use 9.4.z patch version for RHEL-32739

rhel-9.4.z already had fix for this CVE added by previous maintainer, but rhel-9-main did not inherit it, use already tested patch from 9.4.z instead of new one Resolves: RHEL-32739
2024-08-07 08:46:04 +02:00 · 2024-08-07 08:46:04 +02:00 · f32022fd5a
commit f32022fd5a
parent 705931a71f
5 changed files with 68 additions and 163 deletions
--- a/less-590-CVE-2024-32487.patch
+++ b/less-590-CVE-2024-32487.patch
@ -0,0 +1,65 @@
+Patch backported from:
+
+commit 007521ac3c95bc76e3d59c6dbfe75d06c8075c33
+Author: Mark Nudelman <markn@greenwoodsoftware.com>
+Date:   Thu Apr 11 17:49:48 2024 -0700
+
+    Fix bug when viewing a file whose name contains a newline.
+
+diff -up less-643/filename.c.cve-2024-32487 less-643/filename.c
+--- less-643/filename.c.cve-2024-32487	2023-07-21 00:43:14.000000000 +0200
+++ less-643/filename.c	2024-04-23 10:24:17.347269703 +0200
+@@ -128,6 +128,15 @@ static char * metachars(void)
+ }
+ 
+ /*
+ * Must use quotes rather than escape char for this metachar?
+ */
+static int must_quote(char c)
+{
+	/* {{ Maybe the set of must_quote chars should be configurable? }} */
+	return (c == '\n'); 
+}
+
+/*
+  * Insert a backslash before each metacharacter in a string.
+  */
+	public char *
+@@ -164,6 +173,9 @@ public char * shell_quote(char *s)
+ 				 * doesn't support escape chars.  Use quotes.
+ 				 */
+ 				use_quotes = 1;
+			} else if (must_quote(*p))
+			{
+				len += 3; /* open quote + char + close quote */
+ 			} else
+ 			{
+ 				/*
+@@ -193,15 +205,22 @@ public char * shell_quote(char *s)
+ 	{
+ 		while (*s != '\0')
+ 		{
+-			if (metachar(*s))
+			if (!metachar(*s))
+ 			{
+-				/*
+-				 * Add the escape char.
+-				 */
+				*p++ = *s++;
+			} else if (must_quote(*s))
+			{
+				/* Surround the char with quotes. */
+				*p++ = openquote;
+				*p++ = *s++;
+				*p++ = closequote;
+			} else
+			{
+				/* Insert an escape char before the char. */
+ 				strcpy(p, esc);
+ 				p += esclen;
+				*p++ = *s++;
+ 			}
+-			*p++ = *s++;
+ 		}
+ 		*p = '\0';
+ 	}
--- a/less-633-cve2024_32487prereq.patch
+++ b/less-633-cve2024_32487prereq.patch
@ -1,17 +0,0 @@
-diff -up less-633/prompt.c.cve_prereq less-633/prompt.c
--- less-633/prompt.c.cve_prereq	2024-07-27 00:44:40.347267609 +0200
-+++ less-633/prompt.c	2024-07-27 00:45:26.575783719 +0200
-@@ -36,6 +36,13 @@ extern char *editor;
- extern char *editproto;
- #endif
- 
-+typedef enum lbool { LFALSE, LTRUE } lbool;
-+
-+#undef  TRUE
-+#define TRUE  LTRUE
-+#undef  FALSE
-+#define FALSE LFALSE
-+
- /*
-  * Prototypes for the three flavors of prompts.
-  * These strings are expanded by pr_expand().
--- a/less-654-cve2024_32487fix.patch
+++ b/less-654-cve2024_32487fix.patch
@ -1,75 +0,0 @@
-diff -up less-590/output.c.cve2024_32487fix less-590/output.c
--- less-590/output.c.cve2024_32487fix	2021-06-03 19:45:48.000000000 +0200
-+++ less-590/output.c	2024-08-06 21:41:26.672021477 +0200
-@@ -31,6 +31,7 @@ extern int so_s_width, so_e_width;
- extern int screen_trashed;
- extern int is_tty;
- extern int oldbot;
-+extern int utf_mode;
- 
- #if MSDOS_COMPILER==WIN32C || MSDOS_COMPILER==BORLANDC || MSDOS_COMPILER==DJGPPC
- extern int ctldisp;
-@@ -562,6 +563,7 @@ less_printf(fmt, parg)
- 	PARG *parg;
- {
- 	char *s;
-+	constant char *es;
- 	int col;
- 
- 	col = 0;
-@@ -578,11 +580,17 @@ less_printf(fmt, parg)
- 			{
- 			case 's':
- 				s = parg->p_string;
-+				es = s + strlen(s);
- 				parg++;
- 				while (*s != '\0')
- 				{
-					putchr(*s++);
-					col++;
-+					LWCHAR ch = step_char(&s, +1, es);
-+					constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
-+					while (*ps != '\0')
-+					{
-+						putchr(*ps++);
-+						col++;
-+					}
- 				}
- 				break;
- 			case 'd':
-diff -up less-590/prompt.c.cve2024_32487fix less-590/prompt.c
--- less-590/prompt.c.cve2024_32487fix	2024-08-06 16:14:26.980780434 +0200
-+++ less-590/prompt.c	2024-08-06 21:43:10.415868469 +0200
-@@ -29,6 +29,7 @@ extern int hshift;
- extern int sc_height;
- extern int jump_sline;
- extern int less_is_more;
-+extern int utf_mode;
- extern IFILE curr_ifile;
- #if EDITOR
- extern char *editor;
-@@ -90,13 +91,17 @@ init_prompt(VOID_PARAM)
- ap_str(s)
- 	char *s;
- {
-	int len;
-
-	len = (int) strlen(s);
-	if (mp + len >= message + PROMPT_SIZE)
-		len = (int) (message + PROMPT_SIZE - mp - 1);
-	strncpy(mp, s, len);
-	mp += len;
-+	constant char *es = s + strlen(s);
-+	while (*s != '\0')
-+	{
-+		LWCHAR ch = step_char(&s, +1, es);
-+		constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
-+		size_t plen = strlen(ps);
-+		if (mp + plen >= message + PROMPT_SIZE)
-+			break;
-+		strcpy(mp, ps);
-+		mp += plen;
-+	}
- 	*mp = '\0';
- }
- 
--- a/less-654-cve2024_32487regrfix.patch
+++ b/less-654-cve2024_32487regrfix.patch
@ -1,65 +0,0 @@
-diff -up less-590/prompt.c.cve2024_32487regrfix less-590/prompt.c
--- less-590/prompt.c.cve2024_32487regrfix	2024-08-06 21:43:33.716058700 +0200
-+++ less-590/prompt.c	2024-08-06 21:48:58.264708406 +0200
-@@ -86,17 +86,30 @@ init_prompt(VOID_PARAM)
- 
- /*
-  * Append a string to the end of the message.
-+ * nprt means the character *may* be nonprintable
-+ * and should be converted to printable form.
-  */
-	static void
-ap_str(s)
-	char *s;
-+static void ap_estr(char *s, lbool nprt)
- {
- 	constant char *es = s + strlen(s);
- 	while (*s != '\0')
- 	{
- 		LWCHAR ch = step_char(&s, +1, es);
-		constant char *ps = utf_mode ? prutfchar(ch) : prchar(ch);
-		size_t plen = strlen(ps);
-+		constant char *ps;
-+		char ubuf[MAX_UTF_CHAR_LEN+1];
-+		size_t plen;
-+
-+		if (nprt)
-+		{
-+			ps = utf_mode ? prutfchar(ch) : prchar(ch);
-+		} else
-+		{
-+			char *up = ubuf;
-+			put_wchar(&up, ch);
-+			*up = '\0';
-+			ps = ubuf;
-+		}
-+		plen = strlen(ps);
- 		if (mp + plen >= message + PROMPT_SIZE)
- 			break;
- 		strcpy(mp, ps);
-@@ -104,6 +117,12 @@ ap_str(s)
- 	}
- 	*mp = '\0';
- }
-+ 
-+static void ap_str(char *s)
-+{
-+	ap_estr(s, FALSE);
-+}
-+
- 
- /*
-  * Append a character to the end of the message.
-@@ -316,10 +335,10 @@ protochar(c, where, iseditproto)
- 		break;
- #endif
- 	case 'f': /* File name */
-		ap_str(get_filename(curr_ifile));
-+		ap_estr(get_filename(curr_ifile), TRUE);
- 		break;
- 	case 'F': /* Last component of file name */
-		ap_str(last_component(get_filename(curr_ifile)));
-+		ap_estr(last_component(get_filename(curr_ifile)), TRUE);
- 		break;
- 	case 'g': /* Shell-escaped file name */
- 		s = shell_quote(get_filename(curr_ifile));
--- a/less.spec
+++ b/less.spec
@ -18,9 +18,8 @@ Patch11: less-458-old-bot-in-help.patch
 Patch12: less-590-CVE-2022-46663.patch
 Patch13: less-590-CVE-2022-48624.patch
 # from upstream, for less < 661 , RHEL-32739
-Patch14: less-633-cve2024_32487prereq.patch
-Patch15: less-654-cve2024_32487fix.patch
-Patch16: less-654-cve2024_32487regrfix.patch
+Patch14: less-590-CVE-2024-32487.patch
+
 URL: https://www.greenwoodsoftware.com/less/
 BuildRequires: ncurses-devel
 BuildRequires: autoconf automake libtool
@ -48,9 +47,7 @@ files, and you'll use it frequently.
 %patch -P 11 -p1 -b .old-bot
 %patch -P 12 -p1 -b .CVE-2022-46663
 %patch -P 13 -p1 -b .CVE-2022-48624
-%patch -P 14 -p1 -b .cve2024_32487prereq
-%patch -P 15 -p1 -b .cve2024_32487fix
-%patch -P 16 -p1 -b .cve2024_32487regrfix
+%patch -P 14 -p1 -b .CVE-2024-32487


 %build