openwrtv4/tools/patch/patches/010-CVE-2018-6951.patch
Rosen Penev a6bd9d0cb6 tools: patch: Add missing CVE-2018-6951 fix
uscan reports a new CVE now that PKG_CPE_ID was added.

Reordered patches by date.

Signed-off-by: Rosen Penev <rosenp@gmail.com>
[re-title commit & refresh patches]
Signed-off-by: Kevin Darbyshire-Bryant <ldir@darbyshire-bryant.me.uk>
2018-10-16 11:51:10 +01:00

24 lines
884 B
Diff

From 1f7853c05f9949d81da9be7a02b90cc64284d1f8 Mon Sep 17 00:00:00 2001
From: Andreas Gruenbacher <agruen@gnu.org>
Date: Mon, 12 Feb 2018 16:48:24 +0100
Subject: [PATCH] Fix segfault with mangled rename patch
http://savannah.gnu.org/bugs/?53132
* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
for renames and copies (fix the existing check).
---
src/pch.c | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
--- a/src/pch.c
+++ b/src/pch.c
@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode
if ((pch_rename () || pch_copy ())
&& ! inname
&& ! ((i == OLD || i == NEW) &&
- p_name[! reverse] &&
+ p_name[reverse] && p_name[! reverse] &&
+ name_is_valid (p_name[reverse]) &&
name_is_valid (p_name[! reverse])))
{
say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");