new upstream release (#655978)
- new upstream release (#655978) - increase code robustness (patches related to CVE-2010-1160, CVE-2010-1161)
This commit is contained in:
Kamil Dudka
parent
9a485db467
commit
a74a07dea6
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
||||
nano-2.2.5.tar.gz
|
||||
/nano-2.2.6.tar.gz
|
||||
|
||||
@ -0,0 +1,77 @@
|
||||
From de9e2d69f9ce3ec89ab499be96cda69509205ffd Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Thu, 19 Aug 2010 13:58:12 +0200
|
||||
Subject: [PATCH 1/2] check stat's result and avoid calling stat on a NULL pointer
|
||||
|
||||
---
|
||||
src/files.c | 33 ++++++++++++++++++++++-----------
|
||||
1 files changed, 22 insertions(+), 11 deletions(-)
|
||||
|
||||
diff --git a/src/files.c b/src/files.c
|
||||
index c5b9d6a..49555a5 100644
|
||||
--- a/src/files.c
|
||||
+++ b/src/files.c
|
||||
@@ -103,6 +103,24 @@ void initialize_buffer_text(void)
|
||||
openfile->totsize = 0;
|
||||
}
|
||||
|
||||
+#ifndef NANO_TINY
|
||||
+/* If *pstat is NULL, perform a stat call with the given file name. On success,
|
||||
+ * *pstat points to a newly allocated buffer that contains the stat's result.
|
||||
+ * On stat's failure, the NULL pointer in *pstat is left intact. */
|
||||
+void stat_if_needed(const char *filename, struct stat **pstat)
|
||||
+{
|
||||
+ struct stat *tmp;
|
||||
+ if (*pstat)
|
||||
+ return;
|
||||
+
|
||||
+ tmp = (struct stat *)nmalloc(sizeof(struct stat));
|
||||
+ if (0 == stat(filename, tmp))
|
||||
+ *pstat = tmp;
|
||||
+ else
|
||||
+ free(tmp);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* If it's not "", filename is a file to open. We make a new buffer, if
|
||||
* necessary, and then open and read the file, if applicable. */
|
||||
void open_buffer(const char *filename, bool undoable)
|
||||
@@ -148,11 +166,7 @@ void open_buffer(const char *filename, bool undoable)
|
||||
if (rc > 0) {
|
||||
read_file(f, rc, filename, undoable, new_buffer);
|
||||
#ifndef NANO_TINY
|
||||
- if (openfile->current_stat == NULL) {
|
||||
- openfile->current_stat =
|
||||
- (struct stat *)nmalloc(sizeof(struct stat));
|
||||
- stat(filename, openfile->current_stat);
|
||||
- }
|
||||
+ stat_if_needed(filename, &openfile->current_stat);
|
||||
#endif
|
||||
}
|
||||
|
||||
@@ -1511,8 +1525,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||
* specified it interactively), stat and save the value
|
||||
* or else we will chase null pointers when we do
|
||||
* modtime checks, preserve file times, etc. during backup */
|
||||
- if (openfile->current_stat == NULL && !tmp && realexists)
|
||||
- stat(realname, openfile->current_stat);
|
||||
+ if (!tmp && realexists)
|
||||
+ stat_if_needed(realname, &openfile->current_stat);
|
||||
|
||||
/* We backup only if the backup toggle is set, the file isn't
|
||||
* temporary, and the file already exists. Furthermore, if we
|
||||
@@ -1891,10 +1905,7 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||
|
||||
#ifndef NANO_TINY
|
||||
/* Update current_stat to reference the file as it is now. */
|
||||
- if (openfile->current_stat == NULL)
|
||||
- openfile->current_stat =
|
||||
- (struct stat *)nmalloc(sizeof(struct stat));
|
||||
- stat(realname, openfile->current_stat);
