[arch-commits] Commit in patch/repos (3 files)

Allan McRae allan at archlinux.org
Wed Nov 13 00:08:57 UTC 2019 

    Date: Wednesday, November 13, 2019 @ 00:08:54
  Author: allan
Revision: 368034

archrelease: copy trunk to testing-x86_64

Added:
  patch/repos/testing-x86_64/
  patch/repos/testing-x86_64/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch
    (from rev 368033, patch/trunk/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch)
  patch/repos/testing-x86_64/PKGBUILD
    (from rev 368033, patch/trunk/PKGBUILD)

------------------------------------------------+
 19599883ffb6a450d2884f081f8ecf68edbed7ee.patch |   99 +++++++++++++++++++++++
 PKGBUILD                                       |   67 +++++++++++++++
 2 files changed, 166 insertions(+)

Copied: patch/repos/testing-x86_64/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch (from rev 368033, patch/trunk/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch)
===================================================================
--- testing-x86_64/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch	                        (rev 0)
+++ testing-x86_64/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch	2019-11-13 00:08:54 UTC (rev 368034)
@@ -0,0 +1,99 @@
+From 19599883ffb6a450d2884f081f8ecf68edbed7ee Mon Sep 17 00:00:00 2001
+From: Jean Delvare <jdelvare at suse.de>
+Date: Thu, 3 May 2018 14:31:55 +0200
+Subject: [PATCH] Don't leak temporary file on failed ed-style patch
+
+Now that we write ed-style patches to a temporary file before we
+apply them, we need to ensure that the temporary file is removed
+before we leave, even on fatal error.
+
+* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
+  tmpname. Don't unlink the file directly, instead tag it for removal
+  at exit time.
+* src/patch.c (cleanup): Unlink TMPEDNAME at exit.
+
+This closes bug #53820:
+https://savannah.gnu.org/bugs/index.php?53820
+
+Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
+---
+ src/common.h |  2 ++
+ src/patch.c  |  1 +
+ src/pch.c    | 11 +++++------
+ 3 files changed, 8 insertions(+), 6 deletions(-)
+
+diff --git a/src/common.h b/src/common.h
+index 904a3f8..53c5e32 100644
+--- a/src/common.h
++++ b/src/common.h
+@@ -94,10 +94,12 @@ XTERN char const *origsuff;
+ XTERN char const * TMPINNAME;
+ XTERN char const * TMPOUTNAME;
+ XTERN char const * TMPPATNAME;
++XTERN char const * TMPEDNAME;
+ 
+ XTERN bool TMPINNAME_needs_removal;
+ XTERN bool TMPOUTNAME_needs_removal;
+ XTERN bool TMPPATNAME_needs_removal;
++XTERN bool TMPEDNAME_needs_removal;
+ 
+ #ifdef DEBUGGING
+ XTERN int debug;
+diff --git a/src/patch.c b/src/patch.c
+index 3fcaec5..9146597 100644
+--- a/src/patch.c
++++ b/src/patch.c
+@@ -1999,6 +1999,7 @@ cleanup (void)
+   remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal);
+   remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
+   remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal);
++  remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
+   remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal);
+   output_files (NULL);
+ }
+diff --git a/src/pch.c b/src/pch.c
+index 79a3c99..1bb3153 100644
+--- a/src/pch.c
++++ b/src/pch.c
+@@ -2396,7 +2396,6 @@ do_ed_script (char const *inname, char const *outname,
+     file_offset beginning_of_this_line;
+     size_t chars_read;
+     FILE *tmpfp = 0;
+-    char const *tmpname;
+     int tmpfd;
+     pid_t pid;
+
+@@ -2411,12 +2410,13 @@ do_ed_script (char const *inname, char const *outname,
+ 	   invalid commands and treats the next line as a new command, which
+ 	   can lead to arbitrary command execution.  */
+ 
+-	tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
++	tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0);
+ 	if (tmpfd == -1)
+-	  pfatal ("Can't create temporary file %s", quotearg (tmpname));
++	  pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME));
++	TMPEDNAME_needs_removal = true;
+ 	tmpfp = fdopen (tmpfd, "w+b");
+ 	if (! tmpfp)
+-	  pfatal ("Can't open stream for file %s", quotearg (tmpname));
++	  pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME));
+       }
+ 
+     for (;;) {
+@@ -2457,7 +2457,7 @@ do_ed_script (char const *inname, char const *outname,
+       write_fatal ();
+ 
+     if (lseek (tmpfd, 0, SEEK_SET) == -1)
+-      pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
++      pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME));
+ 
+     if (inerrno != ENOENT)
+       {
+@@ -2484,7 +2484,6 @@ do_ed_script (char const *inname, char const *outname,
+       pfatal ("Failed to duplicate standard input");
+ 
+     fclose (tmpfp);
+-    safe_unlink (tmpname);
+ 
+     if (ofp)
+       {

