rpms/patch
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Compare commits

merge into: rpms:c8
Branches Tags
rpms:c8
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c9s
rpms:imports/c10s/patch-2.7.6-26.el10
rpms:imports/c10s/patch-2.7.6-25.el10
rpms:imports/c9/patch-2.7.6-16.el9
rpms:imports/c9-beta/patch-2.7.6-16.el9
rpms:imports/c8-beta/patch-2.7.6-11.el8
rpms:imports/c8-beta/patch-2.7.6-8.el8
rpms:imports/c8s/patch-2.7.6-11.el8
rpms:imports/c8/patch-2.7.6-11.el8
rpms:imports/c8/patch-2.7.6-9.el8_0
rpms:imports/c8/patch-2.7.6-8.el8
...
pull from: rpms:c9s
Branches Tags
rpms:c10s
rpms:c8s
rpms:c9
rpms:c9-beta
rpms:c8-beta
rpms:c8
rpms:c9s
rpms:imports/c10s/patch-2.7.6-26.el10
rpms:imports/c10s/patch-2.7.6-25.el10
rpms:imports/c9/patch-2.7.6-16.el9
rpms:imports/c9-beta/patch-2.7.6-16.el9
rpms:imports/c8-beta/patch-2.7.6-11.el8
rpms:imports/c8-beta/patch-2.7.6-8.el8
rpms:imports/c8s/patch-2.7.6-11.el8
rpms:imports/c8/patch-2.7.6-11.el8
rpms:imports/c8/patch-2.7.6-9.el8_0
rpms:imports/c8/patch-2.7.6-8.el8

No commits in common. "c8" and "c9s" have entirely different histories.
c8 ... c9s

48 changed files with 3552 additions and 212 deletions
Show Stats Expand all files Collapse all files

11
.gitignore vendored
View File

@ -1 +1,10 @@
SOURCES/patch-2.7.6.tar.xz
patch-2.5.4.tar.gz
patch-2.6.tar.xz
patch-2.6.1.tar.xz
/patch-2.7.tar.xz
/patch-2.7.1.tar.xz
/patch-2.7.2.tar.xz
/patch-2.7.3.tar.xz
/patch-2.7.4.tar.xz
/patch-2.7.5.tar.xz
/patch-2.7.6.tar.xz

1
.patch.metadata
View File

@ -1 +0,0 @@
6f64fa75993bdb285ac4ed6eca6c9212725bff91 SOURCES/patch-2.7.6.tar.xz

23
SOURCES/patch-2.7.6-CVE-2018-20969.patch
View File

@ -1,23 +0,0 @@
diff -up patch-2.7.6/src/pch.c.CVE-2018-20969 patch-2.7.6/src/pch.c
--- patch-2.7.6/src/pch.c.CVE-2018-20969 2019-09-02 15:40:09.087994204 +0200
+++ patch-2.7.6/src/pch.c 2019-09-02 15:42:23.486485786 +0200
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
*outname_needs_removal = true;
copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
}
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
fflush (stdout);
pid = fork();
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
else if (pid == 0)
{
dup2 (tmpfd, 0);
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ assert (outname[0] != '!' && outname[0] != '-');
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
_exit (2);
}
else

13
SOURCES/patch-2.7.6-CVE-2018-6951.patch
View File

@ -1,13 +0,0 @@
diff -up patch-2.7.6/src/pch.c.than patch-2.7.6/src/pch.c
--- patch-2.7.6/src/pch.c.than 2018-03-13 11:12:44.726307967 +0100
+++ patch-2.7.6/src/pch.c 2018-03-13 11:13:34.203449789 +0100
@@ -976,7 +976,8 @@ intuit_diff_type (bool need_header, mode
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");

13
SOURCES/patch-2.7.6-CVE-2018-6952.patch
View File

@ -1,13 +0,0 @@
diff --git a/src/pch.c b/src/pch.c
index e92bc64..a500ad9 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2122,7 +2122,7 @@ pch_swap (void)
}
if (p_efake >= 0) { /* fix non-freeable ptr range */
if (p_efake <= i)
- n = p_end - i + 1;
+ n = p_end - p_ptrn_lines;
else
n = -i;
p_efake += n;

58
SOURCES/patch-2.7.6-gcc8.patch
View File

@ -1,58 +0,0 @@
diff -up patch-2.7.6/.me.orig patch-2.7.6/.me
diff -up patch-2.7.6/src/common.h.orig patch-2.7.6/src/common.h
--- patch-2.7.6/src/common.h.orig 2018-06-18 17:20:49.661363500 +0200
+++ patch-2.7.6/src/common.h 2018-06-18 17:22:21.505841527 +0200
@@ -221,3 +221,11 @@ bool merge_hunk (int hunk, struct outsta
#else
# define merge_hunk(hunk, outstate, where, somefailed) false
#endif
+
+#ifndef FALLTHROUGH
+# if __GNUC__ < 7
+# define FALLTHROUGH ((void) 0)
+# else
+# define FALLTHROUGH __attribute__ ((__fallthrough__))
+# endif
+#endif
diff -up patch-2.7.6/src/patch.c.orig patch-2.7.6/src/patch.c
--- patch-2.7.6/src/patch.c.orig 2018-06-18 17:20:49.662363506 +0200
+++ patch-2.7.6/src/patch.c 2018-06-18 17:22:21.507841538 +0200
@@ -1381,7 +1381,7 @@ abort_hunk_context (bool header, bool re
break;
case ' ': case '-': case '+': case '!':
fprintf (rejfp, "%c ", pch_char (i));
- /* fall into */
+ FALLTHROUGH;
case '\n':
pch_write_line (i, rejfp);
break;
diff -up patch-2.7.6/src/pch.c.orig patch-2.7.6/src/pch.c
--- patch-2.7.6/src/pch.c.orig 2018-06-18 17:20:49.662363506 +0200
+++ patch-2.7.6/src/pch.c 2018-06-18 17:24:00.694357762 +0200
@@ -1742,7 +1742,7 @@ another_hunk (enum diff difftype, bool r
break;
case '=':
ch = ' ';
- /* FALL THROUGH */
+ FALLTHROUGH;
case ' ':
if (fillsrc > p_ptrn_lines) {
free(s);
@@ -1763,7 +1763,7 @@ another_hunk (enum diff difftype, bool r
p_end = fillsrc-1;
return -1;
}
- /* FALL THROUGH */
+ FALLTHROUGH;
case '+':
if (filldst > p_end) {
free(s);
@@ -2401,7 +2401,7 @@ do_ed_script (char const *inname, char c
size_t chars_read;
FILE *tmpfp = 0;
char const *tmpname;
- int tmpfd;
+ int tmpfd = -1; /* placate gcc's -Wmaybe-uninitialized */
pid_t pid;
if (! dry_run && ! skip_rest_of_patch)

9
STAGE1-patch Normal file
View File

@ -0,0 +1,9 @@
srpm patch
mcd $BUILDDIR/$1
cat <<EOF > config.cache
ac_cv_func_strnlen_working=yes
EOF
$SRC/${1}-*/configure $TCONFIGARGS --cache-file=config.cache
notparallel
make $J V=1
make $J install DESTDIR=${ROOTFS}

7
gating.yaml Normal file
View File

@ -0,0 +1,7 @@
--- !Policy
product_versions:
- fedora-*
decision_context: bodhi_update_push_testing
rules:
- !PassingTestCaseRule {test_case_name: dist.depcheck}
- !PassingTestCaseRule {test_case_name: dist.abicheck}

14
patch-2.7.6-CVE-2018-17942.patch Normal file
View File

@ -0,0 +1,14 @@
diff -up patch-2.7.6/lib/vasnprintf.c.me patch-2.7.6/lib/vasnprintf.c
--- patch-2.7.6/lib/vasnprintf.c.me 2018-11-26 14:02:03.401718842 +0100
+++ patch-2.7.6/lib/vasnprintf.c 2018-11-26 14:03:02.923913446 +0100
@@ -860,7 +860,9 @@ convert_to_decimal (mpn_t a, size_t extr
size_t a_len = a.nlimbs;
/* 0.03345 is slightly larger than log(2)/(9*log(10)). */
size_t c_len = 9 * ((size_t)(a_len * (GMP_LIMB_BITS * 0.03345f)) + 1);
- char *c_ptr = (char *) malloc (xsum (c_len, extra_zeroes));
+ /* We need extra_zeroes bytes for zeroes, followed by c_len bytes for the
+ digits of a, followed by 1 byte for the terminating NUL. */
+ char *c_ptr = (char *) malloc (xsum (xsum (extra_zeroes, c_len), 1));
if (c_ptr != NULL)
{
char *d_ptr = c_ptr;

25
patch-2.7.6-CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap.patch Normal file
View File

@ -0,0 +1,25 @@
commit 9c986353e420ead6e706262bf204d6e03322c300
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Aug 17 13:35:40 2018 +0200
Fix swapping fake lines in pch_swap
* src/pch.c (pch_swap): Fix swapping p_bfake and p_efake when there is a
blank line in the middle of a context-diff hunk: that empty line stays
in the middle of the hunk and isn't swapped.
Fixes: https://savannah.gnu.org/bugs/index.php?53133
diff --git a/src/pch.c b/src/pch.c
index e92bc64..a500ad9 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2122,7 +2122,7 @@ pch_swap (void)
}
if (p_efake >= 0) { /* fix non-freeable ptr range */
if (p_efake <= i)
- n = p_end - i + 1;
+ n = p_end - p_ptrn_lines;
else
n = -i;
p_efake += n;

0
SOURCES/patch-2.7.6-CVE-2019-13636-symlinks.patch → patch-2.7.6-CVE-2019-13636-symlinks.patch
View File

33
patch-2.7.6-CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell.patch Normal file
View File

@ -0,0 +1,33 @@
commit 3fcd042d26d70856e826a42b5f93dc4854d80bf0
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Apr 6 19:36:15 2018 +0200
Invoke ed directly instead of using the shell
* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
command to avoid quoting vulnerabilities.
diff --git a/src/pch.c b/src/pch.c
index 4fd5a05..16e001a 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char const *outname,
*outname_needs_removal = true;
copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
}
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
fflush (stdout);
pid = fork();
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char const *outname,
else if (pid == 0)
{
dup2 (tmpfd, 0);
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
+ assert (outname[0] != '!' && outname[0] != '-');
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
_exit (2);
}
else

0
SOURCES/patch-2.7.x-abort_when_cleaning_up_fails.patch → patch-2.7.6-abort_when_cleaning_up_fails.patch
View File

28
patch-2.7.6-allow-input-files-to-be-missing-for-ed-style-patches.patch Normal file
View File