|
||||
+ stat_if_needed(realname, &openfile->current_stat);
|
||||
#endif
|
||||
|
||||
statusbar(P_("Wrote %lu line", "Wrote %lu lines",
|
||||
--
|
||||
1.7.3.2
|
||||
|
||||
99
0002-use-futimens-if-available-instead-of-utime.patch
Normal file
99
0002-use-futimens-if-available-instead-of-utime.patch
Normal file
@ -0,0 +1,99 @@
|
||||
From ea6be4984d6fa72afb41dcb9f0039d0fd80dd5c1 Mon Sep 17 00:00:00 2001
|
||||
From: Kamil Dudka <kdudka@redhat.com>
|
||||
Date: Thu, 19 Aug 2010 15:23:06 +0200
|
||||
Subject: [PATCH 2/2] use futimens() if available, instead of utime()
|
||||
|
||||
---
|
||||
config.h.in | 3 +++
|
||||
configure | 2 +-
|
||||
configure.ac | 2 +-
|
||||
src/files.c | 26 +++++++++++++++++++++++++-
|
||||
4 files changed, 30 insertions(+), 3 deletions(-)
|
||||
|
||||
diff --git a/config.h.in b/config.h.in
|
||||
index 8fbe824..fb0e65d 100644
|
||||
--- a/config.h.in
|
||||
+++ b/config.h.in
|
||||
@@ -64,6 +64,9 @@
|
||||
/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
|
||||
#undef HAVE_DOPRNT
|
||||
|
||||
+/* Define to 1 if you have the `futimens' function. */
|
||||
+#undef HAVE_FUTIMENS
|
||||
+
|
||||
/* Define to 1 if you have the `getdelim' function. */
|
||||
#undef HAVE_GETDELIM
|
||||
|
||||
diff --git a/configure b/configure
|
||||
index 238dbf9..f1ef55b 100755
|
||||
--- a/configure
|
||||
+++ b/configure
|
||||
@@ -7484,7 +7484,7 @@ fi
|
||||
|
||||
|
||||
|
||||
-for ac_func in getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf
|
||||
+for ac_func in futimens getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf
|
||||
do :
|
||||
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
||||
diff --git a/configure.ac b/configure.ac
|
||||
index 6388c03..255ec5d 100644
|
||||
--- a/configure.ac
|
||||
+++ b/configure.ac
|
||||
@@ -415,7 +415,7 @@ fi])
|
||||
|
||||
dnl Checks for functions.
|
||||
|
||||
-AC_CHECK_FUNCS(getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf)
|
||||
+AC_CHECK_FUNCS(futimens getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf)
|
||||
|
||||
if test x$enable_utf8 != xno; then
|
||||
AC_CHECK_FUNCS(iswalnum iswblank iswpunct iswspace nl_langinfo mblen mbstowcs mbtowc wctomb wcwidth)
|
||||
diff --git a/src/files.c b/src/files.c
|
||||
index 49555a5..a3917b7 100644
|
||||
--- a/src/files.c
|
||||
+++ b/src/files.c
|
||||
@@ -1434,6 +1434,29 @@ int copy_file(FILE *inn, FILE *out)
|
||||
return retval;
|
||||
}
|
||||
|
||||
+#ifdef HAVE_FUTIMENS
|
||||
+/* set atime/mtime by file descriptor */
|
||||
+int utime_wrap(int fd, const char *filename, struct utimbuf *ut)
|
||||
+{
|
||||
+ struct timespec times[2];
|
||||
+ (void) filename;
|
||||
+
|
||||
+ times[0].tv_sec = ut->actime;
|
||||
+ times[1].tv_sec = ut->modtime;
|
||||
+ times[0].tv_nsec = 0L;
|
||||
+ times[1].tv_nsec = 0L;
|
||||
+
|
||||
+ return futimens(fd, times);
|
||||
+}
|
||||
+#else
|
||||
+/* set atime/mtime by file name */
|
||||
+int utime_wrap(int fd, const char *filename, struct utimbuf *ut)
|
||||
+{
|
||||
+ (void) fd;
|
||||
+ return utime(filename, ut);
|
||||
+}
|
||||
+#endif
|
||||
+
|
||||
/* Write a file out to disk. If f_open isn't NULL, we assume that it is
|
||||
* a stream associated with the file, and we don't try to open it
