From 6fae811bf65c4f676990ca440803ebd750d96616 Mon Sep 17 00:00:00 2001 From: eabdullin Date: Tue, 30 Apr 2024 15:45:08 +0000 Subject: [PATCH] import UBI make-4.3-8.el9 --- SOURCES/make-4.3-findprog.patch | 124 ++++++++++++++++++++++++++++++++ SPECS/make.spec | 9 ++- 2 files changed, 132 insertions(+), 1 deletion(-) create mode 100644 SOURCES/make-4.3-findprog.patch diff --git a/SOURCES/make-4.3-findprog.patch b/SOURCES/make-4.3-findprog.patch new file mode 100644 index 0000000..69c529d --- /dev/null +++ b/SOURCES/make-4.3-findprog.patch @@ -0,0 +1,124 @@ +From 6e6abd0cdfe4bb96f6412aebc511f10bf254a820 Mon Sep 17 00:00:00 2001 +From: Bruno Haible +Date: Sat, 23 May 2020 12:19:34 +0200 +Subject: findprog-in: Ignore directories. + +Reported by Frederick Eaton via Dmitry Goncharov in +. + +* lib/findprog-in.c (find_in_given_path): When the file found is a +directory, set errno to EACCES and, during a PATH search, continue +searching. +* modules/findprog-in (Depends-on): Add sys_stat, stat. + +diff --git a/lib/findprog-in.c b/lib/findprog-in.c +index c254f2f588..0f76e36ca4 100644 +--- a/lib/findprog-in.c ++++ b/lib/findprog-in.c +@@ -26,6 +26,7 @@ + #include + #include + #include ++#include + + #include "filename.h" + #include "concat-filename.h" +@@ -58,8 +59,8 @@ static const char * const suffixes[] = + /* Note: The cmd.exe program does a different lookup: It searches according + to the PATHEXT environment variable. + See . +- Also, it executes files ending .bat and .cmd directly without letting the +- kernel interpret the program file. */ ++ Also, it executes files ending in .bat and .cmd directly without letting ++ the kernel interpret the program file. */ + #elif defined __CYGWIN__ + "", ".exe", ".com" + #elif defined __EMX__ +@@ -136,14 +137,26 @@ find_in_given_path (const char *progname, const char *path, + call access() despite its design flaw. */ + if (eaccess (progpathname, X_OK) == 0) + { +- /* Found! */ +- if (strcmp (progpathname, progname) == 0) ++ /* Check that the progpathname does not point to a ++ directory. */ ++ struct stat statbuf; ++ ++ if (stat (progpathname, &statbuf) >= 0) + { +- free (progpathname); +- return progname; ++ if (! S_ISDIR (statbuf.st_mode)) ++ { ++ /* Found! */ ++ if (strcmp (progpathname, progname) == 0) ++ { ++ free (progpathname); ++ return progname; ++ } ++ else ++ return progpathname; ++ } ++ ++ errno = EACCES; + } +- else +- return progpathname; + } + + if (errno != ENOENT) +@@ -210,25 +223,37 @@ find_in_given_path (const char *progname, const char *path, + call access() despite its design flaw. */ + if (eaccess (progpathname, X_OK) == 0) + { +- /* Found! */ +- if (strcmp (progpathname, progname) == 0) ++ /* Check that the progpathname does not point to a ++ directory. */ ++ struct stat statbuf; ++ ++ if (stat (progpathname, &statbuf) >= 0) + { +- free (progpathname); +- +- /* Add the "./" prefix for real, that +- xconcatenated_filename() optimized away. This +- avoids a second PATH search when the caller uses +- execl/execv/execlp/execvp. */ +- progpathname = +- XNMALLOC (2 + strlen (progname) + 1, char); +- progpathname[0] = '.'; +- progpathname[1] = NATIVE_SLASH; +- memcpy (progpathname + 2, progname, +- strlen (progname) + 1); +- } ++ if (! S_ISDIR (statbuf.st_mode)) ++ { ++ /* Found! */ ++ if (strcmp (progpathname, progname) == 0) ++ { ++ free (progpathname); ++ ++ /* Add the "./" prefix for real, that ++ xconcatenated_filename() optimized away. ++ This avoids a second PATH search when the ++ caller uses execl/execv/execlp/execvp. */ ++ progpathname = ++ XNMALLOC (2 + strlen (progname) + 1, char); ++ progpathname[0] = '.'; ++ progpathname[1] = NATIVE_SLASH; ++ memcpy (progpathname + 2, progname, ++ strlen (progname) + 1); ++ } ++ ++ free (path_copy); ++ return progpathname; ++ } + +- free (path_copy); +- return progpathname; ++ errno = EACCES; ++ } + } + + if (errno != ENOENT) diff --git a/SPECS/make.spec b/SPECS/make.spec index b44fefb..96b3e2b 100644 --- a/SPECS/make.spec +++ b/SPECS/make.spec @@ -3,7 +3,7 @@ Summary: A GNU tool which simplifies the build process for users Name: make Epoch: 1 Version: 4.3 -Release: 7%{?dist} +Release: 8%{?dist} License: GPLv3+ URL: http://www.gnu.org/software/make/ Source: ftp://ftp.gnu.org/gnu/make/make-%{version}.tar.gz @@ -31,6 +31,10 @@ Patch2: make-4.3-j8k.patch # Remove on next make rebase Patch3: make-4.3-cloexec.patch +# https://issues.redhat.com/browse/RHEL-22829 +# Remove on next make rebase +Patch4: make-4.3-findprog.patch + # autoreconf BuildRequires: make BuildRequires: autoconf, automake, gettext-devel @@ -97,6 +101,9 @@ echo ============END TESTING=========== %{_includedir}/gnumake.h %changelog +* Wed Jan 31 2024 DJ Delorie - 1:4.3-8 +- Don't try to execute directories (RHEL-22829) + * Mon Aug 09 2021 Mohan Boddu - 1:4.3-7 - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags Related: rhbz#1991688