Source-Changes-HG archive
[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index][Old Index]
[src/netbsd-8]: src Pull up following revision(s) (requested by christos in t...
details: https://anonhg.NetBSD.org/src/rev/eaecb7bc3815
branches: netbsd-8
changeset: 434834:eaecb7bc3815
user: snj <snj%NetBSD.org@localhost>
date: Sun Apr 08 06:04:08 2018 +0000
description:
Pull up following revision(s) (requested by christos in ticket #699):
bin/ed/ed.1: 1.32-1.33
bin/ed/main.c: 1.29
usr.bin/patch/pch.c: 1.29
Pass -S to ed(1) so that patches containing ! commands don't run commands.
Real cause of CVE-2018-0492:
https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=894667)
--
add -S to disable ! commands.
--
Fix date.
diffstat:
bin/ed/ed.1 | 13 ++++++++++---
bin/ed/main.c | 16 ++++++++++++----
usr.bin/patch/pch.c | 8 ++++----
3 files changed, 26 insertions(+), 11 deletions(-)
diffs (145 lines):
diff -r cfdc1b11f756 -r eaecb7bc3815 bin/ed/ed.1
--- a/bin/ed/ed.1 Sun Apr 08 05:54:40 2018 +0000
+++ b/bin/ed/ed.1 Sun Apr 08 06:04:08 2018 +0000
@@ -1,4 +1,4 @@
-.\" $NetBSD: ed.1,v 1.30 2010/05/14 02:09:58 joerg Exp $
+.\" $NetBSD: ed.1,v 1.30.40.1 2018/04/08 06:04:08 snj Exp $
.\" $OpenBSD: ed.1,v 1.42 2003/07/27 13:25:43 jmc Exp $
.\"
.\" Copyright (c) 1993 Andrew Moore, Talke Studio.
@@ -25,7 +25,7 @@
.\" OUT OF THE USE OF THIS SOFTWARE, EVEN IF ADVISED OF THE POSSIBILITY OF
.\" SUCH DAMAGE.
.\"
-.Dd January 23, 2002
+.Dd April 5, 2018
.Dt ED 1
.Os
.Sh NAME
@@ -34,7 +34,7 @@
.Sh SYNOPSIS
.Nm
.Op Fl
-.Op Fl Esx
+.Op Fl ESsx
.Op Fl p Ar string
.Op Ar file
.Sh DESCRIPTION
@@ -130,6 +130,12 @@
.It Fl E
Enables the use of extended regular expressions instead of the basic
regular expressions that are normally used.
+.It Fl S
+Disables using of the
+.Dq !
+command (execuring a subshell).
+Intended to be used by batch jobs like
+.Xr patch 1 .
.It Fl p Ar string
Specifies a command prompt.
This may be toggled on and off with the
@@ -955,6 +961,7 @@
.Xr sed 1 ,
.Xr sh 1 ,
.Xr vi 1 ,
+.Xr patch 1 ,
.Xr regex 3
.Pp
USD:09-10
diff -r cfdc1b11f756 -r eaecb7bc3815 bin/ed/main.c
--- a/bin/ed/main.c Sun Apr 08 05:54:40 2018 +0000
+++ b/bin/ed/main.c Sun Apr 08 06:04:08 2018 +0000
@@ -1,4 +1,4 @@
-/* $NetBSD: main.c,v 1.28 2016/03/02 19:11:28 christos Exp $ */
+/* $NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $ */
/* main.c: This file contains the main control and user-interface routines
for the ed line editor. */
@@ -39,7 +39,7 @@
#if 0
static char *rcsid = "@(#)main.c,v 1.1 1994/02/01 00:34:42 alm Exp";
#else
-__RCSID("$NetBSD: main.c,v 1.28 2016/03/02 19:11:28 christos Exp $");
+__RCSID("$NetBSD: main.c,v 1.28.8.1 2018/04/08 06:04:08 snj Exp $");
#endif
#endif /* not lint */
@@ -94,6 +94,7 @@
int red = 0; /* if set, restrict shell/directory access */
int ere = 0; /* if set, use extended regexes */
int scripted = 0; /* if set, suppress diagnostics */
+int secure = 0; /* is set, ! is not allowed */
int sigflags = 0; /* if set, signals received while mutex set */
int sigactive = 0; /* if set, signal handlers are enabled */
@@ -105,7 +106,7 @@
const char *dps = "*"; /* default command-line prompt */
-static const char usage[] = "Usage: %s [-] [-sxE] [-p string] [name]\n";
+static const char usage[] = "Usage: %s [-] [-ESsx] [-p string] [name]\n";
/* ed: line editor */
int
@@ -118,7 +119,7 @@
red = (n = strlen(argv[0])) > 2 && argv[0][n - 3] == 'r';
top:
- while ((c = getopt(argc, argv, "p:sxE")) != -1)
+ while ((c = getopt(argc, argv, "p:sxES")) != -1)
switch(c) {
case 'p': /* set prompt */
prompt = optarg;
@@ -137,6 +138,9 @@
case 'E':
ere = REG_EXTENDED;
break;
+ case 'S': /* ! is not allowed */
+ secure = 1;
+ break;
default:
fprintf(stderr, usage, getprogname());
exit(1);
@@ -861,6 +865,10 @@
printf("%ld\n", addr_cnt ? second_addr : addr_last);
break;
case '!':
+ if (secure) {
+ seterrmsg("'!' not allowed");
+ return ERR;
+ }
if (addr_cnt > 0) {
seterrmsg("unexpected address");
return ERR;
diff -r cfdc1b11f756 -r eaecb7bc3815 usr.bin/patch/pch.c
--- a/usr.bin/patch/pch.c Sun Apr 08 05:54:40 2018 +0000
+++ b/usr.bin/patch/pch.c Sun Apr 08 06:04:08 2018 +0000
@@ -1,7 +1,7 @@
/*
* $OpenBSD: pch.c,v 1.37 2007/09/02 15:19:33 deraadt Exp $
* $DragonFly: src/usr.bin/patch/pch.c,v 1.6 2008/08/10 23:35:40 joerg Exp $
- * $NetBSD: pch.c,v 1.28 2015/07/30 21:47:51 christos Exp $
+ * $NetBSD: pch.c,v 1.28.8.1 2018/04/08 06:04:09 snj Exp $
*/
/*
@@ -31,7 +31,7 @@
*/
#include <sys/cdefs.h>
-__RCSID("$NetBSD: pch.c,v 1.28 2015/07/30 21:47:51 christos Exp $");
+__RCSID("$NetBSD: pch.c,v 1.28.8.1 2018/04/08 06:04:09 snj Exp $");
#include <sys/types.h>
#include <sys/stat.h>
@@ -1414,8 +1414,8 @@
unlink(TMPOUTNAME);
fatal("can't create temp file %s", TMPOUTNAME);
}
- snprintf(buf, buf_len, "%s%s%s", _PATH_ED,
- verbose ? " " : " -s ", TMPOUTNAME);
+ snprintf(buf, buf_len, "%s -S%s %s", _PATH_ED,
+ verbose ? "" : "s", TMPOUTNAME);
pipefp = popen(buf, "w");
}
for (;;) {
Home |
Main Index |
Thread Index |
Old Index