From 52814d36668f2222d5924a01cf304f3e30c95bab Mon Sep 17 00:00:00 2001 From: Jan Macku Date: Wed, 14 Oct 2020 12:24:47 +0200 Subject: [PATCH] Switch to stderror() when parsing history so that we stop processing immediately Loading corrupted history should no more resulted in resource consumption --- ...shing-when-loading-corrupted-history.patch | 47 ++++++++++++++++ ...error-consistently-and-abort-quickly.patch | 53 +++++++++++++++++++ tcsh.spec | 7 ++- 3 files changed, 106 insertions(+), 1 deletion(-) create mode 100644 tcsh-6.22.02-avoid-crashing-when-loading-corrupted-history.patch create mode 100644 tcsh-6.22.02-call-seterror-consistently-and-abort-quickly.patch diff --git a/tcsh-6.22.02-avoid-crashing-when-loading-corrupted-history.patch b/tcsh-6.22.02-avoid-crashing-when-loading-corrupted-history.patch new file mode 100644 index 0000000..efd0588 --- /dev/null +++ b/tcsh-6.22.02-avoid-crashing-when-loading-corrupted-history.patch @@ -0,0 +1,47 @@ +From 7d25c5d5ad5e9c0cd17a21f73aeb2374a29ecd83 Mon Sep 17 00:00:00 2001 +From: zoulasc +Date: Fri, 31 Jul 2020 14:30:40 -0400 +Subject: [PATCH] Switch to stderror() when parsing history so that we stop + processing immediately (Jan Macku) + +--- + sh.lex.c | 9 +++------ + 1 file changed, 3 insertions(+), 6 deletions(-) + +diff --git a/sh.lex.c b/sh.lex.c +index ecab059..d83ffa0 100644 +--- a/sh.lex.c ++++ b/sh.lex.c +@@ -183,8 +183,7 @@ lex(struct wordent *hp) + wdp->word = word(parsehtime); + parsehtime = 0; + if (enterhist && toolong++ > 10 * 1024) { +- seterror(ERR_LTOOLONG); +- break; ++ stderror(ERR_LTOOLONG); + } + } while (wdp->word[0] != '\n'); + cleanup_ignore(hp); +@@ -303,8 +302,7 @@ word(int parsehtime) + cleanup_push(&wbuf, Strbuf_cleanup); + loop: + if (enterhist && toolong++ > 256 * 1024) { +- seterror(ERR_WTOOLONG); +- goto ret; ++ stderror(ERR_WTOOLONG); + } + while ((c = getC(DOALL)) == ' ' || c == '\t') + continue; +@@ -365,8 +363,7 @@ loop: + dolflg = DOALL; + for (;;) { + if (enterhist && toolong++ > 256 * 1024) { +- seterror(ERR_WTOOLONG); +- goto ret; ++ stderror(ERR_WTOOLONG); + } + if (c1) { + if (c == c1) { +-- +2.25.4 + diff --git a/tcsh-6.22.02-call-seterror-consistently-and-abort-quickly.patch b/tcsh-6.22.02-call-seterror-consistently-and-abort-quickly.patch new file mode 100644 index 0000000..d301475 --- /dev/null +++ b/tcsh-6.22.02-call-seterror-consistently-and-abort-quickly.patch @@ -0,0 +1,53 @@ +From 064853aa25f498aa7bc4554393a53240696813fa Mon Sep 17 00:00:00 2001 +From: Christos Zoulas +Date: Fri, 24 Jul 2020 13:49:21 -0400 +Subject: [PATCH] Call seterror consistently and abort quickly (Jan Macku) + +--- + sh.lex.c | 14 ++++++++++---- + 1 file changed, 10 insertions(+), 4 deletions(-) + +diff --git a/sh.lex.c b/sh.lex.c +index d7d0ac5..ecab059 100644 +--- a/sh.lex.c ++++ b/sh.lex.c +@@ -182,8 +182,10 @@ lex(struct wordent *hp) + wdp = new; + wdp->word = word(parsehtime); + parsehtime = 0; +- if (enterhist && toolong++ > 10 * 1024) +- stderror(ERR_LTOOLONG); ++ if (enterhist && toolong++ > 10 * 1024) { ++ seterror(ERR_LTOOLONG); ++ break; ++ } + } while (wdp->word[0] != '\n'); + cleanup_ignore(hp); + cleanup_until(hp); +@@ -300,8 +302,10 @@ word(int parsehtime) + + cleanup_push(&wbuf, Strbuf_cleanup); + loop: +- if (enterhist && toolong++ > 256 * 1024) ++ if (enterhist && toolong++ > 256 * 1024) { + seterror(ERR_WTOOLONG); ++ goto ret; ++ } + while ((c = getC(DOALL)) == ' ' || c == '\t') + continue; + if (cmap(c, _META | _ESC)) +@@ -360,8 +364,10 @@ loop: + c1 = 0; + dolflg = DOALL; + for (;;) { +- if (enterhist && toolong++ > 256 * 1024) ++ if (enterhist && toolong++ > 256 * 1024) { + seterror(ERR_WTOOLONG); ++ goto ret; ++ } + if (c1) { + if (c == c1) { + c1 = 0; +-- +2.25.4 + diff --git a/tcsh.spec b/tcsh.spec index aad09b1..f0f6526 100644 --- a/tcsh.spec +++ b/tcsh.spec @@ -13,7 +13,7 @@ Name: tcsh Summary: An enhanced version of csh, the C shell Version: 6.22.02 -Release: 4%{?dist} +Release: 5%{?dist} License: BSD URL: http://www.tcsh.org/ @@ -43,6 +43,8 @@ BuildRequires: ncurses-devel # Upstream patches -- official upstream patches released by upstream since the # ---------------- last rebase that are necessary for any reason: Patch001: tcsh-6.22.02-avoid-gcc-to-fail.patch +Patch002: tcsh-6.22.02-call-seterror-consistently-and-abort-quickly.patch +Patch003: tcsh-6.22.02-avoid-crashing-when-loading-corrupted-history.patch # Downstream patches -- these should be always included when doing rebase: @@ -177,6 +179,9 @@ fi # ============================================================================= %changelog +* Wed Oct 14 2020 Jan Macku - 6.22.02-5 +- Switch to stderror() when parsing history so that we stop processing immediately to avoid crashes + * Wed Jul 29 2020 Fedora Release Engineering - 6.22.02-4 - Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild