new upstream release (#655978)
- new upstream release (#655978) - increase code robustness (patches related to CVE-2010-1160, CVE-2010-1161)
This commit is contained in:
parent
9a485db467
commit
a74a07dea6
1
.gitignore
vendored
1
.gitignore
vendored
@ -1 +1,2 @@
|
|||||||
nano-2.2.5.tar.gz
|
nano-2.2.5.tar.gz
|
||||||
|
/nano-2.2.6.tar.gz
|
||||||
|
@ -0,0 +1,77 @@
|
|||||||
|
From de9e2d69f9ce3ec89ab499be96cda69509205ffd Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
Date: Thu, 19 Aug 2010 13:58:12 +0200
|
||||||
|
Subject: [PATCH 1/2] check stat's result and avoid calling stat on a NULL pointer
|
||||||
|
|
||||||
|
---
|
||||||
|
src/files.c | 33 ++++++++++++++++++++++-----------
|
||||||
|
1 files changed, 22 insertions(+), 11 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/src/files.c b/src/files.c
|
||||||
|
index c5b9d6a..49555a5 100644
|
||||||
|
--- a/src/files.c
|
||||||
|
+++ b/src/files.c
|
||||||
|
@@ -103,6 +103,24 @@ void initialize_buffer_text(void)
|
||||||
|
openfile->totsize = 0;
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifndef NANO_TINY
|
||||||
|
+/* If *pstat is NULL, perform a stat call with the given file name. On success,
|
||||||
|
+ * *pstat points to a newly allocated buffer that contains the stat's result.
|
||||||
|
+ * On stat's failure, the NULL pointer in *pstat is left intact. */
|
||||||
|
+void stat_if_needed(const char *filename, struct stat **pstat)
|
||||||
|
+{
|
||||||
|
+ struct stat *tmp;
|
||||||
|
+ if (*pstat)
|
||||||
|
+ return;
|
||||||
|
+
|
||||||
|
+ tmp = (struct stat *)nmalloc(sizeof(struct stat));
|
||||||
|
+ if (0 == stat(filename, tmp))
|
||||||
|
+ *pstat = tmp;
|
||||||
|
+ else
|
||||||
|
+ free(tmp);
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* If it's not "", filename is a file to open. We make a new buffer, if
|
||||||
|
* necessary, and then open and read the file, if applicable. */
|
||||||
|
void open_buffer(const char *filename, bool undoable)
|
||||||
|
@@ -148,11 +166,7 @@ void open_buffer(const char *filename, bool undoable)
|
||||||
|
if (rc > 0) {
|
||||||
|
read_file(f, rc, filename, undoable, new_buffer);
|
||||||
|
#ifndef NANO_TINY
|
||||||
|
- if (openfile->current_stat == NULL) {
|
||||||
|
- openfile->current_stat =
|
||||||
|
- (struct stat *)nmalloc(sizeof(struct stat));
|
||||||
|
- stat(filename, openfile->current_stat);
|
||||||
|
- }
|
||||||
|
+ stat_if_needed(filename, &openfile->current_stat);
|
||||||
|
#endif
|
||||||
|
}
|
||||||
|
|
||||||
|
@@ -1511,8 +1525,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||||
|
* specified it interactively), stat and save the value
|
||||||
|
* or else we will chase null pointers when we do
|
||||||
|
* modtime checks, preserve file times, etc. during backup */
|
||||||
|
- if (openfile->current_stat == NULL && !tmp && realexists)
|
