fix buffer overflow in split
Resolves: CVE-2024-0684
This commit is contained in:
Lukáš Zaoral
parent
bf0817f5a5
commit
b851cbdafc
31
coreutils-9.4-CVE-2024-0684.patch
Normal file
31
coreutils-9.4-CVE-2024-0684.patch
Normal file
@ -0,0 +1,31 @@
|
||||
From c4c5ed8f4e9cd55a12966d4f520e3a13101637d9 Mon Sep 17 00:00:00 2001
|
||||
From: Paul Eggert <eggert@cs.ucla.edu>
|
||||
Date: Tue, 16 Jan 2024 13:48:32 -0800
|
||||
Subject: [PATCH] split: do not shrink hold buffer
|
||||
MIME-Version: 1.0
|
||||
Content-Type: text/plain; charset=UTF-8
|
||||
Content-Transfer-Encoding: 8bit
|
||||
|
||||
* src/split.c (line_bytes_split): Do not shrink hold buffer.
|
||||
If it’s large for this batch it’s likely to be large for the next
|
||||
batch, and for ‘split’ it’s not worth the complexity/CPU hassle to
|
||||
shrink it. Do not assume hold_size can be bufsize.
|
||||
---
|
||||
src/split.c | 3 ---
|
||||
1 file changed, 3 deletions(-)
|
||||
|
||||
diff --git a/src/split.c b/src/split.c
|
||||
index 64020c859..037960a59 100644
|
||||
--- a/src/split.c
|
||||
+++ b/src/split.c
|
||||
@@ -809,10 +809,7 @@ line_bytes_split (intmax_t n_bytes, char *buf, idx_t bufsize)
|
||||
{
|
||||
cwrite (n_out == 0, hold, n_hold);
|
||||
n_out += n_hold;
|
||||
- if (n_hold > bufsize)
|
||||
- hold = xirealloc (hold, bufsize);
|
||||
n_hold = 0;
|
||||
- hold_size = bufsize;
|
||||
}
|
||||
|
||||
/* Output to eol if present. */
|
||||
@ -1,7 +1,7 @@
|
||||
Summary: A set of basic GNU tools commonly used in shell scripts
|
||||
Name: coreutils
|
||||
Version: 9.4
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
# some used parts of gnulib are under various variants of LGPL
|
||||
License: GPL-3.0-or-later AND GFDL-1.3-no-invariants-or-later AND LGPL-2.1-or-later AND LGPL-3.0-or-later
|
||||
Url: https://www.gnu.org/software/coreutils/
|
||||
@ -32,6 +32,9 @@ Patch104: coreutils-df-direct.patch
|
||||
# fix crash with --enable-systemd
|
||||
Patch105: coreutils-9.4-systemd-coredump.patch
|
||||
|
||||
# fix buffer overflow in split (CVE-2024-0684)
|
||||
Patch106: coreutils-9.4-CVE-2024-0684.patch
|
||||
|
||||
# (sb) lin18nux/lsb compliance - multibyte functionality patch
|
||||
Patch800: coreutils-i18n.patch
|
||||
|
||||
@ -256,6 +259,9 @@ rm -f $RPM_BUILD_ROOT%{_infodir}/dir
|
||||
%license COPYING
|
||||
|
||||
%changelog
|
||||
* Thu Jan 18 2024 Lukáš Zaoral <lzaoral@redhat.com> - 9.4-2
|
||||
- fix buffer overflow in split (CVE-2024-0684)
|
||||
|
||||
* Fri Sep 15 2023 Lukáš Zaoral <lzaoral@redhat.com> - 9.4-1
|
||||
- new upstream release 9.4 (#2235759)
|
||||
- enable integration with systemd
|
||||
|
||||
Loading…
Reference in New Issue
Block a user