forked from openwrt/openwrt
-
Notifications
You must be signed in to change notification settings - Fork 0
Commit
This commit does not belong to any branch on this repository, and may belong to a fork outside of the repository.
tools: patch: Add missing CVE-2018-6951 fix
uscan reports a new CVE now that PKG_CPE_ID was added. Reordered patches by date. Signed-off-by: Rosen Penev <[email protected]> [re-title commit & refresh patches] Signed-off-by: Kevin Darbyshire-Bryant <[email protected]>
- Loading branch information
Showing
4 changed files
with
33 additions
and
12 deletions.
There are no files selected for viewing
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,24 @@ | ||
| From 1f7853c05f9949d81da9be7a02b90cc64284d1f8 Mon Sep 17 00:00:00 2001 | ||
| From: Andreas Gruenbacher <[email protected]> | ||
| Date: Mon, 12 Feb 2018 16:48:24 +0100 | ||
| Subject: [PATCH] Fix segfault with mangled rename patch | ||
|
|
||
| http://savannah.gnu.org/bugs/?53132 | ||
| * src/pch.c (intuit_diff_type): Ensure that two filenames are specified | ||
| for renames and copies (fix the existing check). | ||
| --- | ||
| src/pch.c | 3 ++- | ||
| 1 file changed, 2 insertions(+), 1 deletion(-) | ||
|
|
||
| --- a/src/pch.c | ||
| +++ b/src/pch.c | ||
| @@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode | ||
| if ((pch_rename () || pch_copy ()) | ||
| && ! inname | ||
| && ! ((i == OLD || i == NEW) && | ||
| - p_name[! reverse] && | ||
| + p_name[reverse] && p_name[! reverse] && | ||
| + name_is_valid (p_name[reverse]) && | ||
| name_is_valid (p_name[! reverse]))) | ||
| { | ||
| say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy"); |
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From ee2904728eb4364a36d62d66f723d0b68749e5df Mon Sep 17 00:00:00 2001 | ||
| From b3a0ca3deed00334f9feece43f76776b6a168e47 Mon Sep 17 00:00:00 2001 | ||
| From: Andreas Gruenbacher <[email protected]> | ||
| Date: Fri, 6 Apr 2018 12:14:49 +0200 | ||
| Subject: [PATCH] Fix arbitrary command execution in ed-style patches | ||
|
|
@@ -10,11 +10,8 @@ instead of rejecting them and carrying on. | |
| * tests/ed-style: New test case. | ||
| * tests/Makefile.am (TESTS): Add test case. | ||
| --- | ||
| src/pch.c | 89 +++++++++++++++++++++++++++++++++++------------ | ||
| tests/Makefile.am | 1 + | ||
| tests/ed-style | 41 ++++++++++++++++++++++ | ||
| 3 files changed, 108 insertions(+), 23 deletions(-) | ||
| create mode 100644 tests/ed-style | ||
| src/pch.c | 89 +++++++++++++++++++++++++++++++++++++++++-------------- | ||
| 1 file changed, 66 insertions(+), 23 deletions(-) | ||
|
|
||
| --- a/src/pch.c | ||
| +++ b/src/pch.c | ||
|
|
@@ -26,7 +23,7 @@ instead of rejecting them and carrying on. | |
|
|
||
| #define INITHUNKMAX 125 /* initial dynamic allocation size */ | ||
|
|
||
| @@ -2388,22 +2389,28 @@ do_ed_script (char const *inname, char c | ||
| @@ -2389,22 +2390,28 @@ do_ed_script (char const *inname, char c | ||
| static char const editor_program[] = EDITOR_PROGRAM; | ||
|
|
||
| file_offset beginning_of_this_line; | ||
|
|
@@ -69,7 +66,7 @@ instead of rejecting them and carrying on. | |
| for (;;) { | ||
| char ed_command_letter; | ||
| beginning_of_this_line = file_tell (pfp); | ||
| @@ -2414,14 +2421,14 @@ do_ed_script (char const *inname, char c | ||
| @@ -2415,14 +2422,14 @@ do_ed_script (char const *inname, char c | ||
| } | ||
| ed_command_letter = get_ed_command_letter (buf); | ||
| if (ed_command_letter) { | ||
|
|
@@ -88,7 +85,7 @@ instead of rejecting them and carrying on. | |
| write_fatal (); | ||
| if (chars_read == 2 && strEQ (buf, ".\n")) | ||
| break; | ||
| @@ -2434,13 +2441,49 @@ do_ed_script (char const *inname, char c | ||
| @@ -2435,13 +2442,49 @@ do_ed_script (char const *inname, char c | ||
| break; | ||
| } | ||
| } | ||
|
|
||
This file contains bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -1,4 +1,4 @@ | ||
| From daa51e492049d9fe3ac049165ec19641bf19cd7f Mon Sep 17 00:00:00 2001 | ||
| From df40f2ea17254de269a3624319a12a93a4e395ff Mon Sep 17 00:00:00 2001 | ||
| From: Andreas Gruenbacher <[email protected]> | ||
| Date: Fri, 17 Aug 2018 13:35:40 +0200 | ||
| Subject: [PATCH] Fix swapping fake lines in pch_swap | ||
|
|
@@ -14,7 +14,7 @@ Fixes: https://savannah.gnu.org/bugs/index.php?53133 | |
|
|
||
| --- a/src/pch.c | ||
| +++ b/src/pch.c | ||
| @@ -2114,7 +2114,7 @@ pch_swap (void) | ||
| @@ -2115,7 +2115,7 @@ pch_swap (void) | ||
| } | ||
| if (p_efake >= 0) { /* fix non-freeable ptr range */ | ||
| if (p_efake <= i) | ||
|
|
||