rpms/ksh
7
0
Fork 0
Code Issues Pull Requests Releases Activity

fix segfault in subshell if $PATH contains a .paths directory

Browse Source 
Resolves: RHEL-12011
This commit is contained in:
Lukáš Zaoral 2023-11-08 17:00:51 +01:00
parent 505cee0471
commit f829dff142
No known key found for this signature in database
GPG Key ID: 39157506DD67752D
2 changed files with 64 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

55
ksh-20120801-segfault-cd-paths.patch Normal file
View File

@ -0,0 +1,55 @@
From 035a4cb3f453271b7ae63bcb53a7963b8dbe4c41 Mon Sep 17 00:00:00 2001
From: Anuradha Weeraman <anuradha@weeraman.com>
Date: Thu, 2 Jul 2020 18:29:07 -0400
Subject: [PATCH] Fix segfault if $PATH contains a .paths directory (#55)
ksh crashed if it encountered a .paths directory in any of the
directories in $PATH.
Ref: https://bugs.launchpad.net/ubuntu/+source/ksh/+bug/1534855
src/cmd/ksh93/sh/path.c: path_chkpaths():
- Refuse to read .paths if it's not a regular file
or a symlink to a regular file.
Upstream-commit: 035a4cb3f453271b7ae63bcb53a7963b8dbe4c41
Cherry-picked-by: Lukáš Zaoral <lzaoral@redhat.com>
---
src/cmd/ksh93/sh/path.c | 4 ++++
src/cmd/ksh93/tests/path.sh | 9 +++++++++
2 files changed, 13 insertions(+)
diff --git a/src/cmd/ksh93/sh/path.c b/src/cmd/ksh93/sh/path.c
index 213a2a6c7375..25ade4073dad 100644
--- a/src/cmd/ksh93/sh/path.c
+++ b/src/cmd/ksh93/sh/path.c
@@ -1507,6 +1507,10 @@ static int path_chkpaths(Shell_t *shp,Pathcomp_t *first, Pathcomp_t* old,Pathcom
if((fd=open(stakptr(offset),O_RDONLY))>=0)
{
fstat(fd,&statb);
+ if (!S_ISREG(statb.st_mode)) {
+ close(fd);
+ return 0;
+ }
n = statb.st_size;
stakseek(offset+pp->len+n+2);
sp = stakptr(offset+pp->len);
diff --git a/src/cmd/ksh93/tests/path.sh b/src/cmd/ksh93/tests/path.sh
index c9d8d2485e28..9725c74e31ea 100755
--- a/src/cmd/ksh93/tests/path.sh
+++ b/src/cmd/ksh93/tests/path.sh
@@ -408,5 +408,14 @@ END
END
) || err_exit '${.sh.xxx} variables causes cat not be found'
+# ksh segfaults if $PATH contains a .paths directory
+mkdir -p $tmp/paths-dir-crash/
+cat > $tmp/paths-dir-crash/run.sh <<- EOF
+mkdir -p $tmp/paths-dir-crash/.paths
+export PATH=$tmp/paths-dir-crash:$PATH
+print ok
+EOF
+[[ $($SHELL $tmp/paths-dir-crash/run.sh 2>/dev/null) == ok ]] || err_exit "ksh crashes if PATH contains a .paths directory"
+
exit $((Errors<125?Errors:125))

10
ksh.spec
View File

@ -6,7 +6,7 @@ Summary: The Original ATT Korn Shell
URL: http://www.kornshell.com/
License: EPL-1.0
Version: %{releasedate}
Release: 261%{?dist}
Release: 262%{?dist}
Source0: http://www.research.att.com/~gsf/download/tgz/ast-ksh.%{release_date}.tgz
Source1: http://www.research.att.com/~gsf/download/tgz/INIT.%{release_date}.tgz
Source2: kshcomp.conf
@ -244,6 +244,10 @@ Patch95: ksh-20120801-set+r-fix.patch
# upstream commit: https://github.com/ksh93/ksh/commit/9a9da2c299a0adcd36b4efd1b1c0ee2883beba7b.patch
Patch96: ksh-20120801-segfault-strdup.patch
# RHEL-12011
# upstream commit: https://github.com/ksh93/ksh/commit/035a4cb3f453271b7ae63bcb53a7963b8dbe4c41
Patch97: ksh-20120801-segfault-cd-paths.patch
Conflicts: pdksh
Requires: coreutils, diffutils, chkconfig
BuildRequires: bison
@ -397,6 +401,10 @@ fi
%config(noreplace) %{_sysconfdir}/binfmt.d/kshcomp.conf
%changelog
* Wed Nov 08 2023 Lukáš Zaoral <lzaoral@redhat.com> - 20120801-262
- fix segfault in subshell if $PATH contains a .paths directory
Resolves: RHEL-12011
* Tue Oct 31 2023 Lukáš Zaoral <lzaoral@redhat.com> - 20120801-261
- Fix segfault in strdup
Resolves: RHEL-11982