From f17c283cdad0a9d33dfc8caa8994fb36e66fbf52 Mon Sep 17 00:00:00 2001 From: Russell Senior Date: Wed, 2 Apr 2025 05:57:34 -0700 Subject: [PATCH] patch: update to v2.8 Delete patches already upstream. Signed-off-by: Russell Senior --- devel/patch/Makefile | 6 +- devel/patch/patches/010-CVE-2018-6951.patch | 24 --- .../patch/patches/020-CVE-2018-1000156.patch | 189 ------------------ devel/patch/patches/030-CVE-2018-6952.patch | 25 --- devel/patch/patches/050-CVE-2019-13636.patch | 101 ---------- .../060-CVE-2018-20969-CVE-2019-13638.patch | 33 --- 6 files changed, 3 insertions(+), 375 deletions(-) delete mode 100644 devel/patch/patches/010-CVE-2018-6951.patch delete mode 100644 devel/patch/patches/020-CVE-2018-1000156.patch delete mode 100644 devel/patch/patches/030-CVE-2018-6952.patch delete mode 100644 devel/patch/patches/050-CVE-2019-13636.patch delete mode 100644 devel/patch/patches/060-CVE-2018-20969-CVE-2019-13638.patch diff --git a/devel/patch/Makefile b/devel/patch/Makefile index c842675034..70e7483fcc 100644 --- a/devel/patch/Makefile +++ b/devel/patch/Makefile @@ -8,12 +8,12 @@ include $(TOPDIR)/rules.mk PKG_NAME:=patch -PKG_VERSION:=2.7.6 -PKG_RELEASE:=7 +PKG_VERSION:=2.8 +PKG_RELEASE:=1 PKG_SOURCE:=$(PKG_NAME)-$(PKG_VERSION).tar.xz PKG_SOURCE_URL:=@GNU/patch -PKG_HASH:=ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd +PKG_HASH:=f87cee69eec2b4fcbf60a396b030ad6aa3415f192aa5f7ee84cad5e11f7f5ae3 PKG_LICENSE:=GPL-3.0-or-later PKG_LICENSE_FILES:=COPYING diff --git a/devel/patch/patches/010-CVE-2018-6951.patch b/devel/patch/patches/010-CVE-2018-6951.patch deleted file mode 100644 index eb8d51365c..0000000000 --- a/devel/patch/patches/010-CVE-2018-6951.patch +++ /dev/null @@ -1,24 +0,0 @@ -From 9bf998b5fcbcde1dea0e472dc1538abb97e9012e Mon Sep 17 00:00:00 2001 -From: Andreas Gruenbacher -Date: Mon, 12 Feb 2018 16:48:24 +0100 -Subject: [PATCH] Fix segfault with mangled rename patch - -http://savannah.gnu.org/bugs/?53132 -* src/pch.c (intuit_diff_type): Ensure that two filenames are specified -for renames and copies (fix the existing check). ---- - src/pch.c | 3 ++- - 1 file changed, 2 insertions(+), 1 deletion(-) - ---- a/src/pch.c -+++ b/src/pch.c -@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode - if ((pch_rename () || pch_copy ()) - && ! inname - && ! ((i == OLD || i == NEW) && -- p_name[! reverse] && -+ p_name[reverse] && p_name[! reverse] && -+ name_is_valid (p_name[reverse]) && - name_is_valid (p_name[! reverse]))) - { - say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy"); diff --git a/devel/patch/patches/020-CVE-2018-1000156.patch b/devel/patch/patches/020-CVE-2018-1000156.patch deleted file mode 100644 index e3c9f23198..0000000000 --- a/devel/patch/patches/020-CVE-2018-1000156.patch +++ /dev/null @@ -1,189 +0,0 @@ -From b56779aed483f0036a32a65e62ab7b5e461b07cc Mon Sep 17 00:00:00 2001 -From: Andreas Gruenbacher -Date: Fri, 6 Apr 2018 12:14:49 +0200 -Subject: [PATCH] Fix arbitrary command execution in ed-style patches - (CVE-2018-1000156) - -* src/pch.c (do_ed_script): Write ed script to a temporary file instead -of piping it to ed: this will cause ed to abort on invalid commands -instead of rejecting them and carrying on. -* tests/ed-style: New test case. -* tests/Makefile.am (TESTS): Add test