Copied: patch/repos/testing-x86_64/PKGBUILD (from rev 368033, patch/trunk/PKGBUILD)
===================================================================
--- testing-x86_64/PKGBUILD	                        (rev 0)
+++ testing-x86_64/PKGBUILD	2019-11-13 00:08:54 UTC (rev 368034)
@@ -0,0 +1,67 @@
+# Maintainer: Sébastien Luttringer <seblu at archlinux.org>
+# Maintainer: Levente Polyak <anthraxx[at]archlinux[dot]org>
+# Contributor: Allan McRae <allan at archlinux.org>
+# Contributor: judd <jvinet at zeroflux.org>
+
+pkgname=patch
+pkgver=2.7.6
+pkgrel=8
+pkgdesc='A utility to apply patch files to original sources'
+arch=('x86_64')
+url='https://www.gnu.org/software/patch/'
+license=('GPL')
+groups=('base-devel')
+depends=('glibc' 'attr')
+makedepends=('ed')
+optdepends=('ed: for patch -e functionality')
+validpgpkeys=('259B3792B3D6D319212CC4DCD5BF9FEB0313653A') # Andreas Gruenbacher
+source=("https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz"{,.sig}
+        'https://github.com/mirror/patch/commit/f290f48a621867084884bfff87f8093c15195e6a.patch' # CVE-2018-6951
+        'https://github.com/mirror/patch/commit/b5a91a01e5d0897facdd0f49d64b76b0f02b43e1.patch'
+        'https://github.com/mirror/patch/commit/123eaff0d5d1aebe128295959435b9ca5909c26d.patch' # CVE-2018-1000156
+        'https://github.com/mirror/patch/commit/3fcd042d26d70856e826a42b5f93dc4854d80bf0.patch'
+        '19599883ffb6a450d2884f081f8ecf68edbed7ee.patch' # Fix memory leaks introduced in CVE-2018-1000165
+        'https://github.com/mirror/patch/commit/369dcccdfa6336e5a873d6d63705cfbe04c55727.patch'
+        'https://github.com/mirror/patch/commit/9c986353e420ead6e706262bf204d6e03322c300.patch' # CVE-2018-6952
+        )
+sha256sums=('ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd'
+            'SKIP'
+            '38d28c34524c6ac4585d47e0fe8349508e9e4b014872798cb2bf2bc48e5af2d4'
+            'b7829673090bcd74110ac040cc6e503113ef770e48d34758c04418cf9c8bfa87'
+            '9158cb3cd4bed0c4fe5a7f1254e0e2642e0ad583dc8b5df8ee296a13d695270d'
+            '473f8a7fa8152a3c7803633e2a3072dab545b74377ea618451ceda4283643364'
+            '6d64a8b8ddfb802ec0aa804388eb5ef51ac808c7a5c111d10490c270eb4fe727'
+            'e1fc8a8aa2cad71b2a6207241ea71a33a7e3dacb8533ad54af35170c5a6562d1'
+            '4b9e81985ca057fa39daed34a4710eb113f08b3d1ce77a7121ddd8e3fae8007a')
+
+prepare() {
+  cd $pkgname-$pkgver
+  # apply patch from the source array (should be a pacman feature)
+  local src
+  for src in "${source[@]}"; do
+    src="${src%%::*}"
+    src="${src##*/}"
+    [[ $src = *.patch ]] || continue
+    msg2 "Applying patch $src..."
+    patch -Np1 < "../$src"
+  done
+  autoreconf -fiv
+}
+
+build() {
+  cd $pkgname-$pkgver
+  ./configure --prefix=/usr
+  make
+}
+
+check() {
+  cd $pkgname-$pkgver
+  make check
+}
+
+package() {
+  cd $pkgname-$pkgver
+  make DESTDIR="$pkgdir" install
+}
+
+# vim:set ts=2 sw=2 et:

More information about the arch-commits mailing list