|
||||
* ourselves. If tmp is TRUE, we set the umask to disallow anyone else
|
||||
@@ -1677,7 +1700,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||
}
|
||||
|
||||
/* And set its metadata. */
|
||||
- if (utime(backupname, &filetime) == -1 && !ISSET(INSECURE_BACKUP)) {
|
||||
+ if (utime_wrap(backup_fd, backupname, &filetime) == -1
|
||||
+ && !ISSET(INSECURE_BACKUP)) {
|
||||
statusbar(_("Error writing backup file %s: %s"), backupname,
|
||||
strerror(errno));
|
||||
/* If we can't write to the backup, DONT go on, since
|
||||
--
|
||||
1.7.3.2
|
||||
|
||||
@ -19,7 +19,7 @@ diff --git a/src/nano.c b/src/nano.c
|
||||
index 59e2a9d..1d1d40c 100644
|
||||
--- a/src/nano.c
|
||||
+++ b/src/nano.c
|
||||
@@ -1901,7 +1901,7 @@ precalc_cleanup:
|
||||
@@ -1907,7 +1907,7 @@ precalc_cleanup:
|
||||
* TRUE. */
|
||||
void do_output(char *output, size_t output_len, bool allow_cntrls)
|
||||
{
|
||||
|
||||
@ -1,7 +0,0 @@
|
||||
-----BEGIN PGP SIGNATURE-----
|
||||
Version: GnuPG v1.4.10 (GNU/Linux)
|
||||
|
||||
iEYEABECAAYFAkxbgmUACgkQvLNW35EAn6ebDwCcDLadGVi4FugSvjpplA4nmalB
|
||||
EecAoN7nvbtUbx0fnGloFPtiRGtxcc4V
|
||||
=ZXoa
|
||||
-----END PGP SIGNATURE-----
|
||||
BIN
nano-2.2.6.tar.gz.sig
Normal file
BIN
nano-2.2.6.tar.gz.sig
Normal file
Binary file not shown.
19
nano.spec
19
nano.spec
@ -1,6 +1,6 @@
|
||||
Summary: A small text editor
|
||||
Name: nano
|
||||
Version: 2.2.5
|
||||
Version: 2.2.6
|
||||
Release: 1%{?dist}
|
||||
License: GPLv3+
|
||||
Group: Applications/Editors
|
||||
@ -8,6 +8,13 @@ URL: http://www.nano-editor.org
|
||||
Source: http://www.nano-editor.org/dist/v2.2/%{name}-%{version}.tar.gz
|
||||
Source2: nanorc
|
||||
Patch0: nano-2.2.3-warnings.patch
|
||||
|
||||
# http://lists.gnu.org/archive/html/nano-devel/2010-08/msg00004.html
|
||||
Patch1: 0001-check-stat-s-result-and-avoid-calling-stat-on-a-NULL.patch
|
||||
|
||||
# http://lists.gnu.org/archive/html/nano-devel/2010-08/msg00005.html
|
||||
Patch2: 0002-use-futimens-if-available-instead-of-utime.patch
|
||||
|
||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||
BuildRequires: autoconf
|
||||
BuildRequires: gettext-devel
|
||||
@ -23,12 +30,18 @@ GNU nano is a small and friendly text editor.
|
||||
%prep
|
||||
%setup -q
|
||||
%patch0 -p1
|
||||
%patch1 -p1
|
||||
%patch2 -p1
|
||||
|
||||
for f in doc/man/fr/{nano.1,nanorc.5,rnano.1} ; do
|
||||
iconv -f iso-8859-1 -t utf-8 -o $f.tmp $f && mv $f.tmp $f
|
||||
touch $f.html
|
||||
done
|
||||
|
||||
# do not run autotools, we have already reflected the configure.ac
|
||||
# changes in configure and config.h.in
|
||||
touch -c aclocal.m4 config.h.in configure Makefile.in
|
||||
|
||||
%build
|
||||
%configure --bindir=/bin
|
||||
make %{?_smp_mflags}
|
||||
@ -81,6 +94,10 @@ rm -rf %{buildroot}
|
||||
%{_datadir}/nano
|
||||
|
||||
%changelog
|
||||
* Mon Nov 22 2010 Kamil Dudka <kdudka@redhat.com> - 2.2.6-1
|
||||
- new upstream release (#655978)
|
||||
- increase code robustness (patches related to CVE-2010-1160, CVE-2010-1161)
|
||||
|
||||
* Sat Aug 07 2010 Kamil Dudka <kdudka@redhat.com> - 2.2.5-1
|
||||
- new upstream release (#621857)
|
||||
|
||||
|
||||
Loading…
Reference in New Issue
Block a user