case. (OPENWRT REMOVED) ---- - src/pch.c | 89 +++++++++++++++++++++++++++++++++++------------ - tests/Makefile.am | 1 + (OPENWRT REMOVED) - tests/ed-style | 41 ++++++++++++++++++++++ - 3 files changed, 108 insertions(+), 23 deletions(-) - create mode 100644 tests/ed-style - ---- a/src/pch.c -+++ b/src/pch.c -@@ -33,6 +33,7 @@ - # include - #endif - #include -+#include - - #define INITHUNKMAX 125 /* initial dynamic allocation size */ - -@@ -2389,22 +2390,28 @@ do_ed_script (char const *inname, char c - static char const editor_program[] = EDITOR_PROGRAM; - - file_offset beginning_of_this_line; -- FILE *pipefp = 0; - size_t chars_read; -+ FILE *tmpfp = 0; -+ char const *tmpname; -+ int tmpfd; -+ pid_t pid; -+ -+ if (! dry_run && ! skip_rest_of_patch) -+ { -+ /* Write ed script to a temporary file. This causes ed to abort on -+ invalid commands such as when line numbers or ranges exceed the -+ number of available lines. When ed reads from a pipe, it rejects -+ invalid commands and treats the next line as a new command, which -+ can lead to arbitrary command execution. */ -+ -+ tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); -+ if (tmpfd == -1) -+ pfatal ("Can't create temporary file %s", quotearg (tmpname)); -+ tmpfp = fdopen (tmpfd, "w+b"); -+ if (! tmpfp) -+ pfatal ("Can't open stream for file %s", quotearg (tmpname)); -+ } - -- if (! dry_run && ! skip_rest_of_patch) { -- int exclusive = *outname_needs_removal ? 0 : O_EXCL; -- assert (! inerrno); -- *outname_needs_removal = true; -- copy_file (inname, outname, 0, exclusive, instat.st_mode, true); -- sprintf (buf, "%s %s%s", editor_program, -- verbosity == VERBOSE ? "" : "- ", -- outname); -- fflush (stdout); -- pipefp = popen(buf, binary_transput ? "wb" : "w"); -- if (!pipefp) -- pfatal ("Can't open pipe to %s", quotearg (buf)); -- } - for (;;) { - char ed_command_letter; - beginning_of_this_line = file_tell (pfp); -@@ -2415,14 +2422,14 @@ do_ed_script (char const *inname, char c - } - ed_command_letter = get_ed_command_letter (buf); - if (ed_command_letter) { -- if (pipefp) -- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) -+ if (tmpfp) -+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) - write_fatal (); - if (ed_command_letter != 'd' && ed_command_letter != 's') { - p_pass_comments_through = true; - while ((chars_read = get_line ()) != 0) { -- if (pipefp) -- if (! fwrite (buf, sizeof *buf, chars_read, pipefp)) -+ if (tmpfp) -+ if (! fwrite (buf, sizeof *buf, chars_read, tmpfp)) - write_fatal (); - if (chars_read == 2 && strEQ (buf, ".\n")) - break; -@@ -2435,13 +2442,49 @@ do_ed_script (char const *inname, char c - break; - } - } -- if (!pipefp) -+ if (!tmpfp) - return; -- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, pipefp) == 0 -- || fflush (pipefp) != 0) -+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0 -+ || fflush (tmpfp) != 0) - write_fatal (); -- if (pclose (pipefp) != 0) -- fatal ("%s FAILED", editor_program); -+ -+ if (lseek (tmpfd, 0, SEEK_SET) == -1) -+ pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); -+ -+ if (! dry_run && ! skip_rest_of_patch) { -+ int exclusive = *outname_needs_removal ? 