deed00334f9feece43f76776b6a168e47 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 12:14:49 +0200
Subject: [PATCH] Fix arbitrary command execution in ed-style patches
(CVE-2018-1000156)
* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
---
src/pch.c | 89 +++++++++++++++++++++++++++++++++++++++++--------------
1 file changed, 66 insertions(+), 23 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -33,6 +33,7 @@
# include <io.h>
#endif
#include <safe.h>
+#include <sys/wait.h>
#define INITHUNKMAX 125 /* initial dynamic allocation size */
@@ -2389,22 +2390,28 @@ do_ed_script (char const *inname, char c
static char const editor_program[] = EDITOR_PROGRAM;
file_offset beginning_of_this_line;
- FILE *pipefp = 0;
size_t chars_read;
+ FILE *tmpfp = 0;
+ char const *tmpname;
+ int tmpfd;
+ pid_t pid;
+
+ if (! dry_run && ! skip_rest_of_patch)
+ {
+ /* Write ed script to a temporary file. This causes ed to abort on
+ invalid commands such as when line numbers or ranges exceed the
+ number of available lines. When ed reads from a pipe, it rejects
+ invalid commands and treats the next line as a new command, which
+ can lead to arbitrary command execution. */
+
+ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
+ if (tmpfd == -1)
+ pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ tmpfp = fdopen (tmpfd, "w+b");
+ if (! tmpfp)
+ pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ }
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
- fflush (stdout);
- pipefp = popen(buf, binary_transput ? "wb" : "w");
- if (!pipefp)
- pfatal ("Can't open pipe to %s", quotearg (buf));
- }
for (;;) {
char ed_command_letter;
beginning_of_this_line = file_tell (pfp);
@@ -2415,14 +2422,14 @@ do_ed_script (char const *inname, char c
}
ed_command_letter = get_ed_command_letter (buf);
if (ed_command_letter) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (ed_command_letter != 'd' && ed_command_letter != 's') {
p_pass_comments_through = true;
while ((chars_read = get_line ()) != 0) {
- if (pipefp)
- if (! fwrite (buf, sizeof *buf, chars_read, pipefp))
+ if (tmpfp)
+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
write_fatal ();
if (chars_read == 2 && strEQ (buf, ".\n"))
break;
@@ -2435,13 +2442,49 @@ do_ed_script (char const *inname, char c
break;
}
}
- if (!pipefp)
+ if (!tmpfp)
return;
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0
- || fflush (pipefp) != 0)
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
+ || fflush (tmpfp) != 0)
write_fatal ();
- if (pclose (pipefp) != 0)
- fatal ("%s FAILED", editor_program);
+
+ if (lseek (tmpfd, 0, SEEK_SET) == -1)
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+
+ if (! dry_run && ! skip_rest_of_patch) {
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+ *outname_needs_removal = true;
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+ sprintf (buf, "%s %s%s", editor_program,
+ verbosity == VERBOSE ? "" : "- ",
+ outname);
+ fflush (stdout);
+
+ pid = fork();
+ if (pid == -1)
+ pfatal ("Can't fork");
+ else if (pid == 0)
+ {
+ dup2 (tmpfd, 0);
+ execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ _exit (2);
+ }
+ else
+ {
+ int wstatus;
+ if (waitpid (pid, &wstatus, 0) == -1
+ || ! WIFEXITED (wstatus)
+ || WEXITSTATUS (wstatus) != 0)
+ fatal ("%s FAILED", editor_program);
+ }
+ }
+
+ fclose (tmpfp);
+ safe_unlink (tmpname);
if (ofp)
{

25
tools/patch/patches/030-CVE-2018-6952.patch
View File

@ -1,25 +0,0 @@
From df40f2ea17254de269a3624319a12a93a4e395ff Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 17 Aug 2018 13:35:40 +0200
Subject: [PATCH] Fix swapping fake lines in pch_swap
* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a
blank line in the middle of a context-diff hunk: that empty line stays
in the middle of the hunk and isn't swapped.
Fixes: https://savannah.gnu.org/bugs/index.php?53133
---
src/pch.c | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2115,7 +2115,7 @@ pch_swap (void)
}
if (p_efake >= 0) { /* fix non-freeable ptr range */
if (p_efake <= i)
- n = p_end - i + 1;
+ n = p_end - p_ptrn_lines;
else
n = -i;
p_efake += n;