||||||
|
- stat(realname, openfile->current_stat);
|
||||||
|
+ if (!tmp && realexists)
|
||||||
|
+ stat_if_needed(realname, &openfile->current_stat);
|
||||||
|
|
||||||
|
/* We backup only if the backup toggle is set, the file isn't
|
||||||
|
* temporary, and the file already exists. Furthermore, if we
|
||||||
|
@@ -1891,10 +1905,7 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||||
|
|
||||||
|
#ifndef NANO_TINY
|
||||||
|
/* Update current_stat to reference the file as it is now. */
|
||||||
|
- if (openfile->current_stat == NULL)
|
||||||
|
- openfile->current_stat =
|
||||||
|
- (struct stat *)nmalloc(sizeof(struct stat));
|
||||||
|
- stat(realname, openfile->current_stat);
|
||||||
|
+ stat_if_needed(realname, &openfile->current_stat);
|
||||||
|
#endif
|
||||||
|
|
||||||
|
statusbar(P_("Wrote %lu line", "Wrote %lu lines",
|
||||||
|
--
|
||||||
|
1.7.3.2
|
||||||
|
|
99
0002-use-futimens-if-available-instead-of-utime.patch
Normal file
99
0002-use-futimens-if-available-instead-of-utime.patch
Normal file
@ -0,0 +1,99 @@
|
|||||||
|
From ea6be4984d6fa72afb41dcb9f0039d0fd80dd5c1 Mon Sep 17 00:00:00 2001
|
||||||
|
From: Kamil Dudka <kdudka@redhat.com>
|
||||||
|
Date: Thu, 19 Aug 2010 15:23:06 +0200
|
||||||
|
Subject: [PATCH 2/2] use futimens() if available, instead of utime()
|
||||||
|
|
||||||
|
---
|
||||||
|
config.h.in | 3 +++
|
||||||
|
configure | 2 +-
|
||||||
|
configure.ac | 2 +-
|
||||||
|
src/files.c | 26 +++++++++++++++++++++++++-
|
||||||
|
4 files changed, 30 insertions(+), 3 deletions(-)
|
||||||
|
|
||||||
|
diff --git a/config.h.in b/config.h.in
|
||||||
|
index 8fbe824..fb0e65d 100644
|
||||||
|
--- a/config.h.in
|
||||||
|
+++ b/config.h.in
|
||||||
|
@@ -64,6 +64,9 @@
|
||||||
|
/* Define to 1 if you don't have `vprintf' but do have `_doprnt.' */
|
||||||
|
#undef HAVE_DOPRNT
|
||||||
|
|
||||||
|
+/* Define to 1 if you have the `futimens' function. */
|
||||||
|
+#undef HAVE_FUTIMENS
|
||||||
|
+
|
||||||
|
/* Define to 1 if you have the `getdelim' function. */
|
||||||
|
#undef HAVE_GETDELIM
|
||||||
|
|
||||||
|
diff --git a/configure b/configure
|
||||||
|
index 238dbf9..f1ef55b 100755
|
||||||
|
--- a/configure
|
||||||
|
+++ b/configure
|
||||||
|
@@ -7484,7 +7484,7 @@ fi
|
||||||
|
|
||||||
|
|
||||||
|
|
||||||
|
-for ac_func in getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf
|
||||||
|
+for ac_func in futimens getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf
|
||||||
|
do :
|
||||||
|
as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
|
||||||
|
ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
|
||||||
|
diff --git a/configure.ac b/configure.ac
|
||||||
|
index 6388c03..255ec5d 100644
|
||||||
|
--- a/configure.ac
|
||||||
|
+++ b/configure.ac
|
||||||
|
@@ -415,7 +415,7 @@ fi])
|
||||||
|
|
||||||
|
dnl Checks for functions.
|
||||||
|
|
||||||
|
-AC_CHECK_FUNCS(getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf)
|
||||||
|
+AC_CHECK_FUNCS(futimens getdelim getline isblank strcasecmp strcasestr strncasecmp strnlen vsnprintf)
|
||||||
|
|
||||||
|
if test x$enable_utf8 != xno; then
|
||||||
|
AC_CHECK_FUNCS(iswalnum iswblank iswpunct iswspace nl_langinfo mblen mbstowcs mbtowc wctomb wcwidth)
|
||||||
|
diff --git a/src/files.c b/src/files.c
|
||||||
|
index 49555a5..a3917b7 100644
|
||||||
|
--- a/src/files.c
|
||||||
|
+++ b/src/files.c
|
||||||
|
@@ -1434,6 +1434,29 @@ int copy_file(FILE *inn, FILE *out)
|
||||||
|
return retval;
|
||||||
|
}
|
||||||
|
|
||||||
|
+#ifdef HAVE_FUTIMENS
|
||||||
|
+/* set atime/mtime by file descriptor */
|
||||||
|
+int utime_wrap(int fd, const char *filename, struct utimbuf *ut)
|
||||||
|
+{
|
||||||
|
+ struct timespec times[2];
|
||||||
|
+ (void) filename;
|
||||||
|
+
|
||||||
|
+ times[0].tv_sec = ut->actime;
|
||||||
|
+ times[1].tv_sec = ut->modtime;
|
||||||
|
+ times[0].tv_nsec = 0L;
|
||||||
|
+ times[1].tv_nsec = 0L;
|
||||||
|
+
|
||||||
|
+ return futimens(fd, times);
|
||||||
|
+}
|
||||||
|
+#else
|
||||||
|
+/* set atime/mtime by file name */
|
||||||
|
+int utime_wrap(int fd, const char *filename, struct utimbuf *ut)
|
||||||
|
+{
|
||||||
|
+ (void) fd;
|
||||||
|
+ return utime(filename, ut);
|
||||||
|
+}
|
||||||
|
+#endif
|
||||||
|
+
|
||||||
|
/* Write a file out to disk. If f_open isn't NULL, we assume that it is
|
||||||
|
* a stream associated with the file, and we don't try to open it
|
||||||
|
* ourselves. If tmp is TRUE, we set the umask to disallow anyone else
|
||||||
|
@@ -1677,7 +1700,8 @@ bool write_file(const char *name, FILE *f_open, bool tmp, append_type
|
||||||
|
}
|
||||||
|
|
||||||
|
/* And set its metadata. */
|
||||||
|
- if (utime(backupname, &filetime) == -1 && !ISSET(INSECURE_BACKUP)) {
|
||||||
|
+ if (utime_wrap(backup_fd, backupname, &filetime) == -1
|
||||||
|
+ && !ISSET(INSECURE_BACKUP)) {
|
||||||
|
statusbar(_("Error writing backup file %s: %s"), backupname,
|
||||||
|
strerror(errno));
|
||||||
|
/* If we can't write to the backup, DONT go on, since
|
||||||
|
--
|
||||||
|
1.7.3.2
|
||||||
|
|
@ -19,7 +19,7 @@ diff --git a/src/nano.c b/src/nano.c
|
|||||||
index 59e2a9d..1d1d40c 100644
|
index 59e2a9d..1d1d40c 100644
|
||||||
--- a/src/nano.c
|
--- a/src/nano.c
|
||||||
+++ b/src/nano.c
|
+++ b/src/nano.c
|
||||||
@@ -1901,7 +1901,7 @@ precalc_cleanup:
|
@@ -1907,7 +1907,7 @@ precalc_cleanup:
|
||||||
* TRUE. */
|
* TRUE. */
|
||||||
void do_output(char *output, size_t output_len, bool allow_cntrls)
|
void do_output(char *output, size_t output_len, bool allow_cntrls)
|
||||||
{
|
{
|
||||||
|
@ -1,7 +0,0 @@
|
|||||||
-----BEGIN PGP SIGNATURE-----
|
|
||||||
Version: GnuPG v1.4.10 (GNU/Linux)
|
|
||||||
|
|
||||||
iEYEABECAAYFAkxbgmUACgkQvLNW35EAn6ebDwCcDLadGVi4FugSvjpplA4nmalB
|
|
||||||
EecAoN7nvbtUbx0fnGloFPtiRGtxcc4V
|
|
||||||
=ZXoa
|
|
||||||
-----END PGP SIGNATURE-----
|
|
BIN
nano-2.2.6.tar.gz.sig
Normal file
BIN
nano-2.2.6.tar.gz.sig
Normal file
Binary file not shown.