@ -0,0 +1,28 @@
commit b5a91a01e5d0897facdd0f49d64b76b0f02b43e1
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Apr 6 11:34:51 2018 +0200
Allow input files to be missing for ed-style patches
* src/pch.c (do_ed_script): Allow input files to be missing so that new
files will be created as with non-ed-style patches.
diff --git a/src/pch.c b/src/pch.c
index bc6278c..0c5cc26 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2394,9 +2394,11 @@ do_ed_script (char const *inname, char const *outname,
if (! dry_run && ! skip_rest_of_patch) {
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ if (inerrno != ENOENT)
+ {
+ *outname_needs_removal = true;
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
sprintf (buf, "%s %s%s", editor_program,
verbosity == VERBOSE ? "" : "- ",
outname);

21
patch-2.7.6-avoid-invalid-memory-access-in-context-format-diffs.patch Normal file
View File

@ -0,0 +1,21 @@
commit 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon Jul 15 19:10:02 2019 +0200
Avoid invalid memory access in context format diffs
* src/pch.c (another_hunk): Avoid invalid memory access in context format
diffs.
diff --git a/src/pch.c b/src/pch.c
index a500ad9..cb54e03 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev)
ptrn_prefix_context = context;
ptrn_suffix_context = context;
if (repl_beginning
+ || p_end <= 0
|| (p_end
!= p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n')))
{

24
patch-2.7.6-avoid-set_file_attributes-sign-conversion-warnings.patch Normal file
View File

@ -0,0 +1,24 @@
commit 3bbebbb29f6fbbf2988b9f2e75695b7c0b1f1c9b
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Wed Feb 7 12:01:22 2018 +0100
Avoid set_file_attributes sign conversion warnings
* src/util.c (set_file_attributes): Avoid sign conversion warnings when
assigning -1 to uid_t / gid_t.
diff --git a/src/util.c b/src/util.c
index b1c7266..1cc08ba 100644
--- a/src/util.c
+++ b/src/util.c
@@ -256,8 +256,8 @@ set_file_attributes (char const *to, enum file_attributes attr,
}
if (attr & FA_IDS)
{
- static uid_t euid = -1;
- static gid_t egid = -1;
+ static uid_t euid = (uid_t)-1;
+ static gid_t egid = (gid_t)-1;
uid_t uid;
uid_t gid;

85
patch-2.7.6-avoid-warnings-gcc8.patch Normal file
View File

@ -0,0 +1,85 @@
commit ae81be0024ea4eaf139b7ba57e9a8ce9e4a163ec
Author: Jim Meyering <jim@meyering.net>
Date: Fri Apr 6 17:17:11 2018 -0700
maint: avoid warnings from GCC8
Hi Andreas,
I configured with --enable-gcc-warnings and bleeding-edge gcc
(version 8.0.1 20180406) and hit some warning-escalated-to-errors.
This fixes them:
>From a71ddb200dbe7ac0f9258796b5a51979b2740e88 Mon Sep 17 00:00:00 2001
From: Jim Meyering <meyering@fb.com>
Date: Fri, 6 Apr 2018 16:47:00 -0700
Subject: [PATCH] maint: avoid warnings from GCC8
* src/common.h (FALLTHROUGH): Define.
* src/patch.c (abort_hunk_context): Use FALLTHROUGH macro in place of
a comment. This avoids a warning from -Wimplicit-fallthrough=.
* src/pch.c (do_ed_script): Add otherwise unnecessary initialization
to avoid warning from -Wmaybe-uninitialized.
(another_hunk): Use FALLTHROUGH macro here, too, twice.
diff --git a/src/common.h b/src/common.h
index ec50b40..904a3f8 100644
--- a/src/common.h
+++ b/src/common.h
@@ -218,3 +218,11 @@ bool merge_hunk (int hunk, struct outstate *, lin where, bool *);
#else
# define merge_hunk(hunk, outstate, where, somefailed) false
#endif
+
+#ifndef FALLTHROUGH
+# if __GNUC__ < 7
+# define FALLTHROUGH ((void) 0)
+# else
+# define FALLTHROUGH __attribute__ ((__fallthrough__))
+# endif
+#endif
diff --git a/src/patch.c b/src/patch.c
index 0fe6d72..1ae91d9 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -1381,7 +1381,7 @@ abort_hunk_context (bool header, bool reverse)
break;
case ' ': case '-': case '+': case '!':
fprintf (rejfp, "%c ", pch_char (i));
- /* fall into */
+ FALLTHROUGH;
case '\n':
pch_write_line (i, rejfp);
break;
diff --git a/src/pch.c b/src/pch.c
index 1055542..cda3dfa 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1735,7 +1735,7 @@ another_hunk (enum diff difftype, bool rev)
break;
case '=':
ch = ' ';
- /* FALL THROUGH */
+ FALLTHROUGH;
case ' ':
if (fillsrc > p_ptrn_lines) {
free(s);
@@ -1756,7 +1756,7 @@ another_hunk (enum diff difftype, bool rev)
p_end = fillsrc-1;
return -1;
}
- /* FALL THROUGH */
+ FALLTHROUGH;
case '+':
if (filldst > p_end) {
free(s);
@@ -2394,8 +2394,7 @@ do_ed_script (char const *inname, char const *outname,
size_t chars_read;
FILE *tmpfp = 0;
char const *tmpname;
- int tmpfd;
- pid_t pid;
+ int tmpfd = -1; /* placate gcc's -Wmaybe-uninitialized */
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
char const **ed_argv;
int stdin_dup, status;

21
patch-2.7.6-avoid_invalid_memory_access.patch Normal file
View File

@ -0,0 +1,21 @@
commit 15b158db3ae11cb835f2eb8d2eb48e09d1a4af48
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon Jul 15 19:10:02 2019 +0200
Avoid invalid memory access in context format diffs
* src/pch.c (another_hunk): Avoid invalid memory access in context format
diffs.
diff --git a/src/pch.c b/src/pch.c
index a500ad9..cb54e03 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1328,6 +1328,7 @@ another_hunk (enum diff difftype, bool rev)
ptrn_prefix_context = context;
ptrn_suffix_context = context;
if (repl_beginning
+ || p_end <= 0
|| (p_end
!= p_ptrn_lines + 1 + (p_Char[p_end - 1] == '\n')))
{

75
patch-2.7.6-check-of-return-value-of-fwrite.patch Normal file
View File

@ -0,0 +1,75 @@
commit 1e9104c18019e7dc6b5590aea4b1d4f9d8ecfd56
Author: Bruno Haible <bruno@clisp.org>
Date: Sat Apr 7 12:21:04 2018 +0200
Fix check of return value of fwrite().
* src/patch.c (copy_till): Consider incomplete fwrite() write as an error.
* src/pch.c (pch_write_line, do_ed_script): Likewise.
diff --git a/src/patch.c b/src/patch.c
index 1ae91d9..3fcaec5 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -2,7 +2,7 @@
/* Copyright (C) 1984, 1985, 1986, 1987, 1988 Larry Wall
- Copyright (C) 1989-1993, 1997-1999, 2002-2003, 2006, 2009-2012 Free Software
+ Copyright (C) 1989-1993, 1997-1999, 2002-2003, 2006, 2009-2018 Free Software
Foundation, Inc.
This program is free software: you can redistribute it and/or modify
@@ -1641,7 +1641,7 @@ copy_till (struct outstate *outstate, lin lastline)
if (size)
{
if ((! outstate->after_newline && putc ('\n', fp) == EOF)
- || ! fwrite (s, sizeof *s, size, fp))
+ || fwrite (s, sizeof *s, size, fp) < size)
write_fatal ();
outstate->after_newline = s[size - 1] == '\n';
outstate->zero_output = false;
diff --git a/src/pch.c b/src/pch.c
index cda3dfa..79a3c99 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2279,8 +2279,11 @@ pfetch (lin line)
bool
pch_write_line (lin line, FILE *file)
{
- bool after_newline = (p_len[line] > 0) && (p_line[line][p_len[line] - 1] == '\n');
- if (! fwrite (p_line[line], sizeof (*p_line[line]), p_len[line], file))
+ bool after_newline =
+ (p_len[line] > 0) && (p_line[line][p_len[line] - 1] == '\n');
+
+ if (fwrite (p_line[line], sizeof (*p_line[line]), p_len[line], file)
+ < p_len[line])
write_fatal ();
return after_newline;
}
@@ -2427,13 +2430,14 @@ do_ed_script (char const *inname, char const *outname,
ed_command_letter = get_ed_command_letter (buf);
if (ed_command_letter) {
if (tmpfp)
- if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
+ if (fwrite (buf, sizeof *buf, chars_read, tmpfp) < chars_read)
write_fatal ();
if (ed_command_letter != 'd' && ed_command_letter != 's') {
p_pass_comments_through = true;
while ((chars_read = get_line ()) != 0) {
if (tmpfp)
- if (! fwrite (buf, sizeof *buf, chars_read, tmpfp))
+ if (fwrite (buf, sizeof *buf, chars_read, tmpfp)
+ < chars_read)
write_fatal ();
if (chars_read == 2 && strEQ (buf, ".\n"))
break;
@@ -2448,7 +2452,7 @@ do_ed_script (char const *inname, char const *outname,
}
if (dry_run || skip_rest_of_patch)
return;
- if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
+ if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) < (size_t) 4
|| fflush (tmpfp) != 0)
write_fatal ();

91
patch-2.7.6-cleanups-in-do_ed_script.patch Normal file
View File

@ -0,0 +1,91 @@
commit 2a32bf09f5e9572da4be183bb0dbde8164351474
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Apr 6 20:32:46 2018 +0200
Minor cleanups in do_ed_script
* src/pch.c (do_ed_script): Minor cleanups.
diff --git a/src/pch.c b/src/pch.c
index 1f14624..1055542 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2396,6 +2396,10 @@ do_ed_script (char const *inname, char const *outname,
char const *tmpname;
int tmpfd;
pid_t pid;
+ int exclusive = *outname_needs_removal ? 0 : O_EXCL;
+ char const **ed_argv;
+ int stdin_dup, status;
+
if (! dry_run && ! skip_rest_of_patch)
{
@@ -2443,7 +2447,7 @@ do_ed_script (char const *inname, char const *outname,
break;
}
}
- if (!tmpfp)
+ if (dry_run || skip_rest_of_patch)
return;
if (fwrite ("w\nq\n", sizeof (char), (size_t) 4, tmpfp) == 0
|| fflush (tmpfp) != 0)
@@ -2452,36 +2456,29 @@ do_ed_script (char const *inname, char const *outname,
if (lseek (tmpfd, 0, SEEK_SET) == -1)
pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- char const **ed_argv;
- int stdin_dup, status;
-
+ if (inerrno != ENOENT)
+ {
*outname_needs_removal = true;
- if (inerrno != ENOENT)
- {
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- }
- fflush (stdout);
-
- if ((stdin_dup = dup (0)) == -1
- || dup2 (tmpfd, 0) == -1)
- pfatal ("Failed to duplicate standard input");
- assert (outname[0] != '!' && outname[0] != '-');
- ed_argv = alloca (4 * sizeof * ed_argv);
- ed_argv[0] = editor_program;
- ed_argv[1] = "-";
- ed_argv[2] = outname;
- ed_argv[3] = (char *) NULL;
- status = execute (editor_program, editor_program, (char **)ed_argv,
- false, false, false, false, true, false, NULL);
- if (status)
- fatal ("%s FAILED", editor_program);
- if (dup2 (stdin_dup, 0) == -1
- || close (stdin_dup) == -1)
- pfatal ("Failed to duplicate standard input");
- }
+ copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
+ }
+ fflush (stdout);
+
+ if ((stdin_dup = dup (0)) == -1
+ || dup2 (tmpfd, 0) == -1)
+ pfatal ("Failed to duplicate standard input");
+ assert (outname[0] != '!' && outname[0] != '-');
+ ed_argv = alloca (4 * sizeof * ed_argv);
+ ed_argv[0] = editor_program;
+ ed_argv[1] = "-";
+ ed_argv[2] = outname;
+ ed_argv[3] = (char *) NULL;
+ status = execute (editor_program, editor_program, (char **)ed_argv,
+ false, false, false, false, true, false, NULL);
+ if (status)
+ fatal ("%s FAILED", editor_program);
+ if (dup2 (stdin_dup, 0) == -1
+ || close (stdin_dup) == -1)
+ pfatal ("Failed to duplicate standard input");
fclose (tmpfp);
safe_unlink (tmpname);

