kumquat-buildroot/package/patch/0002-Allow-input-files-to-be-missing-for-ed-style-patches.patch
Baruch Siach f4a4df2084 patch: add upstream security fix
Fixes CVE-2018-1000156: arbitrary command execution in ed-style patches.

Depend on MMU for now, because the patch adds a fork() call. Upstream
later switched to gnulib provided execute(), so this dependency can be
dropped on the next version bump.

Signed-off-by: Baruch Siach <baruch@tkos.co.il>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
2018-04-09 20:59:02 +02:00

38 lines
1.1 KiB
Diff

From b5a91a01e5d0897facdd0f49d64b76b0f02b43e1 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri, 6 Apr 2018 11:34:51 +0200
Subject: [PATCH] Allow input files to be missing for ed-style patches
* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.
Signed-off-by: Baruch Siach <baruch@tkos.co.il>
---
Upstream status: commit b5a91a01e5d0
src/pch.c | 8 +++++---
1 file changed, 5 insertions(+), 3 deletions(-)
diff --git a/src/pch.c b/src/pch.c
index bc6278c4032c..0c5cc2623079 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char const *outname,
if (! dry_run && ! skip_rest_of_patch) {
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
sprintf (buf, "%s %s%s", editor_program,
verbosity == VERBOSE ? "" : "- ",
outname);
--
2.16.3