samurai: patched for CVE-2019-19795
Signed-off-by: Nathan Owens <ndowens04@gmail.com>
This commit is contained in:
Nathan Owens
Juan RP
parent
a9ccb4be81
commit
72b7b4c4f0
2 changed files with 83 additions and 1 deletions
82
srcpkgs/samurai/patches/CVE-2019-19795.patch
Normal file
82
srcpkgs/samurai/patches/CVE-2019-19795.patch
Normal file
|
|
@ -0,0 +1,82 @@
|
|||
From 309c9d26cb9f5d0e64ab7c7ea6f73a94af221dd3 Mon Sep 17 00:00:00 2001
|
||||
From: Michael Forney <mforney@mforney.org>
|
||||
Date: Fri, 13 Dec 2019 12:28:08 -0800
|
||||
Subject: [PATCH] canonpath: Fail on empty path
|
||||
|
||||
Reported by Frederic Cambus in #29.
|
||||
---
|
||||
util.c | 2 ++
|
||||
1 file changed, 2 insertions(+)
|
||||
|
||||
diff --git a/util.c b/util.c
|
||||
index afa8507..141712b 100644
|
||||
--- util.c
|
||||
+++ util.c
|
||||
@@ -161,6 +161,8 @@ canonpath(struct string *path)
|
||||
int n;
|
||||
char *s, *d, *end;
|
||||
|
||||
+ if (path->n == 0)
|
||||
+ fatal("empty path");
|
||||
s = d = path->s;
|
||||
end = path->s + path->n;
|
||||
n = 0;
|
||||
From 8b069471005e6c242795b68ad91c3b9000dad40e Mon Sep 17 00:00:00 2001
|
||||
From: Michael Forney <mforney@mforney.org>
|
||||
Date: Fri, 13 Dec 2019 14:41:06 -0800
|
||||
Subject: [PATCH] Detect cycles in rule variables
|
||||
|
||||
Reported by Frederic Cambus in #29.
|
||||
---
|
||||
env.c | 4 ++++
|
||||
scan.c | 1 +
|
||||
util.h | 2 ++
|
||||
3 files changed, 7 insertions(+)
|
||||
|
||||
diff --git a/env.c b/env.c
|
||||
index 5916355..51cece8 100644
|
||||
--- env.c
|
||||
+++ env.c
|
||||
@@ -204,6 +204,9 @@ edgevar(struct edge *e, char *var, bool escape)
|
||||
str = treefind(e->rule->bindings, var);
|
||||
if (!str)
|
||||
return envvar(e->env->parent, var);
|
||||
+ if (str->visited)
|
||||
+ fatal("cycle in rule variable involving '%s'", var);
|
||||
+ str->visited = true;
|
||||
n = 0;
|
||||
for (p = str->parts; p; p = p->next) {
|
||||
if (p->var)
|
||||
@@ -211,6 +214,7 @@ edgevar(struct edge *e, char *var, bool escape)
|
||||
if (p->str)
|
||||
n += p->str->n;
|
||||
}
|
||||
+ str->visited = false;
|
||||
return merge(str, n);
|
||||
}
|
||||
|
||||
diff --git a/scan.c b/scan.c
|
||||
index 4ba9e06..657ce96 100644
|
||||
--- scan.c
|
||||
+++ scan.c
|
||||
@@ -297,6 +297,7 @@ scanstring(struct scanner *s, bool path)
|
||||
return NULL;
|
||||
str = xmalloc(sizeof(*str));
|
||||
str->parts = parts;
|
||||
+ str->visited = false;
|
||||
|
||||
return str;
|
||||
}
|
||||
diff --git a/util.h b/util.h
|
||||
index b837f70..117dd31 100644
|
||||
--- util.h
|
||||
+++ util.h
|
||||
@@ -14,6 +14,8 @@ struct evalstring {
|
||||
/* used temporarily only in parse.c:parseedge to keep track of
|
||||
* input/output lists before we allocate the arrays. */
|
||||
struct evalstring *next;
|
||||
+ /* used to detect cycles when evaluating rule variables */
|
||||
+ _Bool visited;
|
||||
};
|
||||
|
||||
struct evalstringpart {
|
||||
|
|
@ -1,7 +1,7 @@
|
|||
# Template file for 'samurai'
|
||||
pkgname=samurai
|
||||
version=0.7
|
||||
revision=1
|
||||
revision=2
|
||||
build_style=gnu-makefile
|
||||
short_desc="Ninja-compatible build tool written in C"
|
||||
maintainer="Duncaen <duncaen@voidlinux.org>"
|
||||
|
|
|
|||
Loading…
Reference in a new issue