Package: patch / 2.7.6-7

Metadata

Package Version Patches format
patch 2.7.6-7 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
path_max | (download)

src/util.c | 5 5 + 0 - 0 !
1 file changed, 5 insertions(+)

---
558485 backupmode | (download)

patch.man | 3 0 + 3 - 0 !
1 file changed, 3 deletions(-)

---
m merge | (download)

src/patch.c | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

---
Fix_segfault_with_mangled_rename_patch.patch | (download)

src/pch.c | 3 2 + 1 - 0 !
1 file changed, 2 insertions(+), 1 deletion(-)

 fix segfault with mangled rename patch

http://savannah.gnu.org/bugs/?53132
Allow_input_files_to_be_missing_for_ed style_patches.patch | (download)

src/pch.c | 8 5 + 3 - 0 !
1 file changed, 5 insertions(+), 3 deletions(-)

 allow input files to be missing for ed-style patches

* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.

Fix_arbitrary_command_execution_in_ed style_patches.patch | (download)

src/pch.c | 91 66 + 25 - 0 !
tests/Makefile.am | 1 1 + 0 - 0 !
tests/ed-style | 41 41 + 0 - 0 !
3 files changed, 108 insertions(+), 25 deletions(-)

 fix arbitrary command execution in ed-style patches
 (CVE-2018-1000156)

* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.

0001 Fix ed style test failure.patch | (download)

tests/ed-style | 3 1 + 2 - 0 !
1 file changed, 1 insertion(+), 2 deletions(-)

 [patch] fix 'ed-style' test failure.

* tests/ed-style: Remove '?' line from expected output.

0002 Abort_when_cleaning_up_fails.patch | (download)

src/patch.c | 8 6 + 2 - 0 !
1 file changed, 6 insertions(+), 2 deletions(-)

 abort when cleaning up fails

When a fatal error triggers during cleanup, another attempt will be made to
clean up, which will likely lead to the same fatal error.  So instead, bail out
when that happens.
src/patch.c (cleanup): Bail out when called recursively.
(main): There is no need to call output_files() before cleanup() as cleanup()
already does that.

0003 Do_not_crash_when_RLIMIT_NOFILE_is_set_to_RLIM_INFINITY.patch | (download)

src/safe.c | 36 23 + 13 - 0 !
1 file changed, 23 insertions(+), 13 deletions(-)

 don't crash when rlimit_nofile is set to rlim_infinity

* src/safe.c (min_cached_fds): Define minimum number of cached dir file
descriptors.
(max_cached_fds): Change type to rlim_t to allow storing RLIM_INFINITY.
(init_dirfd_cache): Set max_cached_fds to RLIM_INFINITY when RLIMIT_NOFILE is
RLIM_INFINITY.  Set the initial hash table size to min_cached_fds, independent
of RLIMIT_NOFILE: patches commonly only affect one or a few files, so a small
hash table will usually suffice; if needed, the hash table will grow.
(insert_cached_dirfd): Don't shrink the cache when max_cached_fds is
RLIM_INFINITY.

0004 CVE 2019 13636.patch | (download)

src/inp.c | 12 10 + 2 - 0 !
src/util.c | 14 11 + 3 - 0 !
2 files changed, 21 insertions(+), 5 deletions(-)

 don't follow symlinks unless --follow-symlinks is given

* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file,
append_to_file): Unless the --follow-symlinks option is given, open files with
the O_NOFOLLOW flag to avoid following symlinks.  So far, we were only doing
that consistently for input files.
* src/util.c (create_backup): When creating empty backup files, (re)create them
with O_CREAT | O_EXCL to avoid following symlinks in that case as well.

0005 CVE 2019 13638.patch | (download)

src/pch.c | 6 2 + 4 - 0 !
1 file changed, 2 insertions(+), 4 deletions(-)

 invoke ed directly instead of using the shell

* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.

0006 Do_not_leak_temporary_file.patch | (download)

src/common.h | 2 2 + 0 - 0 !
src/patch.c | 1 1 + 0 - 0 !
src/pch.c | 11 5 + 6 - 0 !
3 files changed, 8 insertions(+), 6 deletions(-)

 don't leak temporary file on failed ed-style patch

Now that we write ed-style patches to a temporary file before we
apply them, we need to ensure that the temporary file is removed
before we leave, even on fatal error.

* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
  tmpname. Don't unlink the file directly, instead tag it for removal
  at exit time.
* src/patch.c (cleanup): Unlink TMPEDNAME at exit.

This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820

Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")

0007 Do_not_leak_temporary_file_on_failed_multi file.patch | (download)

src/patch.c | 1 1 + 0 - 0 !
tests/ed-style | 31 31 + 0 - 0 !
2 files changed, 32 insertions(+)

 don't leak temporary file on failed multi-file ed-style patch

The previous fix worked fine with single-file ed-style patches, but
would still leak temporary files in the case of multi-file ed-style
patch. Fix that case as well, and extend the test case to check for
it.

* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
  the next file in a patch.

This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820

Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")

0008 Avoid_invalid_memory_access_in_context_format_diffs.patch | (download)

src/pch.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 avoid invalid memory access in context format diffs

* src/pch.c (another_hunk): Avoid invalid memory access in context format
0009 Fix_failed_assertion_outstate after_newline.patch | (download)

src/patch.c | 7 7 + 0 - 0 !
1 file changed, 7 insertions(+)

 fix failed assertion 'outstate->after_newline'

The assertion triggers when the -o FILE option is used, more than one output
file is written into FILE, and one of those files (except the last one) ends in
the middle of a line.
* src/patch.c (main): Fix the case described above.