pyrox.dev / nixpkgs
lol
fork atom

gnupatch: apply patches for CVE-2019-1363 and CVE-2019-13638

Andreas Rammhold 49c4c4a5 cb3ce5d2

+152
unified split
+108
pkgs/tools/text/gnupatch/CVE-2019-13636.patch
··· 1 + From dce4683cbbe107a95f1f0d45fabc304acfb5d71a Mon Sep 17 00:00:00 2001 2 + From: Andreas Gruenbacher <agruen@gnu.org> 3 + Date: Mon, 15 Jul 2019 16:21:48 +0200 4 + Subject: Don't follow symlinks unless --follow-symlinks is given 5 + 6 + * src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file, 7 + append_to_file): Unless the --follow-symlinks option is given, open files with 8 + the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing 9 + that consistently for input files. 10 + * src/util.c (create_backup): When creating empty backup files, (re)create them 11 + with O_CREAT | O_EXCL to avoid following symlinks in that case as well. 12 + --- 13 + src/inp.c | 12 ++++++++++-- 14 + src/util.c | 14 +++++++++++--- 15 + 2 files changed, 21 insertions(+), 5 deletions(-) 16 + 17 + diff --git a/src/inp.c b/src/inp.c 18 + index 32d0919..22d7473 100644 19 + --- a/src/inp.c 20 + +++ b/src/inp.c 21 + @@ -238,8 +238,13 @@ plan_a (char const *filename) 22 + { 23 + if (S_ISREG (instat.st_mode)) 24 + { 25 + - int ifd = safe_open (filename, O_RDONLY|binary_transput, 0); 26 + + int flags = O_RDONLY | binary_transput; 27 + size_t buffered = 0, n; 28 + + int ifd; 29 + + 30 + + if (! follow_symlinks) 31 + + flags |= O_NOFOLLOW; 32 + + ifd = safe_open (filename, flags, 0); 33 + if (ifd < 0) 34 + pfatal ("can't open file %s", quotearg (filename)); 35 + 36 + @@ -340,6 +345,7 @@ plan_a (char const *filename) 37 + static void 38 + plan_b (char const *filename) 39 + { 40 + + int flags = O_RDONLY | binary_transput; 41 + int ifd; 42 + FILE *ifp; 43 + int c; 44 + @@ -353,7 +359,9 @@ plan_b (char const *filename) 45 + 46 + if (instat.st_size == 0) 47 + filename = NULL_DEVICE; 48 + - if ((ifd = safe_open (filename, O_RDONLY | binary_transput, 0)) < 0 49 + + if (! follow_symlinks) 50 + + flags |= O_NOFOLLOW; 51 + + if ((ifd = safe_open (filename, flags, 0)) < 0 52 + || ! (ifp = fdopen (ifd, binary_transput ? "rb" : "r"))) 53 + pfatal ("Can't open file %s", quotearg (filename)); 54 + if (TMPINNAME_needs_removal) 55 + diff --git a/src/util.c b/src/util.c 56 + index 1cc08ba..fb38307 100644 57 + --- a/src/util.c 58 + +++ b/src/util.c 59 + @@ -388,7 +388,7 @@ create_backup (char const *to, const struct stat *to_st, bool leave_original) 60 + 61 + try_makedirs_errno = ENOENT; 62 + safe_unlink (bakname); 63 + - while ((fd = safe_open (bakname, O_CREAT | O_WRONLY | O_TRUNC, 0666)) < 0) 64 + + while ((fd = safe_open (bakname, O_CREAT | O_EXCL | O_WRONLY | O_TRUNC, 0666)) < 0) 65 + { 66 + if (errno != try_makedirs_errno) 67 + pfatal ("Can't create file %s", quotearg (bakname)); 68 + @@ -579,10 +579,13 @@ create_file (char const *file, int open_flags, mode_t mode, 69 + static void 70 + copy_to_fd (const char *from, int tofd) 71 + { 72 + + int from_flags = O_RDONLY | O_BINARY; 73 + int fromfd; 74 + ssize_t i; 75 + 76 + - if ((fromfd = safe_open (from, O_RDONLY | O_BINARY, 0)) < 0) 77 + + if (! follow_symlinks) 78 + + from_flags |= O_NOFOLLOW; 79 + + if ((fromfd = safe_open (from, from_flags, 0)) < 0) 80 + pfatal ("Can't reopen file %s", quotearg (from)); 81 + while ((i = read (fromfd, buf, bufsize)) != 0) 82 + { 83 + @@ -625,6 +628,8 @@ copy_file (char const *from, char const *to, struct stat *tost, 84 + else 85 + { 86 + assert (S_ISREG (mode)); 87 + + if (! follow_symlinks) 88 + + to_flags |= O_NOFOLLOW; 89 + tofd = create_file (to, O_WRONLY | O_BINARY | to_flags, mode, 90 + to_dir_known_to_exist); 91 + copy_to_fd (from, tofd); 92 + @@ -640,9 +645,12 @@ copy_file (char const *from, char const *to, struct stat *tost, 93 + void 94 + append_to_file (char const *from, char const *to) 95 + { 96 + + int to_flags = O_WRONLY | O_APPEND | O_BINARY; 97 + int tofd; 98 + 99 + - if ((tofd = safe_open (to, O_WRONLY | O_BINARY | O_APPEND, 0)) < 0) 100 + + if (! follow_symlinks) 101 + + to_flags |= O_NOFOLLOW; 102 + + if ((tofd = safe_open (to, to_flags, 0)) < 0) 103 + pfatal ("Can't reopen file %s", quotearg (to)); 104 + copy_to_fd (from, tofd); 105 + if (close (tofd) != 0) 106 + -- 107 + cgit v1.0-41-gc330 108 +
+38
pkgs/tools/text/gnupatch/CVE-2019-13638.patch
··· 1 + From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001 2 + From: Andreas Gruenbacher <agruen@gnu.org> 3 + Date: Fri, 6 Apr 2018 19:36:15 +0200 4 + Subject: Invoke ed directly instead of using the shell 5 + 6 + * src/pch.c (do_ed_script): Invoke ed directly instead of using a shell 7 + command to avoid quoting vulnerabilities. 8 + --- 9 + src/pch.c | 6 ++---- 10 + 1 file changed, 2 insertions(+), 4 deletions(-) 11 + 12 + diff --git a/src/pch.c b/src/pch.c 13 + index 4fd5a05..16e001a 100644 14 + --- a/src/pch.c 15 + +++ b/src/pch.c 16 + @@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname, 17 + *outname_needs_removal = true; 18 + copy_file (inname, outname, 0, exclusive, instat.st_mode, true); 19 + } 20 + - sprintf (buf, "%s %s%s", editor_program, 21 + - verbosity == VERBOSE ? "" : "- ", 22 + - outname); 23 + fflush (stdout); 24 + 25 + pid = fork(); 26 + @@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname, 27 + else if (pid == 0) 28 + { 29 + dup2 (tmpfd, 0); 30 + - execl ("/bin/sh", "sh", "-c", buf, (char *) 0); 31 + + assert (outname[0] != '!' && outname[0] != '-'); 32 + + execlp (editor_program, editor_program, "-", outname, (char *) NULL); 33 + _exit (2); 34 + } 35 + else 36 + -- 37 + cgit v1.0-41-gc330 38 +
+6
pkgs/tools/text/gnupatch/default.nix
··· 23 23 }) 24 24 # https://git.savannah.gnu.org/cgit/patch.git/commit/?id=9c986353e420ead6e706262bf204d6e03322c300 25 25 ./CVE-2018-6952.patch 26 + 27 + # https://git.savannah.gnu.org/cgit/patch.git/patch/?id=dce4683cbbe107a95f1f0d45fabc304acfb5d71a 28 + ./CVE-2019-13636.patch 29 + 30 + # https://git.savannah.gnu.org/cgit/patch.git/patch/?id=3fcd042d26d70856e826a42b5f93dc4854d80bf0 31 + ./CVE-2019-13638.patch 26 32 ]; 27 33 28 34 nativeBuildInputs = [ autoreconfHook ];