84
patch-2.7.6-crash-RLIMIT_NOFILE.patch Normal file
View File

@ -0,0 +1,84 @@
commit 61d7788b83b302207a67b82786f4fd79e3538f30
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Thu Jun 27 11:10:43 2019 +0200
Don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY
* src/safe.c (min_cached_fds): Define minimum number of cached dir file
descriptors.
(max_cached_fds): Change type to rlim_t to allow storing RLIM_INFINITY.
(init_dirfd_cache): Set max_cached_fds to RLIM_INFINITY when RLIMIT_NOFILE is
RLIM_INFINITY. Set the initial hash table size to min_cached_fds, independent
of RLIMIT_NOFILE: patches commonly only affect one or a few files, so a small
hash table will usually suffice; if needed, the hash table will grow.
(insert_cached_dirfd): Don't shrink the cache when max_cached_fds is
RLIM_INFINITY.
diff --git a/src/safe.c b/src/safe.c
index 5a7202f..f147b0e 100644
--- a/src/safe.c
+++ b/src/safe.c
@@ -67,7 +67,8 @@ struct cached_dirfd {
};
static Hash_table *cached_dirfds = NULL;
-static size_t max_cached_fds;
+static rlim_t min_cached_fds = 8;
+static rlim_t max_cached_fds;
LIST_HEAD (lru_list);
static size_t hash_cached_dirfd (const void *entry, size_t table_size)
@@ -98,11 +99,17 @@ static void init_dirfd_cache (void)
{
struct rlimit nofile;
- max_cached_fds = 8;
if (getrlimit (RLIMIT_NOFILE, &nofile) == 0)
- max_cached_fds = MAX (nofile.rlim_cur / 4, max_cached_fds);
+ {
+ if (nofile.rlim_cur == RLIM_INFINITY)
+ max_cached_fds = RLIM_INFINITY;
+ else
+ max_cached_fds = MAX (nofile.rlim_cur / 4, min_cached_fds);
+ }
+ else
+ max_cached_fds = min_cached_fds;
- cached_dirfds = hash_initialize (max_cached_fds,
+ cached_dirfds = hash_initialize (min_cached_fds,
NULL,
hash_cached_dirfd,
compare_cached_dirfds,
@@ -148,20 +155,23 @@ static void insert_cached_dirfd (struct cached_dirfd *entry, int keepfd)
if (cached_dirfds == NULL)
init_dirfd_cache ();
- /* Trim off the least recently used entries */
- while (hash_get_n_entries (cached_dirfds) >= max_cached_fds)
+ if (max_cached_fds != RLIM_INFINITY)
{
- struct cached_dirfd *last =
- list_entry (lru_list.prev, struct cached_dirfd, lru_link);
- if (&last->lru_link == &lru_list)
- break;
- if (last->fd == keepfd)
+ /* Trim off the least recently used entries */
+ while (hash_get_n_entries (cached_dirfds) >= max_cached_fds)
{
- last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link);
+ struct cached_dirfd *last =
+ list_entry (lru_list.prev, struct cached_dirfd, lru_link);
if (&last->lru_link == &lru_list)
break;
+ if (last->fd == keepfd)
+ {
+ last = list_entry (last->lru_link.prev, struct cached_dirfd, lru_link);
+ if (&last->lru_link == &lru_list)
+ break;
+ }
+ remove_cached_dirfd (last);
}
- remove_cached_dirfd (last);
}
/* Only insert if the parent still exists. */

95
patch-2.7.6-dont-leak-temporary-file-on-failed-ed-style-patch.patch Normal file
View File

@ -0,0 +1,95 @@
commit 19599883ffb6a450d2884f081f8ecf68edbed7ee
Author: Jean Delvare <jdelvare@suse.de>
Date: Thu May 3 14:31:55 2018 +0200
Don't leak temporary file on failed ed-style patch
Now that we write ed-style patches to a temporary file before we
apply them, we need to ensure that the temporary file is removed
before we leave, even on fatal error.
* src/pch.c (do_ed_script): Use global TMPEDNAME instead of local
tmpname. Don't unlink the file directly, instead tag it for removal
at exit time.
* src/patch.c (cleanup): Unlink TMPEDNAME at exit.
This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
diff --git a/src/common.h b/src/common.h
index 904a3f8..53c5e32 100644
--- a/src/common.h
+++ b/src/common.h
@@ -94,10 +94,12 @@ XTERN char const *origsuff;
XTERN char const * TMPINNAME;
XTERN char const * TMPOUTNAME;
XTERN char const * TMPPATNAME;
+XTERN char const * TMPEDNAME;
XTERN bool TMPINNAME_needs_removal;
XTERN bool TMPOUTNAME_needs_removal;
XTERN bool TMPPATNAME_needs_removal;
+XTERN bool TMPEDNAME_needs_removal;
#ifdef DEBUGGING
XTERN int debug;
diff --git a/src/patch.c b/src/patch.c
index 3fcaec5..9146597 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -1999,6 +1999,7 @@ cleanup (void)
remove_if_needed (TMPINNAME, &TMPINNAME_needs_removal);
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
remove_if_needed (TMPPATNAME, &TMPPATNAME_needs_removal);
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
remove_if_needed (TMPREJNAME, &TMPREJNAME_needs_removal);
output_files (NULL);
}
diff --git a/src/pch.c b/src/pch.c
index 79a3c99..1bb3153 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -2396,7 +2396,6 @@ do_ed_script (char const *inname, char const *outname,
file_offset beginning_of_this_line;
size_t chars_read;
FILE *tmpfp = 0;
- char const *tmpname;
int tmpfd = -1; /* placate gcc's -Wmaybe-uninitialized */
int exclusive = *outname_needs_removal ? 0 : O_EXCL;
char const **ed_argv;
@@ -2411,12 +2410,13 @@ do_ed_script (char const *inname, char const *outname,
invalid commands and treats the next line as a new command, which
can lead to arbitrary command execution. */
- tmpfd = make_tempfile (&tmpname, 'e', NULL, O_RDWR | O_BINARY, 0);
+ tmpfd = make_tempfile (&TMPEDNAME, 'e', NULL, O_RDWR | O_BINARY, 0);
if (tmpfd == -1)
- pfatal ("Can't create temporary file %s", quotearg (tmpname));
+ pfatal ("Can't create temporary file %s", quotearg (TMPEDNAME));
+ TMPEDNAME_needs_removal = true;
tmpfp = fdopen (tmpfd, "w+b");
if (! tmpfp)
- pfatal ("Can't open stream for file %s", quotearg (tmpname));
+ pfatal ("Can't open stream for file %s", quotearg (TMPEDNAME));
}
for (;;) {
@@ -2457,7 +2457,7 @@ do_ed_script (char const *inname, char const *outname,
write_fatal ();
if (lseek (tmpfd, 0, SEEK_SET) == -1)
- pfatal ("Can't rewind to the beginning of file %s", quotearg (tmpname));
+ pfatal ("Can't rewind to the beginning of file %s", quotearg (TMPEDNAME));
if (inerrno != ENOENT)
{
@@ -2484,7 +2484,6 @@ do_ed_script (char const *inname, char const *outname,
pfatal ("Failed to duplicate standard input");
fclose (tmpfp);
- safe_unlink (tmpname);
if (ofp)
{

71
patch-2.7.6-dont-leak-temporary-file-on-failed-multi-file-ed-style-patch.patch Normal file
View File

@ -0,0 +1,71 @@
commit 369dcccdfa6336e5a873d6d63705cfbe04c55727
Author: Jean Delvare <jdelvare@suse.de>
Date: Mon May 7 15:14:45 2018 +0200
Don't leak temporary file on failed multi-file ed-style patch
The previous fix worked fine with single-file ed-style patches, but
would still leak temporary files in the case of multi-file ed-style
patch. Fix that case as well, and extend the test case to check for
it.
* src/patch.c (main): Unlink TMPEDNAME if needed before moving to
the next file in a patch.
This closes bug #53820:
https://savannah.gnu.org/bugs/index.php?53820
Fixes: 123eaff0d5d1 ("Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)")
Fixes: 19599883ffb6 ("Don't leak temporary file on failed ed-style patch")
diff --git a/src/patch.c b/src/patch.c
index 9146597..81c7a02 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -236,6 +236,7 @@ main (int argc, char **argv)
}
remove_if_needed (TMPOUTNAME, &TMPOUTNAME_needs_removal);
}
+ remove_if_needed (TMPEDNAME, &TMPEDNAME_needs_removal);
if (! skip_rest_of_patch && ! file_type)
{
diff --git a/tests/ed-style b/tests/ed-style
index 6b6ef9d..504e6e5 100644
--- a/tests/ed-style
+++ b/tests/ed-style
@@ -38,3 +38,34 @@ EOF
check 'cat foo' <<EOF
foo
EOF
+
+# Test the case where one ed-style patch modifies several files
+
+cat > ed3.diff <<EOF
+--- foo
++++ foo
+1c
+bar
+.
+--- baz
++++ baz
+0a
+baz
+.
+EOF
+
+# Apparently we can't create a file with such a patch, while it works fine
+# when the file name is provided on the command line
+cat > baz <<EOF
+EOF
+
+check 'patch -e -i ed3.diff' <<EOF
+EOF
+
+check 'cat foo' <<EOF
+bar
+EOF
+
+check 'cat baz' <<EOF
+baz
+EOF