19
nano.spec
19
nano.spec
@ -1,6 +1,6 @@
|
|||||||
Summary: A small text editor
|
Summary: A small text editor
|
||||||
Name: nano
|
Name: nano
|
||||||
Version: 2.2.5
|
Version: 2.2.6
|
||||||
Release: 1%{?dist}
|
Release: 1%{?dist}
|
||||||
License: GPLv3+
|
License: GPLv3+
|
||||||
Group: Applications/Editors
|
Group: Applications/Editors
|
||||||
@ -8,6 +8,13 @@ URL: http://www.nano-editor.org
|
|||||||
Source: http://www.nano-editor.org/dist/v2.2/%{name}-%{version}.tar.gz
|
Source: http://www.nano-editor.org/dist/v2.2/%{name}-%{version}.tar.gz
|
||||||
Source2: nanorc
|
Source2: nanorc
|
||||||
Patch0: nano-2.2.3-warnings.patch
|
Patch0: nano-2.2.3-warnings.patch
|
||||||
|
|
||||||
|
# http://lists.gnu.org/archive/html/nano-devel/2010-08/msg00004.html
|
||||||
|
Patch1: 0001-check-stat-s-result-and-avoid-calling-stat-on-a-NULL.patch
|
||||||
|
|
||||||
|
# http://lists.gnu.org/archive/html/nano-devel/2010-08/msg00005.html
|
||||||
|
Patch2: 0002-use-futimens-if-available-instead-of-utime.patch
|
||||||
|
|
||||||
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
BuildRoot: %{_tmppath}/%{name}-%{version}-%{release}-root-%(%{__id_u} -n)
|
||||||
BuildRequires: autoconf
|
BuildRequires: autoconf
|
||||||
BuildRequires: gettext-devel
|
BuildRequires: gettext-devel
|
||||||
@ -23,12 +30,18 @@ GNU nano is a small and friendly text editor.
|
|||||||
%prep
|
%prep
|
||||||
%setup -q
|
%setup -q
|
||||||
%patch0 -p1
|
%patch0 -p1
|
||||||
|
%patch1 -p1
|
||||||
|
%patch2 -p1
|
||||||
|
|
||||||
for f in doc/man/fr/{nano.1,nanorc.5,rnano.1} ; do
|
for f in doc/man/fr/{nano.1,nanorc.5,rnano.1} ; do
|
||||||
iconv -f iso-8859-1 -t utf-8 -o $f.tmp $f && mv $f.tmp $f
|
iconv -f iso-8859-1 -t utf-8 -o $f.tmp $f && mv $f.tmp $f
|
||||||
touch $f.html
|
touch $f.html
|
||||||
done
|
done
|
||||||
|
|
||||||
|
# do not run autotools, we have already reflected the configure.ac
|
||||||
|
# changes in configure and config.h.in
|
||||||
|
touch -c aclocal.m4 config.h.in configure Makefile.in
|
||||||
|
|
||||||
%build
|
%build
|
||||||
%configure --bindir=/bin
|
%configure --bindir=/bin
|
||||||
make %{?_smp_mflags}
|
make %{?_smp_mflags}
|
||||||
@ -81,6 +94,10 @@ rm -rf %{buildroot}
|
|||||||
%{_datadir}/nano
|
%{_datadir}/nano
|
||||||
|
|
||||||
%changelog
|
%changelog
|
||||||
|
* Mon Nov 22 2010 Kamil Dudka <kdudka@redhat.com> - 2.2.6-1
|
||||||
|
- new upstream release (#655978)
|
||||||
|
- increase code robustness (patches related to CVE-2010-1160, CVE-2010-1161)
|
||||||
|
|
||||||
* Sat Aug 07 2010 Kamil Dudka <kdudka@redhat.com> - 2.2.5-1
|
* Sat Aug 07 2010 Kamil Dudka <kdudka@redhat.com> - 2.2.5-1
|
||||||
- new upstream release (#621857)
|
- new upstream release (#621857)
|
||||||
|
|
||||||
|
Loading…
Reference in New Issue
Block a user