53
tools/patch/patches/040-Fix-error-handling-with-git-style-patches.patch
View File

@ -1,53 +0,0 @@
From 424da221cec76ea200cff1fa9b08a6f3d94c28a7 Mon Sep 17 00:00:00 2001
From: Lubomir Rintel <lkundrak@v3.sk>
Date: Wed, 31 Oct 2018 16:39:13 -0700
Subject: [PATCH] Fix error handling with git-style patches
When an error is encountered in output_files(), the subsequent call to
cleanup() calls back into output_files() resulting in an infinte recursion.
This is trivially reproduced with a git-style patch (which utilizes
output_file_later()) that tries to patch a nonexistent or unreadable
file (see attached test case).
* src/patch.c: (output_files) clear the files_to_output list before
iterating it, so that recursive calls won't iterate the same files.
---
src/patch.c | 12 ++++++++----
1 file changed, 8 insertions(+), 4 deletions(-)
--- a/src/patch.c
+++ b/src/patch.c
@@ -1938,8 +1938,12 @@ output_files (struct stat const *st)
{
gl_list_iterator_t iter;
const void *elt;
+ gl_list_t files;
- iter = gl_list_iterator (files_to_output);
+ files = files_to_output;
+ init_files_to_output ();
+
+ iter = gl_list_iterator (files);
while (gl_list_iterator_next (&iter, &elt, NULL))
{
const struct file_to_output *file_to_output = elt;
@@ -1957,8 +1961,8 @@ output_files (struct stat const *st)
/* Free the list up to here. */
for (;;)
{
- const void *elt2 = gl_list_get_at (files_to_output, 0);
- gl_list_remove_at (files_to_output, 0);
+ const void *elt2 = gl_list_get_at (files, 0);
+ gl_list_remove_at (files, 0);
if (elt == elt2)
break;
}
@@ -1967,7 +1971,7 @@ output_files (struct stat const *st)
}
}
gl_list_iterator_free (&iter);
- gl_list_clear (files_to_output);
+ gl_list_clear (files);
}
/* Fatal exit with cleanup. */