29
patch-2.7.6-failed_assertion.patch Normal file
View File

@ -0,0 +1,29 @@
commit 76e775847f4954b63dc72afe34d9d921c6688b31
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Tue Jul 16 01:16:28 2019 +0200
Fix failed assertion 'outstate->after_newline'
The assertion triggers when the -o FILE option is used, more than one output
file is written into FILE, and one of those files (except the last one) ends in
the middle of a line.
* src/patch.c (main): Fix the case described above.
diff --git a/src/patch.c b/src/patch.c
index 02fd982..3794319 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -369,6 +369,13 @@ main (int argc, char **argv)
/* outstate.ofp now owns the file descriptor */
outfd = -1;
}
+ else
+ {
+ /* When writing to a single output file (-o FILE), always pretend
+ that the output file ends in a newline. Otherwise, when another
+ file is written to the same output file, apply_hunk will fail. */
+ outstate.after_newline = true;
+ }
/* find out where all the lines are */
if (!skip_rest_of_patch) {

22
patch-2.7.6-fix-ed-style-test-failure.patch Normal file
View File

@ -0,0 +1,22 @@
commit 458ac51a05426c1af9aa6bf1342ecf60728c19b4
Author: Bruno Haible <bruno@clisp.org>
Date: Sat Apr 7 12:34:03 2018 +0200
Fix 'ed-style' test failure.
* tests/ed-style: Remove '?' line from expected output.
diff --git a/tests/ed-style b/tests/ed-style
index d8c0689..6b6ef9d 100644
--- a/tests/ed-style
+++ b/tests/ed-style
@@ -31,8 +31,7 @@ r !echo bar
,p
EOF
-check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF
-?
+check 'patch -e foo -i ed2.diff > /dev/null 2> /dev/null || echo "Status: $?"' <<EOF
Status: 2
EOF

21
patch-2.7.6-fix-korn-shell-incompatibility.patch Normal file
View File

@ -0,0 +1,21 @@
commit 074e2395f81d0ecaa66b71a6c228c70b49db72e5
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Wed Feb 7 17:05:00 2018 +0100
Test suite: fix Korn shell incompatibility
tests/merge: In a Korn shell, shift apparently fails when $# is 0.
diff --git a/tests/merge b/tests/merge
index b628891..e950b92 100644
--- a/tests/merge
+++ b/tests/merge
@@ -32,7 +32,7 @@ x2() {
shift
done > b.sed
echo "$body" | sed -f b.sed > b
- shift
+ test $# -eq 0 || shift
while test $# -gt 0 ; do
echo "$1"
shift

24
patch-2.7.6-fix-segfault-with-mangled-rename-patch.patch Normal file
View File

@ -0,0 +1,24 @@
commit f290f48a621867084884bfff87f8093c15195e6a
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon Feb 12 16:48:24 2018 +0100
Fix segfault with mangled rename patch
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
diff --git a/src/pch.c b/src/pch.c
index ff9ed2c..bc6278c 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");

48
patch-2.7.6-improve_support_for_memory_leak_detection.patch Normal file
View File

@ -0,0 +1,48 @@
commit 2b584aec9e5f2806b1eccadcabe7e901fcfa0b0a
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Thu Jun 27 11:02:02 2019 +0200
Improve support for memory leak detection
When building with the address sanitizer on, free some more resources before
exiting. (This is unnecessary when not looking for memory leaks.)
* src/patch.c (init_files_to_delete): Add dispose function for freeing
filenames.
diff --git a/src/patch.c b/src/patch.c
index 81c7a02..4616a48 100644
--- a/src/patch.c
+++ b/src/patch.c
@@ -36,6 +36,10 @@
#include <minmax.h>
#include <safe.h>
+#ifdef __SANITIZE_ADDRESS__
+# define FREE_BEFORE_EXIT
+#endif
+
/* procedures */
static FILE *create_output_file (char const *, int);
@@ -1777,10 +1781,20 @@ struct file_to_delete {
static gl_list_t files_to_delete;
+#ifdef FREE_BEFORE_EXIT
+void dispose_file_to_delete (const void *elt)
+{
+ free ((void *) elt);
+}
+#else
+#define dispose_file_to_delete NULL
+#endif
+
static void
init_files_to_delete (void)
{
- files_to_delete = gl_list_create_empty (GL_LINKED_LIST, NULL, NULL, NULL, true);
+ files_to_delete = gl_list_create_empty (GL_LINKED_LIST, NULL, NULL,
+ dispose_file_to_delete, true);
}
static void

40
patch-2.7.6-make-debug-output-more-useful.patch Normal file
View File

@ -0,0 +1,40 @@
commit ff81775f4eb6ab9a91b75e4031e8216654c0c76a
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Aug 17 10:31:22 2018 +0200
Make the (debug & 2) output more useful
* src/pch.c (another_hunk): In the (debug & 2) output, fix how empty
lines that are not part of the patch context are printed. Also, add
newlines to lines that are missing them to keep the output readable.
diff --git a/src/pch.c b/src/pch.c
index 1bb3153..e92bc64 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -1916,8 +1916,13 @@ another_hunk (enum diff difftype, bool rev)
lin i;
for (i = 0; i <= p_end + 1; i++) {
- fprintf (stderr, "%s %c",
- format_linenum (numbuf0, i),
+ fputs (format_linenum (numbuf0, i), stderr);
+ if (p_Char[i] == '\n')
+ {
+ fputc('\n', stderr);
+ continue;
+ }
+ fprintf (stderr, " %c",
p_Char[i]);
if (p_Char[i] == '*')
fprintf (stderr, " %s,%s\n",
@@ -1930,7 +1935,8 @@ another_hunk (enum diff difftype, bool rev)
else if (p_Char[i] != '^')
{
fputs(" |", stderr);
- pch_write_line (i, stderr);
+ if (! pch_write_line (i, stderr))
+ fputc('\n', stderr);
}
else
fputc('\n', stderr);

20
patch-2.7.6-skip-ed-test-when-the-ed-utility-is-not-installed.patch Normal file
View File

@ -0,0 +1,20 @@
commit a5b442ce01b80a758606ede316f739426a12bc33
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Thu Jun 27 11:09:31 2019 +0200
Skip "ed" test when the ed utility is not installed
* tests/ed-style: Require ed.
diff --git a/tests/ed-style b/tests/ed-style
index 504e6e5..9907cb6 100644
--- a/tests/ed-style
+++ b/tests/ed-style
@@ -7,6 +7,7 @@
. $srcdir/test-lib.sh
require cat
+require ed
use_local_patch
use_tmpdir

1774
patch-2.7.6-switch-from-fork-execlp-to-execute.patch Normal file
View File

File diff suppressed because it is too large Load Diff

124
patch-2.7.6-test-suite-compatibility-fixes.patch Normal file
View File

@ -0,0 +1,124 @@
commit f6bc5b14bd193859851d15a049bafb1007acd288
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Wed Feb 7 12:10:41 2018 +0100
Test suite compatibility fixes
* tests/crlf-handling, tests/git-cleanup, tests/test-lib.sh: Use printf
instead of echo -e / echo -n for compatibility with systems that don't
support these echo options.
* tests/merge: Minor other cleanups.
diff --git a/tests/crlf-handling b/tests/crlf-handling
index 239149c..c192cac 100644
--- a/tests/crlf-handling
+++ b/tests/crlf-handling
@@ -14,7 +14,7 @@ use_local_patch
use_tmpdir
lf2crlf() {
- while read l; do echo -e "$l\r"; done
+ while read l; do printf "%s\r\n" "$l"; done
}
echo 1 > a
diff --git a/tests/git-cleanup b/tests/git-cleanup
index 2e3e4c6..ca527a1 100644
--- a/tests/git-cleanup
+++ b/tests/git-cleanup
@@ -36,8 +36,8 @@ BAD PATCH
EOF
echo 1 > f
-echo -n '' > g
-echo -n '' > h
+printf '' > g
+printf '' > h
check 'patch -f -i 1.diff || echo status: $?' <<EOF
patching file f
diff --git a/tests/merge b/tests/merge
index 22d787b..b628891 100644
--- a/tests/merge
+++ b/tests/merge
@@ -30,30 +30,28 @@ x2() {
while test $# -gt 0 && test "$1" != -- ; do
echo "$1"
shift
- done > a.sed
- echo "$body" | sed -f a.sed > b
+ done > b.sed
+ echo "$body" | sed -f b.sed > b
shift
while test $# -gt 0 ; do
echo "$1"
shift
- done > b.sed
- echo "$body" | sed -f b.sed > c
- rm -f a.sed b.sed
+ done > c.sed
+ echo "$body" | sed -f c.sed > c
+ rm -f b.sed c.sed
output=`diff -u a b | patch $ARGS -f c`
status=$?
echo "$output" | sed -e '/^$/d' -e '/^patching file c$/d'
cat c
- test $status == 0 || echo "Status: $status"
+ test $status = 0 || echo "Status: $status"
}
x() {
- ARGS="$ARGS --merge" x2 "$@"
+ ARGS="--merge" x2 "$@"
echo
- ARGS="$ARGS --merge=diff3" x2 "$@"
+ ARGS="--merge=diff3" x2 "$@"
}
-unset ARGS
-
# ==============================================================
check 'x 3' <<EOF
diff --git a/tests/test-lib.sh b/tests/test-lib.sh
index be0d7e3..661da52 100644
--- a/tests/test-lib.sh
+++ b/tests/test-lib.sh
@@ -41,7 +41,7 @@ use_local_patch() {
eval 'patch() {
if test -n "$GDB" ; then
- echo -e "\n" >&3
+ printf "\n\n" >&3
gdbserver localhost:53153 $PATCH "$@" 2>&3
else
$PATCH "$@"
@@ -113,22 +113,15 @@ cleanup() {
exit $status
}
-if test -z "`echo -n`"; then
- if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then
- eval '
- _start_test() {
- echo -n "[${BASH_LINENO[2]}] $* -- "
- }'
- else
- eval '
- _start_test() {
- echo -n "* $* -- "
- }'
- fi
+if eval 'test -n "${BASH_LINENO[0]}" 2>/dev/null'; then
+ eval '
+ _start_test() {
+ printf "[${BASH_LINENO[2]}] %s -- " "$*"
+ }'
else
eval '
_start_test() {
- echo "* $*"
+ printf "* %s -- " "$*"
}'
fi

