###############################################################################
name = patch
-version = 2.6.1
-release = 3
+version = 2.7
+release = 1
groups = Development/Tools
url = http://www.gnu.org/software/patch/patch.html
diff file to add the changes to their original file.
end
-source_dl =
+source_dl = ftp://ftp.gnu.org/gnu/patch/
+sources = %{thisapp}.tar.xz
build
requires
+ attr-devel
ed
libselinux-devel
pkg-config
+++ /dev/null
-diff -up patch-2.6/src/inp.c.sigsegv patch-2.6/src/inp.c
---- patch-2.6/src/inp.c.sigsegv 2009-11-02 19:09:57.000000000 +0000
-+++ patch-2.6/src/inp.c 2009-11-16 09:31:52.305022200 +0000
-@@ -77,6 +77,14 @@ re_input (void)
- }
- }
-
-+void
-+reset_scan_input_vars()
-+{
-+ using_plan_a = 1;
-+ i_buffer = NULL;
-+ i_ptr = NULL;
-+}
-+
- /* Construct the line index, somehow or other. */
-
- void
-diff -up patch-2.6/src/inp.h.sigsegv patch-2.6/src/inp.h
---- patch-2.6/src/inp.h.sigsegv 2009-11-02 19:09:57.000000000 +0000
-+++ patch-2.6/src/inp.h 2009-11-16 09:32:24.440021838 +0000
-@@ -24,4 +24,5 @@ XTERN LINENUM input_lines; /* how long
- char const *ifetch (LINENUM, bool, size_t *);
- void get_input_file (char const *, char const *);
- void re_input (void);
-+void reset_scan_input_vars (void);
- void scan_input (char *);
-diff -up patch-2.6/src/patch.c.sigsegv patch-2.6/src/patch.c
---- patch-2.6/src/patch.c.sigsegv 2009-11-02 19:09:57.000000000 +0000
-+++ patch-2.6/src/patch.c 2009-11-16 09:31:52.306021801 +0000
-@@ -210,7 +210,10 @@ main (int argc, char **argv)
-
- /* find out where all the lines are */
- if (!skip_rest_of_patch)
-- scan_input (inname);
-+ scan_input (inname);
-+ else
-+ reset_scan_input_vars ();
-+
-
- /* from here on, open no standard i/o files, because malloc */
- /* might misfire and we can't catch it easily */
+++ /dev/null
-diff -up patch-2.6.1/Makefile.in.CVE-2010-4651 patch-2.6.1/Makefile.in
---- patch-2.6.1/Makefile.in.CVE-2010-4651 2009-12-30 12:56:30.000000000 +0000
-+++ patch-2.6.1/Makefile.in 2011-02-10 12:29:32.926361705 +0000
-@@ -192,6 +192,7 @@ installcheck::
- TESTS = \
- tests/asymmetric-hunks \
- tests/backup-prefix-suffix \
-+ tests/bad-filenames \
- tests/corrupt-reject-files \
- tests/create-delete \
- tests/crlf-handling \
-diff -up patch-2.6.1/src/common.h.CVE-2010-4651 patch-2.6.1/src/common.h
---- patch-2.6.1/src/common.h.CVE-2010-4651 2011-02-10 12:30:29.142797627 +0000
-+++ patch-2.6.1/src/common.h 2011-02-10 12:30:33.566989729 +0000
-@@ -169,6 +169,7 @@ XTERN char *revision; /* prerequisite
- #endif
-
- void fatal_exit (int) __attribute__ ((noreturn));
-+void validate_target_name (char const *n);
-
- #include <errno.h>
- #if !STDC_HEADERS && !defined errno
-diff -up patch-2.6.1/src/patch.c.CVE-2010-4651 patch-2.6.1/src/patch.c
---- patch-2.6.1/src/patch.c.CVE-2010-4651 2011-02-10 12:30:20.721432124 +0000
-+++ patch-2.6.1/src/patch.c 2011-02-10 12:30:33.567989772 +0000
-@@ -34,6 +34,7 @@
- #include <util.h>
- #include <version.h>
- #include <xalloc.h>
-+#include <dirname.h>
-
- /* procedures */
-
-@@ -916,6 +917,26 @@ numeric_string (char const *string,
- return value;
- }
-
-+void
-+validate_target_name (char const *n)
-+{
-+ char const *p = n;
-+ if (explicit_inname)
-+ return;
-+ if (IS_ABSOLUTE_FILE_NAME (p))
-+ fatal ("rejecting absolute target file name: %s", quotearg (p));
-+ while (*p)
-+ {
-+ if (*p == '.' && *++p == '.' && ( ! *++p || ISSLASH (*p)))
-+ fatal ("rejecting target file name with \"..\" component: %s",
-+ quotearg (n));
-+ while (*p && ! ISSLASH (*p))
-+ p++;
-+ while (ISSLASH (*p))
-+ p++;
-+ }
-+}
-+
- /* Attempt to find the right place to apply this hunk of patch. */
-
- static LINENUM
-diff -up patch-2.6.1/src/pch.c.CVE-2010-4651 patch-2.6.1/src/pch.c
---- patch-2.6.1/src/pch.c.CVE-2010-4651 2009-12-30 12:56:30.000000000 +0000
-+++ patch-2.6.1/src/pch.c 2011-02-10 12:30:33.573990033 +0000
-@@ -3,7 +3,7 @@
- /* Copyright (C) 1986, 1987, 1988 Larry Wall
-
- Copyright (C) 1990, 1991, 1992, 1993, 1997, 1998, 1999, 2000, 2001,
-- 2002, 2003, 2006, 2009 Free Software Foundation, Inc.
