mirror of
https://github.com/gentoo-mirror/gentoo.git
synced 2026-01-05 14:07:27 -08:00
b4e5bfd9d4
Bug: https://bugs.gentoo.org/690136 Package-Manager: Portage-2.3.71, Repoman-2.3.17 Signed-off-by: Thomas Deutschmann <whissi@gentoo.org>
38 lines
1.2 KiB
Diff
38 lines
1.2 KiB
Diff
From 369dcccdfa6336e5a873d6d63705cfbe04c55727 Mon Sep 17 00:00:00 2001
|
|
From: Jean Delvare <jdelvare@suse.de>
|
|
Date: Mon, 7 May 2018 15:14:45 +0200
|
|
Subject: Don't leak temporary file on failed multi-file ed-style patch
|
|
|
|
The previous fix worked fine with single-file ed-style patches, but
|
|
would still leak temporary files in the case of multi-file ed-style
|
|
patch. Fix that case as well, and extend the test case to check for
|
|
it.
|
|
|
|
* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
|
|
the next file in a patch.
|
|
|
|
This closes bug #53820:
|
|
https://savannah.gnu.org/bugs/index.php?53820
|
|
|
|
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
|
|
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
|
|
---
|
|
src/patch.c | 1 +
|
|
2 files changed, 32 insertions(+)
|
|
|
|
diff --git a/src/patch.c b/src/patch.c
|
|
index 9146597..81c7a02 100644
|
|
--- a/src/patch.c
|
|
+++ b/src/patch.c
|
|
@@ -236,6 +236,7 @@ main (int argc, char **argv)
|
|
}
|
|
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
|
|
}
|
|
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
|
|
|
|
if (! skip_rest_of_patch && ! file_type)
|
|
{
|
|
--
|
|
cgit v1.0-41-gc330
|
|
|