0 : O_EXCL; -+ *outname_needs_removal = true; -+ if (inerrno != ENOENT) -+ { -+ *outname_needs_removal = true; -+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true); -+ } -+ sprintf (buf, "%s %s%s", editor_program, -+ verbosity == VERBOSE ? "" : "- ", -+ outname); -+ fflush (stdout); -+ -+ pid = fork(); -+ if (pid == -1) -+ pfatal ("Can't fork"); -+ else if (pid == 0) -+ { -+ dup2 (tmpfd, 0); -+ execl ("/bin/sh", "sh", "-c", buf, (char *) 0); -+ _exit (2); -+ } -+ else -+ { -+ int wstatus; -+ if (waitpid (pid, &wstatus, 0) == -1 -+ || ! WIFEXITED (wstatus) -+ || WEXITSTATUS (wstatus) != 0) -+ fatal ("%s FAILED", editor_program); -+ } -+ } -+ -+ fclose (tmpfp); -+ safe_unlink (tmpname); - - if (ofp) - { ---- /dev/null -+++ b/tests/ed-style -@@ -0,0 +1,41 @@ -+# Copyright (C) 2018 Free Software Foundation, Inc. -+# -+# Copying and distribution of this file, with or without modification, -+# in any medium, are permitted without royalty provided the copyright -+# notice and this notice are preserved. -+ -+. $srcdir/test-lib.sh -+ -+require cat -+use_local_patch -+use_tmpdir -+ -+# ============================================================== -+ -+cat > ed1.diff < ed2.diff < /dev/null || echo "Status: $?"' < -Date: Fri, 17 Aug 2018 13:35:40 +0200 -Subject: [PATCH] Fix swapping fake lines in pch_swap - -* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a -blank line in the middle of a context-diff hunk: that empty line stays -in the middle of the hunk and isn't swapped. - -Fixes: https://savannah.gnu.org/bugs/index.php?53133 ---- - src/pch.c | 2 +- - 1 file changed, 1 insertion(+), 1 deletion(-) - ---- a/src/pch.c -+++ b/src/pch.c -@@ -2115,7 +2115,7 @@ pch_swap (void) - } - if (p_efake >= 0) { /* fix non-freeable ptr range */ - if (p_efake <= i) -- n = p_end - i + 1; -+ n = p_end - p_ptrn_lines; - else - n = -i; - p_efake += n; diff --git a/devel/patch/patches/050-CVE-2019-13636.patch b/devel/patch/patches/050-CVE-2019-13636.patch deleted file mode 100644 index d819838bba..0000000000 --- a/devel/patch/patches/050-CVE-2019-13636.patch +++ /dev/null @@ -1,101 +0,0 @@ -From dce4683cbbe107a95f1f0d45fabc304acfb5d71a Mon Sep 17 00:00:00 2001 -From: Andreas Gruenbacher -Date: Mon, 15 Jul 2019 16:21:48 +0200 -Subject: Don't follow symlinks unless --follow-symlinks is given - -* src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file, -append_to_file): Unless the --follow-symlinks option is given, open files with -the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing -that consistently for input files. -* src/util.c (create_backup): When creating empty backup files, (re)create them -with O_CREAT | O_EXCL to avoid following symlinks in that case as well. ---- - src/inp.c | 12 ++++++++++-- - src/util.c | 14 +++++++++++--- - 2 files changed, 21 insertions(+), 5 deletions(-) - ---- a/src/inp.c -+++ b/src/inp.c -@@ -238,8 +238,13 @@ plan_a (char const *filename) - { - if (S_ISREG (instat.st_mode)) - { -- int ifd = safe_open (filename, O_RDONLY|binary_transput, 0); -+ int flags = O_RDONLY | binary_transput; - size_t buffered = 0, n; -+ int ifd; -+ -+ if (! follow_symlinks) -+ flags |= O_NOFOLLOW; -+ ifd = safe_open (filename, flags, 0); - if (ifd < 0) - pfatal ("can't open file %s", quotearg (filename)); - -@@ -340,6 +345,7 @@ plan_a (char const *filename) - static void - plan_b (char const *filename) - { -+ int flags = O_RDONLY | binary_transput; - int ifd; - FILE *ifp; - int c; -@@ -353,7 +359,9 @@ plan_b (char const *filename) - - if (instat.st_size == 0) - filename = NULL_DEVICE; -- if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0 -+ if (! follow_symlinks) -+ flags |= O_NOFOLLOW; -+ if ((ifd = safe_open (filename, flags, 0)) < 0 - || ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r"))) - pfatal ("Can't open file %s", quotearg (filename)); - if (TMPINNAME_needs_removal) ---- a/src/util.c -+++ b/src/util.c -@@ -388,7 +388,7 @@ create_backup (char const *to, const str - - try_makedirs_errno = ENOENT; - safe_unlink (bakname); -- while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0) -+ while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0) - { - if (errno != try_makedirs_errno) - pfatal ("Can't create file %s", quotearg (bakname)); -@@ -579,10 +579,13 @@ create_file (char const *file, int open_ - static void - copy_to_fd (const char *from, int tofd) - { -+ int from_flags = O_RDONLY | O_BINARY; - int fromfd; - ssize_t i; - -- if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0) -+ if (! follow_symlinks) -+ from_flags |= O_NOFOLLOW; -+ if ((fromfd = safe_open (from, from_flags, 0)) < 0) - pfatal ("Can't reopen file %s", quotearg (from)); - while ((i = read (fromfd, buf, bufsize)) != 0) - { -@@ -625,6 +628,8 @@ copy_file (char const *from, char const - else - { - assert (S_ISREG (mode)); -+ if (! follow_symlinks) -+ to_flags |= O_NOFOLLOW; - tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode, - to_dir_known_to_exist); - copy_to_fd (from, tofd); -@@ -640,9 +645,12 @@ copy_file (char const *from, char const - void - append_to_file (char const *from, char const *to) - { -+ int to_flags = O_WRONLY | O_APPEND | O_BINARY; - int tofd; - -- if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0) -+ if (! follow_symlinks) -+ to_flags |= O_NOFOLLOW; -+ if ((tofd = safe_open (to, to_flags, 0)) < 0) - pfatal ("Can't reopen file %s", quotearg (to)); - copy_to_fd (from, tofd); - if (close (tofd) != 0) diff --git a/devel/patch/patches/060-CVE-2018-20969-CVE-2019-13638.patch b/devel/patch/patches/060-CVE-2018-20969-CVE-2019-13638.patch deleted file mode 100644 index 590cf186e7..0000000000 --- a/devel/patch/patches/060-CVE-2018-20969-CVE-2019-13638.patch +++ /dev/null @@ -1,33 +0,0 @@ -From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001 -From: Andreas Gruenbacher -Date: Fri, 6 Apr 2018 19:36:15 +0200 -Subject: Invoke ed directly instead of using the shell - -* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell -command to avoid quoting vulnerabilities. ---- - src/pch.c | 6 ++---- - 1 file changed, 2 insertions(+), 4 deletions(-) - ---- a/src/pch.c -+++ b/src/pch.c -@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c - *outname_needs_removal = true; - copy_file (inname, outname, 0, exclusive, instat.st_mode, true); - } -- sprintf (buf, "%s %s%s", editor_program, -- verbosity == VERBOSE ? "" : "- ", -- outname); - fflush (stdout); - - pid = fork(); -@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c - else if (pid == 0) - { - dup2 (tmpfd, 0); -- execl ("/bin/sh", "sh", "-c", buf, (char *) 0); -+ assert (outname[0] != '!' && outname[0] != '-'); -+ execlp (editor_program, editor_program, "-", outname, (char *) NULL); - _exit (2); - } - else