16
patch-2.7.6.tar.xz.sig Normal file
View File

@ -0,0 +1,16 @@
-----BEGIN PGP SIGNATURE-----
iQIcBAABAgAGBQJaed0dAAoJENW/n+sDE2U62ScQAK02GcPxJccBefkcuC6q/or9
f1im2lIpc1YJqxHmmhDeRu9twjuFycUV55hud+OroJe2xYKZrI6oUwJBldKTRfHu
whlhRzERO3U4z9pvi8XWbKvObsmqSBIgsM72oby4aPLCWk7IpJprR6BnRZdtnBg1
jzM3Yka8k01+dmVH2rsoSEGAe9sZbXJazBoYg8N/wHKe2+NY4W3esZ7flxQJ9RvB
GxjVU/KbyoNXIoFU4EnMalcLTZTHThhv2kQ1/cQZ+gt/1+f00DoieaUaIg3qB8jX
IqYE4GvXILgx8+REE3utt0zKv7pYGBNRkuACUE2hLZoY4SporJ0J63/7Y8zrzjxQ
GE27+DcjxBQGd1GnpO/Xb4kpqBGyn4KrlBIiHkhk2GgyBewpXPMog3cJki7A/1vz
Qb+JTY8PBqvOe7DmxW4Bp1vX6eOKn14FDQ7q3ZPjAd52Jtn7GUEt4etCduQh7ZNt
ElLLvpPro1wxG1bTbA3+TysCd+9XWWjwKJlPK5Jbdii0R73iy386UZGN1t1kmBzS
1mn3nh82z/XO9lPU3e1WP0BANAzTrNqA66ZbfQ9fIu6UO8R/+ygT7U5yie+X3xwP
kM6HR6oD0eDkqbPbOr8hey0kPG3FAWkZ47Oju5ad1ntUBFj4buLybEY0e08hncJS
gdt7wrbeKKxzdrcyQ1qy
=mjHo
-----END PGP SIGNATURE-----

95
SOURCES/patch-CVE-2018-1000156.patch → patch-CVE-2018-1000156.patch
View File

@ -1,6 +1,19 @@
diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
--- patch-2.7.6/src/pch.c.CVE-2018-1000156 2018-06-19 10:10:41.407826617 +0200
+++ patch-2.7.6/src/pch.c 2018-06-19 10:11:01.200927524 +0200
commit 123eaff0d5d1aebe128295959435b9ca5909c26d
Author: Andreas Gruenbacher <agruen@gnu.org>
Date: Fri Apr 6 12:14:49 2018 +0200
Fix arbitrary command execution in ed-style patches (CVE-2018-1000156)
* src/pch.c (do_ed_script): Write ed script to a temporary file instead
of piping it to ed: this will cause ed to abort on invalid commands
instead of rejecting them and carrying on.
* tests/ed-style: New test case.
* tests/Makefile.am (TESTS): Add test case.
diff --git a/src/pch.c b/src/pch.c
index 0c5cc26..4fd5a05 100644
--- a/src/pch.c
+++ b/src/pch.c
@@ -33,6 +33,7 @@
# include <io.h>
#endif
@ -9,7 +22,7 @@ diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
#define INITHUNKMAX 125 /* initial dynamic allocation size */
@@ -2389,22 +2390,28 @@ do_ed_script (char const *inname, char c
@@ -2389,24 +2390,28 @@ do_ed_script (char const *inname, char const *outname,
static char const editor_program[] = EDITOR_PROGRAM;
file_offset beginning_of_this_line;
@ -38,9 +51,11 @@ diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
- if (! dry_run && ! skip_rest_of_patch) {
- int exclusive = *outname_needs_removal ? 0 : O_EXCL;
- assert (! inerrno);
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- if (inerrno != ENOENT)
- {
- *outname_needs_removal = true;
- copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
- }
- sprintf (buf, "%s %s%s", editor_program,
- verbosity == VERBOSE ? "" : "- ",
- outname);
@ -52,7 +67,7 @@ diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
for (;;) {
char ed_command_letter;
beginning_of_this_line = file_tell (pfp);
@@ -2415,14 +2422,14 @@ do_ed_script (char const *inname, char c
@@ -2417,14 +2422,14 @@ do_ed_script (char const *inname, char const *outname,
}
ed_command_letter = get_ed_command_letter (buf);
if (ed_command_letter) {
@ -71,7 +86,7 @@ diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
write_fatal ();
if (chars_read == 2 && strEQ (buf, ".\n"))
break;
@@ -2435,13 +2442,50 @@ do_ed_script (char const *inname, char c
@@ -2437,13 +2442,49 @@ do_ed_script (char const *inname, char const *outname,
break;
}
}
@ -123,14 +138,27 @@ diff -up patch-2.7.6/src/pch.c.CVE-2018-1000156 patch-2.7.6/src/pch.c
+
+ fclose (tmpfp);
+ safe_unlink (tmpname);
+ free((char*) tmpname);
if (ofp)
{
diff -up patch-2.7.6/tests/ed-style.CVE-2018-1000156 patch-2.7.6/tests/ed-style
--- patch-2.7.6/tests/ed-style.CVE-2018-1000156 2018-06-19 10:10:41.409826627 +0200
+++ patch-2.7.6/tests/ed-style 2018-06-19 11:28:43.354641294 +0200
@@ -0,0 +1,40 @@
diff --git a/tests/Makefile.am b/tests/Makefile.am
index 6b6df63..16f8693 100644
--- a/tests/Makefile.am
+++ b/tests/Makefile.am
@@ -32,6 +32,7 @@ TESTS = \
crlf-handling \
dash-o-append \
deep-directories \
+ ed-style \
empty-files \
false-match \
fifo \
diff --git a/tests/ed-style b/tests/ed-style
new file mode 100644
index 0000000..d8c0689
--- /dev/null
+++ b/tests/ed-style
@@ -0,0 +1,41 @@
+# Copyright (C) 2018 Free Software Foundation, Inc.
+#
+# Copying and distribution of this file, with or without modification,
@ -164,46 +192,11 @@ diff -up patch-2.7.6/tests/ed-style.CVE-2018-1000156 patch-2.7.6/tests/ed-style
+,p
+EOF
+
+check 'patch -e foo -i ed2.diff > /dev/null 2> /dev/null || echo "Status: $?"' <<EOF
+check 'patch -e foo -i ed2.diff 2> /dev/null || echo "Status: $?"' <<EOF
+?
+Status: 2
+EOF
+
+check 'cat foo' <<EOF
+foo
+EOF
diff -up patch-2.7.6/tests/Makefile.am.CVE-2018-1000156 patch-2.7.6/tests/Makefile.am
--- patch-2.7.6/tests/Makefile.am.CVE-2018-1000156 2018-02-03 13:41:49.000000000 +0100
+++ patch-2.7.6/tests/Makefile.am 2018-06-19 10:10:41.409826627 +0200
@@ -32,6 +32,7 @@ TESTS = \
crlf-handling \
dash-o-append \
deep-directories \
+ ed-style \
empty-files \
false-match \
fifo \
diff -up patch-2.7.6/tests/Makefile.in.CVE-2018-1000156 patch-2.7.6/tests/Makefile.in
--- patch-2.7.6/tests/Makefile.in.CVE-2018-1000156 2018-02-03 14:33:56.000000000 +0100
+++ patch-2.7.6/tests/Makefile.in 2018-06-19 10:10:41.409826627 +0200
@@ -1308,6 +1308,7 @@ TESTS = \
crlf-handling \
dash-o-append \
deep-directories \
+ ed-style \
empty-files \
false-match \
fifo \
@@ -1645,6 +1646,13 @@ empty-files.log: empty-files
$(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
--log-file $$b.log --trs-file $$b.trs \
$(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
+ "$$tst" $(AM_TESTS_FD_REDIRECT)
+ed-style.log: empty-files
+ @p='ed-style'; \
+ b='ed-style'; \
+ $(am__check_pre) $(LOG_DRIVER) --test-name "$$f" \
+ --log-file $$b.log --trs-file $$b.trs \
+ $(am__common_driver_flags) $(AM_LOG_DRIVER_FLAGS) $(LOG_DRIVER_FLAGS) -- $(LOG_COMPILE) \
"$$tst" $(AM_TESTS_FD_REDIRECT)
false-match.log: false-match
@p='false-match'; \

0
SOURCES/patch-selinux.patch → patch-selinux.patch
View File

150
SPECS/patch.spec → patch.spec
View File

@ -3,23 +3,44 @@
Summary: Utility for modifying/upgrading files
Name: patch
Version: 2.7.6
Release: 11%{?dist}
Release: 16%{?dist}
License: GPLv3+
URL: http://www.gnu.org/software/patch/patch.html
Group: Development/Tools
Source: ftp://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz
Patch1: patch-2.7.6-CVE-2018-6951.patch
Patch2: patch-CVE-2018-1000156.patch
Patch3: patch-2.7.6-gcc8.patch
Patch4: patch-2.7.6-CVE-2018-6952.patch
Patch5: patch-2.7.6-CVE-2018-20969.patch
Patch6: patch-2.7.6-CVE-2019-13636-symlinks.patch
Patch7: patch-2.7.x-abort_when_cleaning_up_fails.patch
URL: https://savannah.gnu.org/projects/patch/
Source: https://ftp.gnu.org/gnu/patch/patch-%{version}.tar.xz
Patch0: patch-2.7.6-avoid-set_file_attributes-sign-conversion-warnings.patch
patch1: patch-2.7.6-test-suite-compatibility-fixes.patch
Patch2: patch-2.7.6-fix-korn-shell-incompatibility.patch
Patch3: patch-2.7.6-fix-segfault-with-mangled-rename-patch.patch
Patch4: patch-2.7.6-allow-input-files-to-be-missing-for-ed-style-patches.patch
Patch5: patch-CVE-2018-1000156.patch
Patch6: patch-2.7.6-CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell.patch
Patch7: patch-2.7.6-switch-from-fork-execlp-to-execute.patch
Patch8: patch-2.7.6-cleanups-in-do_ed_script.patch
Patch9: patch-2.7.6-avoid-warnings-gcc8.patch
Patch10: patch-2.7.6-check-of-return-value-of-fwrite.patch
Patch11: patch-2.7.6-fix-ed-style-test-failure.patch
Patch12: patch-2.7.6-dont-leak-temporary-file-on-failed-ed-style-patch.patch
Patch13: patch-2.7.6-dont-leak-temporary-file-on-failed-multi-file-ed-style-patch.patch
Patch14: patch-2.7.6-make-debug-output-more-useful.patch
Patch15: patch-2.7.6-CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap.patch
Patch16: patch-2.7.6-improve_support_for_memory_leak_detection.patch
patch17: patch-2.7.6-skip-ed-test-when-the-ed-utility-is-not-installed.patch
Patch18: patch-2.7.6-abort_when_cleaning_up_fails.patch
Patch19: patch-2.7.6-crash-RLIMIT_NOFILE.patch
Patch20: patch-2.7.6-CVE-2019-13636-symlinks.patch
Patch21: patch-2.7.6-avoid-invalid-memory-access-in-context-format-diffs.patch
Patch22: patch-2.7.6-CVE-2018-17942.patch
Patch23: patch-2.7.6-failed_assertion.patch
Patch100: patch-selinux.patch
BuildRequires: make
BuildRequires: gcc
BuildRequires: libselinux-devel
BuildRequires: libattr-devel
BuildRequires: ed
BuildRequires: automake autoconf
BuildRequires: autoconf automake
Requires: ed
Provides: bundled(gnulib) = %{gnulib_ver}
@ -35,28 +56,32 @@ applications.
%prep
%setup -q
# CVE-2018-6951, NULL pointer dereference causes a crash
%patch1 -p1 -b .CVE-2018-6951
%patch0 -p1 -b .avoid-set_file_attributes-sign-conversion-warnings
%patch1 -p1 -b .test-suite-compatibility-fixes
%patch2 -p1 -b .fix-korn-shell-incompatibility
%patch3 -p1 -b .fix-segfault-with-mangled-rename-patch
%patch4 -p1 -b .allow-input-files-to-be-missing-for-ed-style-patches
# CVE-2018-1000156, Malicious patch files cause ed to execute arbitrary commands
%patch2 -p1 -b .CVE-2018-1000156
# Fix to build with gcc8
%patch3 -p1 -b .gcc8
# CVE-2018-6952, Double free of memory
%patch4 -p1 -b .CVE-2018-6952
# CVE-2018-20969, do_ed_script in pch.c does not block strings beginning with a ! character
%patch5 -p1 -b .CVE-2018-20969
# CVE-2019-13636, Don't follow symlinks unless --follow-symlinks is given
%patch6 -p1 -b .CVE-2019-13636
# bz#1665928, Abort when cleaning up fails
%patch7 -p1 -b .abort_when_cleaning_up_fails
%patch5 -p1 -b .CVE-2018-1000156
%patch6 -p1 -b .CVE-2019-13638-invoked-ed-directly-instead-of-using-the-shell
%patch7 -p1 -b .switch-from-fork-execlp-to-execute
%patch8 -p1 -b .cleanups-in-do_ed_script
%patch9 -p1 -b .avoid-warnings-gcc8
%patch10 -p1 -b .check-of-return-value-of-fwrite
%patch11 -p1 -b .fix-ed-style-test-failure
%patch12 -p1 -b .dont-leak-temporary-file-on-failed-ed-style-patch
%patch13 -p1 -b .dont-leak-temporary-file-on-failed-multi-file-ed-style-patch
%patch14 -p1 -b .make-debug-output-more-useful
%patch15 -p1 -b .CVE-2018-6952-fix-swapping-fake-lines-in-pch_swap
%patch16 -p1 -b .improve_support_for_memory_leak_detection
%patch17 -p1 -b .skip-ed-test-when-the-ed-utility-is-not-installed
%patch18 -p1 -b .abort_when_cleaning_up_fails
%patch19 -p1 -b .crash-RLIMIT_NOFILE
%patch20 -p1 -b .CVE-2019-13636-symlinks
%patch21 -p1 -b .avoid-invalid-memory-access-in-context-format-diffs
# CVE-2018-17942 gnulib: heap-based buffer overflow
%patch22 -p1 -b .CVE-2018-17942-gnulib_buffer_overflow
%patch23 -p1 -b .failed_assertion
# SELinux support.
%patch100 -p1 -b .selinux
@ -65,48 +90,69 @@ CFLAGS="$RPM_OPT_FLAGS -D_GNU_SOURCE"
%ifarch sparcv9
CFLAGS=`echo $CFLAGS|sed -e 's|-fstack-protector||g'`
%endif
autoreconf
%configure --disable-silent-rules
make %{?_smp_mflags}
%make_build
%check
make check
%install
rm -rf $RPM_BUILD_ROOT
%makeinstall
%files
%defattr(-,root,root,-)
%license COPYING
%doc NEWS README
%{_bindir}/*
%{_mandir}/*/*
%changelog
* Tue Nov 19 2019 Than Ngo <than@redhat.com> - 2.7.6-11
- Related: #1733565, apply the patch correctly
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 2.7.6-16
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Tue Nov 19 2019 Than Ngo <than@redhat.com> - 2.7.6-10
- CVE-2019-13636 , Don't follow symlinks unless --follow-symlinks is given
- Resolves: #1665928, patch has a huge error output and segfaults when the file to be patched does not exist
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 2.7.6-15
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Mon Sep 02 2019 Than Ngo <than@redhat.com> - 2.7.6-9
- CVE-2018-20969, invoke ed directly instead of using the shell
* Tue Jan 26 2021 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-14
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Tue Nov 27 2018 Than Ngo <than@redhat.com> - 2.7.6-8
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-13
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Wed Jan 29 2020 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-12
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Mon Jul 29 2019 Than Ngo <than@redhat.com> - 2.7.6-11
- fixed #1733917, CVE-2019-13638 patch: OS shell command injection when processing crafted patch files
* Wed Jul 24 2019 Than Ngo <than@redhat.com> - 2.7.6-10
- backported patch, abort when cleaning up fails
- backported patch, improve support for memory leak detection
- backported patch, don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY
- backported patch, CVE-2019-13636, don't follow symlinks unless --follow-symlinks is given
- backported patch, avoid invalid memory accessin context format diffs
- backported patch, fix failed assertion
* Fri Feb 01 2019 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-9
- Rebuilt for https://fedoraproject.org/wiki/Fedora_30_Mass_Rebuild
* Mon Nov 26 2018 Than Ngo <than@redhat.com> - 2.7.6-8
- Added virtual provides for bundled gnulib library
- Fixed CVE-2018-17942, gnulib: heap-based buffer overflow
* Wed Sep 12 2018 Than Ngo <than@redhat.com> - 2.7.6-7
- Resolves: #1554752, CVE-2018-6952 Double free of memory
* Thu Oct 11 2018 Than Ngo <than@redhat.com> - 2.7.6-7
- Fixed #1582675 - Patch can be crashed and coredumped with a trivial wrong command
* Mon Jun 18 2018 Than Ngo <than@redhat.com> - 2.7.6-6
- avoid warnings from GCC8
* Wed Aug 15 2018 Than Ngo <than@redhat.com> - 2.7.6-6
- Fixed #1554752 - Double free of memory, CVE-2018-6952
* Mon Apr 09 2018 Than Ngo <than@redhat.com> - 2.7.6-5
- fixed CVE-2018-1000156
* Fri Jul 13 2018 Fedora Release Engineering <releng@fedoraproject.org> - 2.7.6-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_29_Mass_Rebuild
* Tue Mar 13 2018 Than Ngo <than@redhat.com> - 2.7.6-4
- apply the patch for CVE-2018-6951
* Thu May 3 2018 Tim Waugh <twaugh@redhat.com> - 2.7.6-4
- Fixed CVE-2018-1000156 - Malicious patch files cause ed to execute arbitrary
commands.
* Mon Feb 12 2018 Tim Waugh <twaugh@redhat.com> - 2.7.6-3
- 2.7.6 (CVE-2016-10713, CVE-2018-6951, CVE-2018-6952).

1
sources Normal file
View File

@ -0,0 +1 @@
SHA512 (patch-2.7.6.tar.xz) = fcca87bdb67a88685a8a25597f9e015f5e60197b9a269fa350ae35a7991ed8da553939b4bbc7f7d3cfd863c67142af403b04165633acbce4339056a905e87fbd

65
tests/Cannot-handle-file-names-with-integrated-spaces/Makefile Normal file
View File

@ -0,0 +1,65 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/patch/Regression/Cannot-handle-file-names-with-integrated-spaces
# Description: Test for bz431887 (Cannot handle file names with integrated spaces)
# Author: Ondrej Moris <omoris@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/patch/Regression/Cannot-handle-file-names-with-integrated-spaces
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Ondrej Moris <omoris@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test for bz431887 (Cannot handle file names with integrated spaces)" >> $(METADATA)
@echo "Type: Regression" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: patch" >> $(METADATA)
@echo "Requires: patch" >> $(METADATA)
@echo "Requires: expect" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Bug: 431887" >> $(METADATA)
rhts-lint $(METADATA)

27
tests/Cannot-handle-file-names-with-integrated-spaces/PURPOSE Normal file
View File

@ -0,0 +1,27 @@
PURPOSE of /CoreOS/patch/Regression/Cannot-handle-file-names-with-integrated-spaces
Description: Test for bz431887 (Cannot handle file names with integrated spaces)
Author: Ondrej Moris <omoris@redhat.com>
Bug summary: Cannot handle file names with integrated spaces
Bugzilla link: https://bugzilla.redhat.com/show_bug.cgi?id=431887
Description:
Description of problem:
If the file name for the file to be patched in a patch file has spaces, it
cannot be handled by patch.
Version-Release number of selected component (if applicable):
patch-2.5.4-29.2.2
How reproducible:
create a patch of a file with spaces in path
try to apply the patch
Actual results:
patch asks for the file name to patch
Expected results:
Just the patched file
Additional info:
Note that this bug is fixed upstream on 2003-05-18!

76
tests/Cannot-handle-file-names-with-integrated-spaces/runtest.sh Normal file
View File

@ -0,0 +1,76 @@
#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/patch/Regression/Cannot-handle-file-names-with-integrated-spaces
# Description: Test for bz431887 (Cannot handle file names with integrated spaces)
# Author: Ondrej Moris <omoris@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include rhts environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="patch"
function apply_patch {
expect <<EOF
set timeout 5
spawn patch -i spaces.patch
expect "patching file 'f i r s t'" { expect timeout ; exit 0 }
exit 1
EOF
return $?
}
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlPhaseEnd
rlPhaseStartTest
rlRun "echo \"1\" > \"f i r s t\"" 0
rlRun "echo \"2\" > \"s e c o n d\"" 0
rlAssertExists "f i r s t"
rlAssertExists "s e c o n d"
rlAssertDiffer "f i r s t" "s e c o n d"
rlRun "diff -u f\ i\ r\ s\ t s\ e\ c\ o\ n\ d > spaces.patch" 1
rlRun "apply_patch" 0 "Patching file with spaces in its name"
rlAssertExists "f i r s t"
rlAssertExists "s e c o n d"
rlAssertNotDiffer "f i r s t" "s e c o n d"
rlPhaseEnd
rlPhaseStartCleanup
rlRun "rm -f f\ i\ r\ s\ t s\ e\ c\ o\ n\ d spaces.patch"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

63
tests/Regression-wrong-name-used-when-adding-new-file/Makefile Normal file
View File

@ -0,0 +1,63 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/patch/Regression/Regression-wrong-name-used-when-adding-new-file
# Description: Test for Regression: wrong name used when adding new file
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/patch/Regression/Regression-wrong-name-used-when-adding-new-file
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Karel Srot <ksrot@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Test for Regression: wrong name used when adding new file" >> $(METADATA)
@echo "Type: Regression" >> $(METADATA)
@echo "TestTime: 5m" >> $(METADATA)
@echo "RunFor: patch" >> $(METADATA)
@echo "Requires: patch" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
rhts-lint $(METADATA)

55
tests/Regression-wrong-name-used-when-adding-new-file/PURPOSE Normal file
View File

@ -0,0 +1,55 @@
PURPOSE of /CoreOS/patch/Regression/Regression-wrong-name-used-when-adding-new-file
Description: Test for Regression: wrong name used when adding new file
Author: Karel Srot <ksrot@redhat.com>
Bug summary: Regression: wrong name used when adding new file
Description:
+++ This bug was initially created as a clone of Bug #549122 +++
Description of problem:
Regression: Suffix inside of new files of patch files are added to new files.
Take http://cvs.fedoraproject.org/viewvc/devel/popt/popt-1.13-multilib.patch
for example for reproducing:
With patch-2.6-1, "%patch0 -p1 -b .multilib" causes:
-rw-r--r-- 1 tux tux 256 Dec 20 15:26 footer_no_timestamp.html.multilib
-rw-r--r-- 1 tux tux 0 Dec 20 15:26 footer_no_timestamp.html.multilib.multilib
-rw-r--r-- 1 tux tux 51543 Dec 20 15:26 Doxyfile.in
-rw-r--r-- 1 tux tux 51519 May 25 2007 Doxyfile.in.multilib
With patch-2.5.4-36, "%patch0 -p1 -b .multilib" causes:
-rw-r--r-- 1 tux tux 256 Dec 20 15:32 footer_no_timestamp.html
---------- 1 tux tux 0 Dec 20 15:32 footer_no_timestamp.html.multilib
-rw-r--r-- 1 tux tux 51543 Dec 20 15:32 Doxyfile.in
-rw-r--r-- 1 tux tux 51519 May 25 2007 Doxyfile.in.multilib
You see what I mean? If the file is created by the patch file, the suffix
inside of the patch is appended to the new created file. That behaviour has
been introduced with the new version and it looks like a regression to me.
Version-Release number of selected component (if applicable):
patch-2.6-1
patch-2.5.4-36
How reproducible:
Everytime, see above.
Actual results:
Regression: Suffixes inside of patches at new files are added to new files
Expected results:
Good old behaviour like at patch-2.5.4-36.
--- Additional comment from twaugh@redhat.com on 2009-12-21 05:17:27 EDT ---
Verified.
Affects F-12 and F-11 as well.
--- Additional comment from twaugh@redhat.com on 2009-12-21 11:44:02 EDT ---
Reported upstream:
https://savannah.gnu.org/bugs/index.php?28367

57
tests/Regression-wrong-name-used-when-adding-new-file/runtest.sh Executable file
View File

@ -0,0 +1,57 @@
#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/patch/Regression/Regression-wrong-name-used-when-adding-new-file
# Description: Test for Regression: wrong name used when adding new file
# Author: Karel Srot <ksrot@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include rhts environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="patch"
rlJournalStart
rlPhaseStartSetup
rlAssertRpm $PACKAGE
rlRun "TmpDir=\`mktemp -d\`" 0 "Creating tmp directory"
rlRun "pushd $TmpDir"
rlRun "mkdir a b && touch a/file && echo content > b/file.new" 0 "Preparing test environment"
rlRun "diff -u a/file b/file.new > test.patch" 1 "Preparing a patch"
rlPhaseEnd
rlPhaseStartTest
rlRun "patch -p1 -b -z .backup -i test.patch" 0 "Patching the test file"
rlAssertExists file
rlAssertExists file.backup
rlAssertNotExists file.new
rlAssertNotExists file.new.backup
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -r $TmpDir" 0 "Removing tmp directory"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

21
tests/tests.yml Normal file
View File

@ -0,0 +1,21 @@
---
# Run tests in all contexts
- hosts: localhost
tags:
- classic
roles:
- role: standard-test-beakerlib
tests:
- Cannot-handle-file-names-with-integrated-spaces
- Regression-wrong-name-used-when-adding-new-file
- upstream-test-suite
required_packages:
- patch
- expect
- gcc
- rpm-build
- automake
- libselinux-devel
- ed
- libattr-devel
- wget

65
tests/upstream-test-suite/Makefile Normal file
View File

@ -0,0 +1,65 @@
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Makefile of /CoreOS/patch/Sanity/upstream-test-suite
# Description: tests upstream test suite
# Author: Miroslav Vadkerti <mvadkert@redhat.com>
# Author: Than Ngo <than@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2019 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
export TEST=/CoreOS/patch/Sanity/upstream-test-suite
export TESTVERSION=1.0
BUILT_FILES=
FILES=$(METADATA) runtest.sh Makefile PURPOSE
.PHONY: all install download clean
run: $(FILES) build
./runtest.sh
build: $(BUILT_FILES)
chmod a+x runtest.sh
clean:
rm -f *~ $(BUILT_FILES)
include /usr/share/rhts/lib/rhts-make.include
$(METADATA): Makefile
@echo "Owner: Miroslav Vadkerti <mvadkert@redhat.com>" > $(METADATA)
@echo "Name: $(TEST)" >> $(METADATA)
@echo "TestVersion: $(TESTVERSION)" >> $(METADATA)
@echo "Path: $(TEST_DIR)" >> $(METADATA)
@echo "Description: Executes upstream test suite" >> $(METADATA)
@echo "Type: Sanity" >> $(METADATA)
@echo "TestTime: 30m" >> $(METADATA)
@echo "RunFor: patch" >> $(METADATA)
@echo "Requires: patch gcc rpm-build automake libselinux-devel ed libattr-devel" >> $(METADATA)
@echo "Priority: Normal" >> $(METADATA)
@echo "License: GPLv2" >> $(METADATA)
@echo "Confidential: no" >> $(METADATA)
@echo "Destructive: no" >> $(METADATA)
@echo "Releases: -RHEL4 -RHELClient5 -RHELServer5" >> $(METADATA)
rhts-lint $(METADATA)

7
tests/upstream-test-suite/PURPOSE Normal file
View File

@ -0,0 +1,7 @@
PURPOSE of /CoreOS/patch/Sanity/upstream-test-suite
Description: Tests upstream test suite
Author: Miroslav Vadkerti <mvadkert@redhat.com>
tests following scenarios:
* download source rpm and build
* use the system patch to run the upstream test suite

77
tests/upstream-test-suite/runtest.sh Executable file
View File

@ -0,0 +1,77 @@
#!/bin/bash
# vim: dict=/usr/share/beakerlib/dictionary.vim cpt=.,w,b,u,t,i,k
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# runtest.sh of /CoreOS/patch/Sanity/selftest
# Description: Executes the upstream test suite comming with the package
# Author: Miroslav Vadkerti <mvadkert@redhat.com>
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
#
# Copyright (c) 2010 Red Hat, Inc. All rights reserved.
#
# This copyrighted material is made available to anyone wishing
# to use, modify, copy, or redistribute it subject to the terms
# and conditions of the GNU General Public License version 2.
#
# This program is distributed in the hope that it will be
# useful, but WITHOUT ANY WARRANTY; without even the implied
# warranty of MERCHANTABILITY or FITNESS FOR A PARTICULAR
# PURPOSE. See the GNU General Public License for more details.
#
# You should have received a copy of the GNU General Public
# License along with this program; if not, write to the Free
# Software Foundation, Inc., 51 Franklin Street, Fifth Floor,
# Boston, MA 02110-1301, USA.
#
# ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
# Include rhts environment
. /usr/bin/rhts-environment.sh || exit 1
. /usr/share/beakerlib/beakerlib.sh || exit 1
PACKAGE="patch"
PACKAGES="patch gcc rpm-build automake libselinux-devel"
UPSTREAMPKG="patch-*"
BUILDLOG=`mktemp`
TESTLOG=`mktemp`
TARGET=$(echo `uname -m` | egrep ppc)
if [[ $TARGET != "" ]]; then TARGET="--target `uname -m`"; fi
TOPDIR=`mktemp -d`
SPEC="$TOPDIR/SPECS/$PACKAGE*.spec"
TESTDIR="$TOPDIR/BUILD/$UPSTREAMPKG/"
PATCH=/usr/bin/patch
rlJournalStart
rlPhaseStartSetup
for PKG in $PACKAGES; do
rlAssertRpm $PKG
done
rlPhaseEnd
rlPhaseStartTest
rlAssertExists $PATCH
rlFetchSrcForInstalled $PACKAGE
rlRun "rpm -ivh --define '_topdir $TOPDIR' $PACKAGE*.src.rpm" 0 "Installing $PACKAGE src rpm"
echo "+ Building $PACKAGE (Log: $BUILDLOG)"
echo "+ Build command: rpmbuild -bc $SPEC $TARGET"
rlRun "rpmbuild --define '_topdir $TOPDIR' -bc $SPEC $TARGET &> $BUILDLOG"
echo "+ Buildlog:"
tail -n 100 $BUILDLOG
rlRun "pushd ."
rlRun "cd $TESTDIR"
rlRun "make check &> $TESTLOG"
cat $TESTLOG
if rlIsRHEL 6; then
rlAssertGrep 'All tests succeeded!' $TESTLOG
else
rlAssertNotGrep "^FAIL:" $TESTLOG
fi
rlPhaseEnd
rlPhaseStartCleanup
rlRun "popd"
rlRun "rm -rf $PACKAGE*.src.rpm" 0 "Removing source rpm"
rlPhaseEnd
rlJournalPrintText
rlJournalEnd

