Source-Changes-HG archive

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]

[src/netbsd-8]: src Pull up following revision(s) (requested by christos in t...



details:   https://anonhg.NetBSD.org/src/rev/eaecb7bc3815
branches:  netbsd-8
changeset: 434834:eaecb7bc3815
user:      snj <snj%NetBSD.org@localhost>
date:      Sun Apr 08 06:04:08 2018 +0000

description:
Pull up following revision(s) (requested by christos in ticket #699):
        bin/ed/ed.1: 1.32-1.33
        bin/ed/main.c: 1.29
        usr.bin/patch/pch.c: 1.29
Pass -S to ed(1) so that patches containing ! commands don't run commands.
Real cause of CVE-2018-0492:
    https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667)
--
add -S to disable ! commands.
--
Fix date.

diffstat:

 bin/ed/ed.1         |  13 ++++++++++---
 bin/ed/main.c       |  16 ++++++++++++----
 usr.bin/patch/pch.c |   8 ++++----
 3 files changed, 26 insertions(+), 11 deletions(-)

diffs (145 lines):

diff -r cfdc1b11f756 -r eaecb7bc3815 bin/ed/ed.1
--- a/bin/ed/ed.1       Sun Apr 08 05:54:40 2018 +0000
+++ b/bin/ed/ed.1       Sun Apr 08 06:04:08 2018 +0000
@@ -1,4 +1,4 @@
-.\"    $NetBSD: ed.1,v 1.30 2010/05/14 02:09:58 joerg Exp $
+.\"    $NetBSD: ed.1,v 1.30.40.1 2018/04/08 06:04:08 snj Exp $
 .\"    $OpenBSD: ed.1,v 1.42 2003/07/27 13:25:43 jmc Exp $
 .\"
 .\" Copyright (c) 1993 Andrew Moore, Talke Studio.
@@ -25,7 +25,7 @@
 .\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
 .\" SUCH DAMAGE.
 .\"
-.Dd January 23, 2002
+.Dd April 5, 2018
 .Dt ED 1
 .Os
 .Sh NAME
@@ -34,7 +34,7 @@
 .Sh SYNOPSIS
 .Nm
 .Op Fl
-.Op Fl Esx
+.Op Fl ESsx
 .Op Fl p Ar string
 .Op Ar file
 .Sh DESCRIPTION
@@ -130,6 +130,12 @@
 .It Fl E
 Enables the use of extended regular expressions instead of the basic
 regular expressions that are normally used.
+.It Fl S
+Disables using of the
+.Dq !
+command (execuring a subshell).
+Intended to be used by batch jobs like
+.Xr patch 1 .
 .It Fl p Ar string
 Specifies a command prompt.
 This may be toggled on and off with the
@@ -955,6 +961,7 @@
 .Xr sed 1 ,
 .Xr sh 1 ,
 .Xr vi 1 ,
+.Xr patch 1 ,
 .Xr regex 3
 .Pp
 USD:09-10
diff -r cfdc1b11f756 -r eaecb7bc3815 bin/ed/main.c
--- a/bin/ed/main.c     Sun Apr 08 05:54:40 2018 +0000
+++ b/bin/ed/main.c     Sun Apr 08 06:04:08 2018 +0000
@@ -1,4 +1,4 @@
-/*     $NetBSD: main.c,v 1.28 2016/03/02 19:11:28 christos Exp $       */
+/*     $NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $        */
 
 /* main.c: This file contains the main control and user-interface routines
    for the ed line editor. */
@@ -39,7 +39,7 @@
 #if 0
 static char *rcsid = "@(#)main.c,v 1.1 1994/02/01 00:34:42 alm Exp";
 #else
-__RCSID("$NetBSD: main.c,v 1.28 2016/03/02 19:11:28 christos Exp $");
+__RCSID("$NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $");
 #endif
 #endif /* not lint */
 
@@ -94,6 +94,7 @@
 int red = 0;                   /* if set, restrict shell/directory access */
 int ere = 0;                   /* if set, use extended regexes */
 int scripted = 0;              /* if set, suppress diagnostics */
+int secure = 0;                        /* is set, ! is not allowed */
 int sigflags = 0;              /* if set, signals received while mutex set */
 int sigactive = 0;             /* if set, signal handlers are enabled */
 
@@ -105,7 +106,7 @@
 const char *dps = "*";         /* default command-line prompt */
 
 
-static const char usage[] = "Usage: %s [-] [-sxE] [-p string] [name]\n";
+static const char usage[] = "Usage: %s [-] [-ESsx] [-p string] [name]\n";
 
 /* ed: line editor */
 int
@@ -118,7 +119,7 @@
 
        red = (n = strlen(argv[0])) > 2 && argv[0][n - 3] == 'r';
 top:
-       while ((c = getopt(argc, argv, "p:sxE")) != -1)
+       while ((c = getopt(argc, argv, "p:sxES")) != -1)
                switch(c) {
                case 'p':                               /* set prompt */
                        prompt = optarg;
@@ -137,6 +138,9 @@
                case 'E':
                        ere = REG_EXTENDED;
                        break;
+               case 'S':                               /* ! is not allowed */
+                       secure = 1;
+                       break;
                default:
                        fprintf(stderr, usage, getprogname());
                        exit(1);
@@ -861,6 +865,10 @@
                printf("%ld\n", addr_cnt ? second_addr : addr_last);
                break;
        case '!':
+               if (secure) {
+                       seterrmsg("'!' not allowed");
+                       return ERR;
+               }
                if (addr_cnt > 0) {
                        seterrmsg("unexpected address");
                        return ERR;
diff -r cfdc1b11f756 -r eaecb7bc3815 usr.bin/patch/pch.c
--- a/usr.bin/patch/pch.c       Sun Apr 08 05:54:40 2018 +0000
+++ b/usr.bin/patch/pch.c       Sun Apr 08 06:04:08 2018 +0000
@@ -1,7 +1,7 @@
 /*
  * $OpenBSD: pch.c,v 1.37 2007/09/02 15:19:33 deraadt Exp $
  * $DragonFly: src/usr.bin/patch/pch.c,v 1.6 2008/08/10 23:35:40 joerg Exp $
- * $NetBSD: pch.c,v 1.28 2015/07/30 21:47:51 christos Exp $
+ * $NetBSD: pch.c,v 1.28.8.1 2018/04/08 06:04:09 snj Exp $
  */
 
 /*
@@ -31,7 +31,7 @@
  */
 
 #include <sys/cdefs.h>
-__RCSID("$NetBSD: pch.c,v 1.28 2015/07/30 21:47:51 christos Exp $");
+__RCSID("$NetBSD: pch.c,v 1.28.8.1 2018/04/08 06:04:09 snj Exp $");
 
 #include <sys/types.h>
 #include <sys/stat.h>
@@ -1414,8 +1414,8 @@
                        unlink(TMPOUTNAME);
                        fatal("can't create temp file %s", TMPOUTNAME);
                }
-               snprintf(buf, buf_len, "%s%s%s", _PATH_ED,
-                   verbose ? " " : " -s ", TMPOUTNAME);
+               snprintf(buf, buf_len, "%s -S%s %s", _PATH_ED,
+                   verbose ? "" : "s", TMPOUTNAME);
                pipefp = popen(buf, "w");
        }
        for (;;) {



Home | Main Index | Thread Index | Old Index