101
tools/patch/patches/050-CVE-2019-13636.patch
View File

@ -1,101 +0,0 @@
From dce4683cbbe107a95f1f0d45fabc304acfb5d71a Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 15 Jul 2019 16:21:48 +0200
Subject: Don't follow symlinks unless --follow-symlinks is given
* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
append_to_file): Unless the --follow-symlinks option is given, open files with
the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing
that consistently for input files.
* src/util.c (create_backup): When creating empty backup files, (re)create them
with O_CREAT | O_EXCL to avoid following symlinks in that case as well.
---
src/inp.c | 12 ++++++++++--
src/util.c | 14 +++++++++++---
2 files changed, 21 insertions(+), 5 deletions(-)
--- a/src/inp.c
+++ b/src/inp.c
@@ -238,8 +238,13 @@ plan_a (char const *filename)
{
if (S_ISREG (instat.st_mode))
{
- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0);
+ int flags = O_RDONLY | binary_transput;
size_t buffered = 0, n;
+ int ifd;
+
+ if (! follow_symlinks)
+ flags |= O_NOFOLLOW;
+ ifd = safe_open (filename, flags, 0);
if (ifd < 0)
pfatal ("can't open file %s", quotearg (filename));
@@ -340,6 +345,7 @@ plan_a (char const *filename)
static void
plan_b (char const *filename)
{
+ int flags = O_RDONLY | binary_transput;
int ifd;
FILE *ifp;
int c;
@@ -353,7 +359,9 @@ plan_b (char const *filename)
if (instat.st_size == 0)
filename = NULL_DEVICE;
- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0
+ if (! follow_symlinks)
+ flags |= O_NOFOLLOW;
+ if ((ifd = safe_open (filename, flags, 0)) < 0
|| ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r")))
pfatal ("Can't open file %s", quotearg (filename));
if (TMPINNAME_needs_removal)
--- a/src/util.c
+++ b/src/util.c
@@ -388,7 +388,7 @@ create_backup (char const *to, const str
try_makedirs_errno = ENOENT;
safe_unlink (bakname);
- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0)
+ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0)
{
if (errno != try_makedirs_errno)
pfatal ("Can't create file %s", quotearg (bakname));
@@ -579,10 +579,13 @@ create_file (char const *file, int open_
static void
copy_to_fd (const char *from, int tofd)
{
+ int from_flags = O_RDONLY | O_BINARY;
int fromfd;
ssize_t i;
- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0)
+ if (! follow_symlinks)
+ from_flags |= O_NOFOLLOW;
+ if ((fromfd = safe_open (from, from_flags, 0)) < 0)
pfatal ("Can't reopen file %s", quotearg (from));
while ((i = read (fromfd, buf, bufsize)) != 0)
{
@@ -625,6 +628,8 @@ copy_file (char const *from, char const
else
{
assert (S_ISREG (mode));
+ if (! follow_symlinks)
+ to_flags |= O_NOFOLLOW;
tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode,
to_dir_known_to_exist);
copy_to_fd (from, tofd);
@@ -640,9 +645,12 @@ copy_file (char const *from, char const
void
append_to_file (char const *from, char const *to)
{
+ int to_flags = O_WRONLY | O_APPEND | O_BINARY;
int tofd;
- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0)
+ if (! follow_symlinks)
+ to_flags |= O_NOFOLLOW;
+ if ((tofd = safe_open (to, to_flags, 0)) < 0)
pfatal ("Can't reopen file %s", quotearg (to));
copy_to_fd (from, tofd);
if (close (tofd) != 0)

33
tools/patch/patches/060-CVE-2019-13638.patch
View File

@ -1,33 +0,0 @@
From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 19:36:15 +0200
Subject: Invoke ed directly instead of using the shell
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
---
src/pch.c | 6 ++----
1 file changed, 2 insertions(+), 4 deletions(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
*outname_needs_removal = true;
copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
}
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
fflush (stdout);
pid = fork();
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
else if (pid == 0)
{
dup2 (tmpfd, 0);
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ assert (outname[0] != '!' && outname[0] != '-');
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
_exit (2);
}
else

33
tools/patch/patches/070-don-t-fail-hard-on-EACCES-when-copying-xattrs.patch
View File

@ -1,33 +0,0 @@
From f42cbe1a91a3a6f79d1eec594ce7c72aec79179b Mon Sep 17 00:00:00 2001
From: =?UTF-8?q?Thomas=20Wei=C3=9Fschuh?= <thomas@t-8ch.de>
Date: Wed, 9 Nov 2022 05:08:22 +0100
Subject: [PATCH] don't fail hard on EACCES when copying xattrs
On btrfs the xattr "btrfs.compressed" requires privileges to set,
otherwise EACCES is returned.
When patch tries to do copy this attribute it receives the error and
aborts.
---
src/util.c | 4 ++--
1 file changed, 2 insertions(+), 2 deletions(-)
--- a/src/util.c
+++ b/src/util.c
@@ -182,7 +182,7 @@ copy_attr_error (struct error_context *c
int err = errno;
va_list ap;
- if (err != ENOSYS && err != ENOTSUP && err != EPERM)
+ if (err != ENOSYS && err != ENOTSUP && err != EPERM && err != EACCES)
{
/* use verror module to print error message */
va_start (ap, fmt);
@@ -284,7 +284,7 @@ set_file_attributes (char const *to, enu
}
if (attr & FA_XATTRS)
if (copy_attr (from, to) != 0
- && errno != ENOSYS && errno != ENOTSUP && errno != EPERM)
+ && errno != ENOSYS && errno != ENOTSUP && errno != EPERM && errno != EACCES)
fatal_exit (0);
if (attr & FA_MODE)
{