diff --git a/patch/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch b/patch/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch new file mode 100644 index 0000000000..a24d120542 --- /dev/null +++ b/patch/19599883ffb6a450d2884f081f8ecf68edbed7ee.patch @@ -0,0 +1,99 @@ +From 19599883ffb6a450d2884f081f8ecf68edbed7ee Mon Sep 17 00:00:00 2001 +From: Jean Delvare +Date: Thu, 3 May 2018 14:31:55 +0200 +Subject: [PATCH] Don't leak temporary file on failed ed-style patch + +Now that we write ed-style patches to a temporary file before we +apply them, we need to ensure that the temporary file is removed +before we leave, even on fatal error. + +* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local + tmpname. Don't unlink the file directly, instead tag it for removal + at exit time. +* src/patch.c (cleanup): Unlink TMPEDNAME at exit. + +This closes bug #53820: +https://savannah.gnu.org/bugs/index.php?53820 + +Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)") +--- + src/common.h | 2 ++ + src/patch.c | 1 + + src/pch.c | 11 +++++------ + 3 files changed, 8 insertions(+), 6 deletions(-) + +diff --git a/src/common.h b/src/common.h +index 904a3f8..53c5e32 100644 +--- a/src/common.h ++++ b/src/common.h +@@ -94,10 +94,12 @@ XTERN char const *origsuff; + XTERN char const * TMPINNAME; + XTERN char const * TMPOUTNAME; + XTERN char const * TMPPATNAME; ++XTERN char const * TMPEDNAME; + + XTERN bool TMPINNAME_needs_removal; + XTERN bool TMPOUTNAME_needs_removal; + XTERN bool TMPPATNAME_needs_removal; ++XTERN bool TMPEDNAME_needs_removal; + + #ifdef DEBUGGING + XTERN int debug; +diff --git a/src/patch.c b/src/patch.c +index 3fcaec5..9146597 100644 +--- a/src/patch.c ++++ b/src/patch.c +@@ -1999,6 +1999,7 @@ cleanup (void) + remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal); + remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal); + remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal); ++ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal); + remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal); + output_files (NULL); + } +diff --git a/src/pch.c b/src/pch.c +index 79a3c99..1bb3153 100644 +--- a/src/pch.c ++++ b/src/pch.c +@@ -2396,7 +2396,6 @@ do_ed_script (char const *inname, char const *outname, + file_offset beginning_of_this_line; + size_t chars_read; + FILE *tmpfp = 0; +- char const *tmpname; + int tmpfd; + pid_t pid; + +@@ -2411,12 +2410,13 @@ do_ed_script (char const *inname, char const *outname, + invalid commands and treats the next line as a new command, which + can lead to arbitrary command execution. */ + +- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0); ++ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0); + if (tmpfd == -1) +- pfatal ("Can't create temporary file %s", quotearg (tmpname)); ++ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME)); ++ TMPEDNAME_needs_removal = true; + tmpfp = fdopen (tmpfd, "w+b"); + if (! tmpfp) +- pfatal ("Can't open stream for file %s", quotearg (tmpname)); ++ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME)); + } + + for (;;) { +@@ -2457,7 +2457,7 @@ do_ed_script (char const *inname, char const *outname, + write_fatal (); + + if (lseek (tmpfd, 0, SEEK_SET) == -1) +- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname)); ++ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME)); + + if (inerrno != ENOENT) + { +@@ -2484,7 +2484,6 @@ do_ed_script (char const *inname, char const *outname, + pfatal ("Failed to duplicate standard input"); + + fclose (tmpfp); +- safe_unlink (tmpname); + + if (ofp) + { diff --git a/patch/PKGBUILD b/patch/PKGBUILD new file mode 100644 index 0000000000..fe6285a84a --- /dev/null +++ b/patch/PKGBUILD @@ -0,0 +1,68 @@ +# POWER Maintainer: Alexander Baldeck +# Maintainer: Sébastien Luttringer +# Maintainer: Levente Polyak +# Contributor: Allan McRae +# Contributor: judd + +pkgname=patch +pkgver=2.7.6 +pkgrel=8 +pkgdesc='A utility to apply patch files to original sources' +arch=(x86_64 powerpc64le) +url='https://www.gnu.org/software/patch/' +license=('GPL') +groups=('base-devel') +depends=('glibc' 'attr') +makedepends=('ed') +optdepends=('ed: for patch -e functionality') +validpgpkeys=('259B3792B3D6D319212CC4DCD5BF9FEB0313653A') # Andreas Gruenbacher +source=("https://ftp.gnu.org/gnu/$pkgname/$pkgname-$pkgver.tar.xz"{,.sig} + 'https://github.com/mirror/patch/commit/f290f48a621867084884bfff87f8093c15195e6a.patch' # CVE-2018-6951 + 'https://github.com/mirror/patch/commit/b5a91a01e5d0897facdd0f49d64b76b0f02b43e1.patch' + 'https://github.com/mirror/patch/commit/123eaff0d5d1aebe128295959435b9ca5909c26d.patch' # CVE-2018-1000156 + 'https://github.com/mirror/patch/commit/3fcd042d26d70856e826a42b5f93dc4854d80bf0.patch' + '19599883ffb6a450d2884f081f8ecf68edbed7ee.patch' # Fix memory leaks introduced in CVE-2018-1000165 + 'https://github.com/mirror/patch/commit/369dcccdfa6336e5a873d6d63705cfbe04c55727.patch' + 'https://github.com/mirror/patch/commit/9c986353e420ead6e706262bf204d6e03322c300.patch' # CVE-2018-6952 + ) +sha256sums=('ac610bda97abe0d9f6b7c963255a11dcb196c25e337c61f94e4778d632f1d8fd' + 'SKIP' + '38d28c34524c6ac4585d47e0fe8349508e9e4b014872798cb2bf2bc48e5af2d4' + 'b7829673090bcd74110ac040cc6e503113ef770e48d34758c04418cf9c8bfa87' + '9158cb3cd4bed0c4fe5a7f1254e0e2642e0ad583dc8b5df8ee296a13d695270d' + '473f8a7fa8152a3c7803633e2a3072dab545b74377ea618451ceda4283643364' + '6d64a8b8ddfb802ec0aa804388eb5ef51ac808c7a5c111d10490c270eb4fe727' + 'e1fc8a8aa2cad71b2a6207241ea71a33a7e3dacb8533ad54af35170c5a6562d1' + '4b9e81985ca057fa39daed34a4710eb113f08b3d1ce77a7121ddd8e3fae8007a') + +prepare() { + cd $pkgname-$pkgver + # apply patch from the source array (should be a pacman feature) + local src + for src in "${source[@]}"; do + src="${src%%::*}" + src="${src##*/}" + [[ $src = *.patch ]] || continue + msg2 "Applying patch $src..." + patch -Np1 < "../$src" + done + autoreconf -fiv +} + +build() { + cd $pkgname-$pkgver + ./configure --prefix=/usr + make +} + +check() { + cd $pkgname-$pkgver + make check +} + +package() { + cd $pkgname-$pkgver + make DESTDIR="$pkgdir" install +} + +# vim:set ts=2 sw=2 et: