CVS commit: pkgsrc/shells/zsh

To: pkgsrc-changes%NetBSD.org@localhost
Subject: CVS commit: pkgsrc/shells/zsh
From: "S.P.Zeidler" <spz%netbsd.org@localhost>
Date: Fri, 30 Mar 2018 20:56:42 +0000

Module Name:    pkgsrc
Committed By:   spz
Date:           Fri Mar 30 20:56:42 UTC 2018

Modified Files:
        pkgsrc/shells/zsh: Makefile distinfo
Added Files:
        pkgsrc/shells/zsh/patches: patch-CVE-2018-1071 patch-CVE-2018-1083
            patch-CVE-2018-7548 patch-CVE-2018-7549

Log Message:
add security patches for CVE-2018-1071, CVE-2018-1083, CVE-2018-7548
and CVE-2018-7549 from the zsh repo. one pullup less, w00t. :-P


To generate a diff of this commit:
cvs rdiff -u -r1.82 -r1.83 pkgsrc/shells/zsh/Makefile
cvs rdiff -u -r1.60 -r1.61 pkgsrc/shells/zsh/distinfo
cvs rdiff -u -r0 -r1.1 pkgsrc/shells/zsh/patches/patch-CVE-2018-1071 \
    pkgsrc/shells/zsh/patches/patch-CVE-2018-1083 \
    pkgsrc/shells/zsh/patches/patch-CVE-2018-7548 \
    pkgsrc/shells/zsh/patches/patch-CVE-2018-7549

Please note that diffs are not public domain; they are subject to the
copyright notices on the relevant files.

Modified files:

Index: pkgsrc/shells/zsh/Makefile
diff -u pkgsrc/shells/zsh/Makefile:1.82 pkgsrc/shells/zsh/Makefile:1.83
--- pkgsrc/shells/zsh/Makefile:1.82     Tue Dec 12 23:57:29 2017
+++ pkgsrc/shells/zsh/Makefile  Fri Mar 30 20:56:42 2018
@@ -1,6 +1,7 @@
-# $NetBSD: Makefile,v 1.82 2017/12/12 23:57:29 minskim Exp $
+# $NetBSD: Makefile,v 1.83 2018/03/30 20:56:42 spz Exp $
 
 DISTNAME=      zsh-5.4.2
+PKGREVISION=   1
 CATEGORIES=    shells
 MASTER_SITES=  ${MASTER_SITE_SOURCEFORGE:=zsh/}
 EXTRACT_SUFX=  .tar.xz

Index: pkgsrc/shells/zsh/distinfo
diff -u pkgsrc/shells/zsh/distinfo:1.60 pkgsrc/shells/zsh/distinfo:1.61
--- pkgsrc/shells/zsh/distinfo:1.60     Fri Oct 13 09:35:19 2017
+++ pkgsrc/shells/zsh/distinfo  Fri Mar 30 20:56:42 2018
@@ -1,8 +1,12 @@
-$NetBSD: distinfo,v 1.60 2017/10/13 09:35:19 jperkin Exp $
+$NetBSD: distinfo,v 1.61 2018/03/30 20:56:42 spz Exp $
 
 SHA1 (zsh-5.4.2.tar.xz) = f6f8e699b956c8881444e597b1fc5af41fef456b
 RMD160 (zsh-5.4.2.tar.xz) = 9cc8888760c06757332daa6dfbba4c5235474b5d
 SHA512 (zsh-5.4.2.tar.xz) = 7825e4101905b6bfbd14f00b2f94f512ced5b9820a4f7b24409d266ad2c3c25144edf6aa2629317394055c51312ba57bb01e20c26e2ced1aeb0be0ff1a4d3fbb
 Size (zsh-5.4.2.tar.xz) = 2983492 bytes
+SHA1 (patch-CVE-2018-1071) = 0aa14d3ee127d34ee841f6a3749f5572bfdb3114
+SHA1 (patch-CVE-2018-1083) = 09d6188d1f4e2efc72dfb2a75571a7f1c857a2a7
+SHA1 (patch-CVE-2018-7548) = 85a4aa35c30690908ecb70772cc2553a91c3545c
+SHA1 (patch-CVE-2018-7549) = f94df77c2fe5563af6b88727c04c43d74771105e
 SHA1 (patch-aczsh.m4) = 36c270d8d7cf727f48787ef889b2bd89cbf065e2
 SHA1 (patch-configure.ac) = 87ae3604e09948cd7b360f08031ef9c3f91f0aae

Added files:

Index: pkgsrc/shells/zsh/patches/patch-CVE-2018-1071
diff -u /dev/null pkgsrc/shells/zsh/patches/patch-CVE-2018-1071:1.1
--- /dev/null   Fri Mar 30 20:56:42 2018
+++ pkgsrc/shells/zsh/patches/patch-CVE-2018-1071       Fri Mar 30 20:56:42 2018
@@ -0,0 +1,32 @@
+$NetBSD: patch-CVE-2018-1071,v 1.1 2018/03/30 20:56:42 spz Exp $
+
+patch for CVE-2018-1071 from
+https://sourceforge.net/p/zsh/code/ci/679b71ec4d852037fe5f73d35bf557b0f406c8d4/
+
+--- Src/exec.c.orig    2017-08-27 19:28:43.000000000 +0000
++++ Src/exec.c 2018-03-30 20:10:46.000000000 +0000
+@@ -920,7 +920,7 @@
+     for (; *pp; pp++)
+       if (**pp == '/') {
+           s = buf;
+-          strucpy(&s, *pp);
++          struncpy(&s, *pp, PATH_MAX);
+           *s++ = '/';
+           if ((s - buf) + strlen(arg0) >= PATH_MAX)
+               continue;
+--- Src/utils.c.orig   2017-08-08 18:02:32.000000000 +0000
++++ Src/utils.c        2018-03-30 20:13:16.000000000 +0000
+@@ -2283,10 +2283,10 @@
+ {
+     char *u = *s;
+ 
+-    while (n--)
+-      *u++ = *t++;
++    while (n-- && (*u++ = *t++));
+     *s = u;
+-    *u = '\0';
++    if (n > 0) /* just one null-byte will do, unlike strncpy(3) */
++        *u = '\0';
+ }
+ 
+ /* Return the number of elements in an array of pointers. *
Index: pkgsrc/shells/zsh/patches/patch-CVE-2018-1083
diff -u /dev/null pkgsrc/shells/zsh/patches/patch-CVE-2018-1083:1.1
--- /dev/null   Fri Mar 30 20:56:42 2018
+++ pkgsrc/shells/zsh/patches/patch-CVE-2018-1083       Fri Mar 30 20:56:42 2018
@@ -0,0 +1,34 @@
+$NetBSD: patch-CVE-2018-1083,v 1.1 2018/03/30 20:56:42 spz Exp $
+
+patch for CVE-2018-1083 from
+https://sourceforge.net/p/zsh/code/ci/259ac472eac291c8c103c7a0d8a4eaf3c2942ed7
+
+--- Src/Zle/compctl.c.orig     2017-06-30 20:36:55.000000000 +0000
++++ Src/Zle/compctl.c  2018-03-30 20:07:25.000000000 +0000
+@@ -2176,6 +2176,8 @@
+     if (prpre && *prpre) {
+       pathpref = dupstring(prpre);
+       unmetafy(pathpref, &pathpreflen);
++      if (pathpreflen > PATH_MAX)
++          return;
+       /* system needs NULL termination, not provided by unmetafy */
+       pathpref[pathpreflen] = '\0';
+     } else {
+@@ -2218,6 +2220,8 @@
+                    * the path buffer by appending the filename.       */
+                   ums = dupstring(n);
+                   unmetafy(ums, &umlen);
++                  if (umlen + pathpreflen + 1 > PATH_MAX)
++                      continue;
+                   memcpy(q, ums, umlen);
+                   q[umlen] = '\0';
+                   /* And do the stat. */
+@@ -2232,6 +2236,8 @@
+                       /* We have to test for a path suffix. */
+                       int o = strlen(p), tt;
+ 
++                      if (o + strlen(psuf) > PATH_MAX)
++                          continue;
+                       /* Append it to the path buffer. */
+                       strcpy(p + o, psuf);
+ 
Index: pkgsrc/shells/zsh/patches/patch-CVE-2018-7548
diff -u /dev/null pkgsrc/shells/zsh/patches/patch-CVE-2018-7548:1.1
--- /dev/null   Fri Mar 30 20:56:42 2018
+++ pkgsrc/shells/zsh/patches/patch-CVE-2018-7548       Fri Mar 30 20:56:42 2018
@@ -0,0 +1,16 @@
+$NetBSD: patch-CVE-2018-7548,v 1.1 2018/03/30 20:56:42 spz Exp $
+
+patch for CVE-2018-7548 from
+https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102
+
+--- Src/subst.c.orig   2017-04-04 17:51:28.000000000 +0000
++++ Src/subst.c        2018-03-30 19:48:41.000000000 +0000
+@@ -2340,7 +2340,7 @@
+               val = aval[0];
+               isarr = 0;
+           }
+-          s = dyncat(val, s);
++          s = val ? dyncat(val, s) : dupstring(s);
+           /* Now behave po-faced as if it was always like that... */
+           subexp = 0;
+           /*
Index: pkgsrc/shells/zsh/patches/patch-CVE-2018-7549
diff -u /dev/null pkgsrc/shells/zsh/patches/patch-CVE-2018-7549:1.1
--- /dev/null   Fri Mar 30 20:56:42 2018
+++ pkgsrc/shells/zsh/patches/patch-CVE-2018-7549       Fri Mar 30 20:56:42 2018
@@ -0,0 +1,25 @@
+$NetBSD: patch-CVE-2018-7549,v 1.1 2018/03/30 20:56:42 spz Exp $
+
+fix for CVE-2018-7549 from
+https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd
+
+--- Src/params.c.orig  2017-06-11 19:34:06.000000000 +0000
++++ Src/params.c       2018-03-30 19:57:36.000000000 +0000
+@@ -535,10 +535,13 @@
+ HashTable
+ copyparamtable(HashTable ht, char *name)
+ {
+-    HashTable nht = newparamtable(ht->hsize, name);
+-    outtable = nht;
+-    scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
+-    outtable = NULL;
++    HashTable nht = 0;
++    if (ht) {
++        nht = newparamtable(ht->hsize, name);
++        outtable = nht;
++        scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
++        outtable = NULL;
++    }
+     return nht;
+ }
+

Prev by Date: CVS commit: pkgsrc/doc
Next by Date: CVS commit: pkgsrc/pkgtools/x11-links
Previous by Thread: CVS commit: pkgsrc/doc
Next by Thread: CVS commit: pkgsrc/pkgtools/x11-links
Indexes:

Home | Main Index | Thread Index | Old Index