From d47c03743e0e7170b82fb52f78e60620992a6540 Mon Sep 17 00:00:00 2001
From: Miroslav Lichvar <mlichvar@redhat.com>
Date: Wed, 19 Jul 2023 11:47:01 +0200
Subject: [PATCH] Fix reading of $HOME/.editrc and $EDITRC (#2211207)

Resolves: #2211207
---
 libedit-editrc.patch | 40 ++++++++++++++++++++++++++++++++++++++++
 libedit.spec         |  5 ++++-
 2 files changed, 44 insertions(+), 1 deletion(-)
 create mode 100644 libedit-editrc.patch

diff --git a/libedit-editrc.patch b/libedit-editrc.patch
new file mode 100644
index 0000000..145c474
--- /dev/null
+++ b/libedit-editrc.patch
@@ -0,0 +1,40 @@
+diff -ur libedit-20210419-3.1/src/el.c libedit-20210522-3.1/src/el.c
+--- libedit-20210419-3.1/src/el.c	2019-10-25 22:12:05.000000000 +0200
++++ libedit-20210522-3.1/src/el.c	2021-05-22 20:55:00.000000000 +0200
+@@ -548,15 +548,15 @@
+ 
+ 	fp = NULL;
+ 	if (fname == NULL) {
+-#ifdef HAVE_ISSETUGID
+-		if (issetugid())
+-			return -1;
+ 
+-		if ((fname = getenv("EDITRC")) == NULL) {
++		/* secure_getenv is guaranteed to be defined and do the right thing here */
++		/* because of the defines above which take into account issetugid, */
++		/* secure_getenv and __secure_getenv availability. */
++		if ((fname = secure_getenv("EDITRC")) == NULL) {
+ 			static const char elpath[] = "/.editrc";
+ 			size_t plen = sizeof(elpath);
+ 
+-			if ((ptr = getenv("HOME")) == NULL)
++			if ((ptr = secure_getenv("HOME")) == NULL)
+ 				return -1;
+ 			plen += strlen(ptr);
+ 			if ((path = el_calloc(plen, sizeof(*path))) == NULL)
+@@ -565,14 +565,7 @@
+ 				elpath + (*ptr == '\0'));
+ 			fname = path;
+ 		}
+-#else
+-		/*
+-		 * If issetugid() is missing, always return an error, in order
+-		 * to keep from inadvertently opening up the user to a security
+-		 * hole.
+-		 */
+-		return -1;
+-#endif
++
+ 	}
+ 	if (fname[0] == '\0')
+ 		return -1;
diff --git a/libedit.spec b/libedit.spec
index 9ae769a..d7c1135 100644
--- a/libedit.spec
+++ b/libedit.spec
@@ -13,6 +13,9 @@ BuildRequires:	groff-base
 BuildRequires:	make
 BuildRequires:	ncurses-devel
 
+# Fix reading of $HOME/.editrc and $EDITRC
+Patch1:		libedit-editrc.patch
+
 %description
 Libedit is an autotool- and libtoolized port of the NetBSD Editline library.
 It provides generic line editing, history, and tokenization functions, similar
@@ -28,7 +31,7 @@ Requires:	ncurses-devel%{?_isa}
 This package contains development files for %{name}.
 
 %prep
-%autosetup -n %{name}-%{dir_snap}-%{version}
+%autosetup -n %{name}-%{dir_snap}-%{version} -p1
 
 # Fix unused direct shared library dependencies.
 sed -i "s/lncurses/ltinfo/" configure