85
upstream-key.gpg Normal file
View File

@ -0,0 +1,85 @@
-----BEGIN PGP PUBLIC KEY BLOCK-----
Version: GnuPG v1.4.12 (GNU/Linux)
mQGiBErnFxkRBADiiaYtqw46j2/Dwvw/pUdHeK1T3kqJGxxyWb1xNtQMOTaViNRB
fmc19omxdOylPBfGwMN3Aavw2HCdC5F8JeVTXIO9hyM79zf15qNrrfku9IwG7Lmu
iKxSLgSDPwMyL9rT+lpaxvpU4m5nRfCwaIN38K+mpqfKLp/5mptaDsvoewCg6IuK
sQemv/fsfolVGW/zzL+7eBMD/0XO/I957FEuwX+1wCMtLMFj0tdJq2AdOAkh/T9X
zC7aoPSwA97zlSFoKYS4J9W0SdIgyY5FqLwfvbo43qr03AdaLCKDu8lmTnfDp/jp
C7kBQWTFSdhkVjtncJQW91MseJ5bjXuZJCZFN3Qo0onP4d1dr4KdPe+nAxUeHEjp
NgOYBACV7w+/Eu5dY6OydEl9kanKyiUGhV17YUWX5RRyNqlsSEFDrVgym1eGZ1Z8
xrcXWO2za5sRCe5jkik7v0IUxaAA2B0BWLOM4TEJgLcOyztgzDIrXYLQO1xdCUDz
TN+cXKAlz6xrAQrD4OQGv18xyVxyoBts+oVpnFOM4CONnnBLnrQkQW5kcmVhcyBH
cnVlbmJhY2hlciA8YWdAYmVzdGJpdHMuYXQ+iEYEEBECAAYFAkrnG3kACgkQGfdM
MnwSO19wEwCfQTrsTruGEgl7toByUQNCEhGoPCUAoLAVDVwg6HHyACOw26Paqb8/
rRzriGYEExECACYFAkrnG0ICGwMFCQPCZwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIX
gAAKCRD36HL+uXFU09PpAJ9XviQi141MU+/RkdpMZDZeXJiMTwCfa2+HmZdwYfB6
afmnTD1EgFpu+0CIZgQTEQIAJgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheABQJO
pVMIBQkFn29kAAoJEPfocv65cVTTvc4AnRxuY0LHpdhdjO1TuzQhD1gCZdmIAJ45
l6Xj6rkbDnsnKQ1FYyLMrIncZ7QkQW5kcmVhcyBHcnVlbmJhY2hlciA8YWdydWVu
QGdudS5vcmc+iGYEExECACYFAkrnJOsCGwMFCQPCZwAGCwkIBwMCBBUCCAMEFgID
AQIeAQIXgAAKCRD36HL+uXFU023zAKCyx8vewuQOcwNxxXZ7bm8Xe9qbaACgoenm
P/d1BzSUnX2+u6Do/50fvvGIZgQTEQIAJgUCSvF2vwIbAwUJA8JnAAYLCQgHAwIE
FQIIAwQWAgMBAh4BAheAAAoJEPfocv65cVTTQFYAoOBupY4jexET3XohajG4XDmW
J7lKAJ4uGjiGR0jS1WAQOhlODmhX8Fz7sohmBBMRAgAmAhsDBgsJCAcDAgQVAggD
BBYCAwECHgECF4AFAk6lUwgFCQWfb2QACgkQ9+hy/rlxVNNgIACcDYn4NYw2bIlK
dv2I9qXM2oUcnGsAoId8eaK7Bbpaf9yu/upu3bu6afp/tCRBbmRyZWFzIEdydWVu
YmFjaGVyIDxhZ3J1ZW5Ac3VzZS5kZT6IRgQQEQIABgUCSucbeQAKCRAZ90wyfBI7
X5wYAJ99gjXqaUSodK5o9ot9iJ1sNLHiYQCgnh6UW5pbZeqPyq31htZVFRWHoJqI
ZgQTEQIAJgUCSucXGQIbAwUJA8JnAAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJ
EPfocv65cVTTJwoAoK5WIYEQGeun8lgbcplXIs9josSsAKDV+3sv3zoeBy3CezQr
Qqu24BC8LohmBBMRAgAmBQJK5xwCAhsDBQkDwmcABgsJCAcDAgQVAggDBBYCAwEC
HgECF4AACgkQ9+hy/rlxVNNjfACgk/yFhJkuD80ow7/BreguMzIxwwwAoOEfRy2J
LTKJaPsy/P3qbVfSN5tqiGgEExECACkCGwMFCQPCZwAGCwkIBwMCBBUCCAMEFgID
AQIeAQIXgAUCSvF2zQIZAQAKCRD36HL+uXFU04YhAJdV3JUl3ouHXRHG6EI9lTna
ZTK6AJ9eN5XMIGbFjG7ob6zZAhWqnhNsyIhpBBMRAgApAhsDBQkDwmcABgsJCAcD
AgQVAggDBBYCAwECHgECF4AFAkrnG4YCGQEACgkQ9+hy/rlxVNPhTQCgyIZQbcM6
MyLwBXLx6M2anOaYMoYAnA2MMTEL/9CHi3H2Jyx5uvrLmZTaiGkEExECACkCGwMF
CQPCZwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAUCSucdvQIZAQAKCRD36HL+uXFU
0zxqAKCGF6V9kNMqap5jeemjJ4TriA6LxwCfcsijmwXGI3vITyiBO1X8f7Z90/mI
ZgQTEQIAJgIbAwYLCQgHAwIEFQIIAwQWAgMBAh4BAheABQkFn29kBQJOpVPoAAoJ
EPfocv65cVTThTwAnjYmXmbEQvqMu5ozW65qnHJS1DcjAKCjuR4gZSuNUh5Y6Dmw
812MC3UjMohpBBMRAgApAhsDBgsJCAcDAgQVAggDBBYCAwECHgECF4ACGQEFAk6l
Uv0FCQWfb2QACgkQ9+hy/rlxVNPydgCgnrhwInWuZ9bTKT/TOwaGZVQISo4An2E8
2vxhg8EsXtaR29lHT7CeMyeqtCdBbmRyZWFzIEdydWVuYmFjaGVyIDxhZ3J1ZW5A
bGluYml0LmNvbT6IZgQTEQIAJgUCSucdtAIbAwUJA8JnAAYLCQgHAwIEFQIIAwQW
AgMBAh4BAheAAAoJEPfocv65cVTT+UAAmgIc0N0K/Ock/dQnA9xVExBdNFakAJ0e
TB3SVXAIa5lhhWc1GZmxKidPGohmBBMRAgAmAhsDBgsJCAcDAgQVAggDBBYCAwEC
HgECF4AFAk6lUwgFCQWfb2QACgkQ9+hy/rlxVNOn8wCdGunqok07wMS1U6qhZdGE
BF6mh5oAni9/qN1iKn4VRawMNQpemh6fTJfniGYEExECACYFAk1c+joCGwMFCQPC
ZwAGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAAKCRD36HL+uXFU008lAJ9rKQV7HVie
IdMPbJWEtmHxIkb2IgCghre+tNcE0uAeFm44r1792LU44kiIaQQTEQIAKQIbAwYL
CQgHAwIEFQIIAwQWAgMBAh4BAheABQkFn29kBQJOpVPoAhkBAAoJEPfocv65cVTT
k5AAn2nQfHXSLcoipj7+cI4dn1AqsmhBAKCrA6ooseBLsGG2ilRqSv6R15LMerQn
QW5kcmVhcyBHcnVlbmJhY2hlciA8YWdydWVuQG5vdmVsbC5jb20+iEYEEBECAAYF
AkrnG3kACgkQGfdMMnwSO1+TegCePUCJFe4prxTcDzi3ttgkj7pS+kIAn1KARNuE
0lKnLOWBe155x0858mOJiGYEExECACYFAkrnGxQCGwMFCQPCZwAGCwkIBwMCBBUC
CAMEFgIDAQIeAQIXgAAKCRD36HL+uXFU06rnAKCLVEWgTvCpOUpG2CnSV+skaomm
BACeM1B4j8uxjvwLuvs0W0GdZLVfaHmIZgQTEQIAJgIbAwYLCQgHAwIEFQIIAwQW
AgMBAh4BAheABQJOpVMIBQkFn29kAAoJEPfocv65cVTTdK4AoN/sVAqnPlISqvQk
4uMBYnIZzOhKAJ9bP1tUP/3dGQSHz/umBaOIKPOFRLQnQW5kcmVhcyBHcnVlbmJh
Y2hlciA8YWdydWVuQGtlcm5lbC5vcmc+iGYEExECACYCGwMGCwkIBwMCBBUCCAME
FgIDAQIeAQIXgAUCTqVTCAUJBZ9vZAAKCRD36HL+uXFU00VJAKCbI5lIcGulHNgC
E3+73WMjmUR9uwCfdRBR1Uy9/S2RS1aOneASPstId0WIZgQTEQIAJgUCTVz6CwIb
AwUJA8JnAAYLCQgHAwIEFQIIAwQWAgMBAh4BAheAAAoJEPfocv65cVTTg+gAoJgk
/qkpaM2BrHwGKCEja8OpGFUDAKDV4rF2fI9eK3C8K094ddXiIia5ZrQzQW5kcmVh
cyBHcnVlbmJhY2hlciA8YW5kcmVhcy5ncnVlbmJhY2hlckBnbWFpbC5jb20+iGYE
ExECACYCGwMGCwkIBwMCBBUCCAMEFgIDAQIeAQIXgAUCTqVTCAUJBZ9vZAAKCRD3
6HL+uXFU089CAJ9EoK8KCgfdsu4XpGgl5pb1OeI4EwCgxfuO5v4anihFyVbR7NXE
r6qAKWqIZgQTEQIAJgUCTVz6WQIbAwUJA8JnAAYLCQgHAwIEFQIIAwQWAgMBAh4B
AheAAAoJEPfocv65cVTTIU0An29niIPlAMID3GEPzhaTqOppAK/2AKCfDE84zPkQ
pKsDjIskYuZk6muhKLkCDQRK5xcZEAgAzDwZQnK1wDK5vpXZSc8Yca6s/cvw1JX2
ojqHPwXp1LNif4JPYk40q+I+ebLuxQBn8X4NKqoinSqzxNzQJC5v880bm8MLCKpU
XU9S9BYL+37U8VZ9UQMDIvNFh4wek85sq9gJbKMfJmEwcICScvYxO9RL0/jpRFH5
AmgLvW+MEgLEgk8GA7IpxpZ9EybBAG61N4BbTWQv6wIWshIDBItxBRbVsliWwfJ8
qgrAGO4/PRPwTTScEpy0MvzXUKTFHj4WsYxyFW+JWixvDtq2hM9SXKv2yKXpi8i1
YW5gzlGjAm2jRRZvQdRV2mD6JjvxwhG23m8mt/JH6w5so3QIzKwKBwADBQf+KGVn
l+tdDcw/JcW5xiQvV8k7SFNA/33YJQSgFmyuYlSXVs3aiPykbIsDhxAvlxcHMZGS
0nL3OXdX16cKMSDx0SYv50D/Dm/0C/uMUTs+3cC+kbAmMrXtnUbnixUI+pyfQz6m
zXTpRRYRRrbDszCJH1VNsgfiGtNIXMSRRMlKRh+0HzO5EJCAiMgOE2a1SR2Nj24C
KA5bVX5g5nyinUmct+0d33xv8hktNnqw/dLDsuMirTsD48p5YoVgkqMTtgICUkvH
yYfuzJUdc1acURMz2ldxNgJdvrvFd3EBsHSNFmLQJusVNTwtiYsX0oqyvWzdP3q0
OS/Y8O62e+IdEIPsK4hPBBgRAgAPBQJK5xcZAhsMBQkDwmcAAAoJEPfocv65cVTT
1D4AoNZnrWgXdJmhwM791Q8pBZ4rMFYhAJ9MVzO8FZbf1x1Cw/2J/mXxeu3xsw==
=uAo+
-----END PGP PUBLIC KEY BLOCK-----