-+ 2002, 2003, 2006, 2009, 2011 Free Software Foundation, Inc.
-
- This program is free software; you can redistribute it and/or modify
- it under the terms of the GNU General Public License as published by
-@@ -199,6 +199,8 @@ maybe_reverse (char const *name, bool no
- {
- bool looks_reversed = (! is_empty) < p_says_nonexistent[reverse ^ is_empty];
-
-+ validate_target_name (name);
-+
- if (looks_reversed)
- reverse ^=
- ok_to_reverse ("The next patch%s would %s the file %s,\nwhich %s!",
-@@ -725,6 +727,7 @@ intuit_diff_type (bool need_header)
- inerrno = stat_errno[i];
- invc = version_controlled[i];
- instat = st[i];
-+ validate_target_name (inname);
- }
-
- return retval;
-diff -up patch-2.6.1/tests/bad-filenames.CVE-2010-4651 patch-2.6.1/tests/bad-filenames
---- patch-2.6.1/tests/bad-filenames.CVE-2010-4651 2011-02-10 12:29:32.931361921 +0000
-+++ patch-2.6.1/tests/bad-filenames 2011-02-10 12:30:33.576990163 +0000
-@@ -0,0 +1,71 @@
-+# Copyright (C) 2011 Free Software Foundation, Inc.
-+#
-+# Copying and distribution of this file, with or without modification,
-+# in any medium, are permitted without royalty provided the copyright
-+# notice and this notice are preserved.
-+
-+. $srcdir/test-lib.sh
-+
-+use_local_patch
-+use_tmpdir
-+
-+# ================================================================
-+
-+emit_2()
-+{
-+cat <<EOF
-+--- $1
-++++ $2
-+@@ -0,0 +1 @@
-++x
-+EOF
-+}
-+
-+emit_patch() { emit_2 /dev/null "$1"; }
-+
-+# Ensure that patch rejects an output file name that is absolute
-+# or that contains a ".." component.
-+
-+check 'emit_patch /absolute/path | patch -p0; echo status: $?' <<EOF
-+$PATCH: **** rejecting absolute target file name: /absolute/path
-+status: 2
-+EOF
-+
-+check 'emit_patch a/../z | patch -p0; echo status: $?' <<EOF
-+$PATCH: **** rejecting target file name with ".." component: a/../z
-+status: 2
-+EOF
-+
-+check 'emit_patch a/../z | patch -p1; echo status: $?' <<EOF
-+$PATCH: **** rejecting target file name with ".." component: ../z
-+status: 2
-+EOF
-+
-+check 'emit_patch a/.. | patch -p0; echo status: $?' <<EOF
-+$PATCH: **** rejecting target file name with ".." component: a/..
-+status: 2
-+EOF
-+
-+check 'emit_patch ../z | patch -p0; echo status: $?' <<EOF
-+$PATCH: **** rejecting target file name with ".." component: ../z
-+status: 2
-+EOF
-+
-+check 'emit_2 /abs/path target | patch -p0; echo status: $?' <<EOF
-+patching file target
-+status: 0
-+EOF
-+
-+echo x > target
-+check 'emit_2 /abs/path target | patch -R -p0; echo status: $?' <<EOF
-+patching file target
-+status: 0
-+EOF
-+
-+# Do not validate any file name from the input when the target
-+# is specified on the command line:
-+touch abs
-+check 'emit_patch /absolute/path | patch `pwd`/abs; echo status: $?' <<EOF
-+patching file `pwd`/abs
-+status: 0
-+EOF
+++ /dev/null
-diff -up patch-2.6.1/src/patch.c.backup-if-mismatch patch-2.6.1/src/patch.c
---- patch-2.6.1/src/patch.c.backup-if-mismatch 2011-02-16 16:43:54.575850844 +0000
-+++ patch-2.6.1/src/patch.c 2011-02-16 16:44:56.907995789 +0000
-@@ -106,6 +106,7 @@ main (int argc, char **argv)
- char numbuf[LINENUM_LENGTH_BOUND + 1];
- bool written_to_rejname = false;
- bool apply_empty_patch = false;
-+ bool posixly_correct_set;
-
- exit_failure = 2;
- program_name = argv[0];
-@@ -125,7 +126,7 @@ main (int argc, char **argv)
- i < 0 ? shell_quoting_style : (enum quoting_style) i);
- }
-
-- posixly_correct = getenv ("POSIXLY_CORRECT") != 0;
-+ posixly_correct_set = posixly_correct = getenv ("POSIXLY_CORRECT") != 0;
- backup_if_mismatch = ! posixly_correct;
- patch_get = ((val = getenv ("PATCH_GET"))
- ? numeric_string (val, true, "PATCH_GET value")
-@@ -151,6 +152,10 @@ main (int argc, char **argv)
- Argv = argv;
- get_some_switches();
-
-+ /* Let --posix cause --no-backup-if-mismatch. */
-+ if (! posixly_correct_set && posixly_correct && backup_if_mismatch)
-+ backup_if_mismatch = false;
-+
- if (make_backups | backup_if_mismatch)
- backup_type = get_version (version_control_context, version_control);
-
+++ /dev/null
-diff -up patch-2.6.1/src/patch.c.get-arg patch-2.6.1/src/patch.c
---- patch-2.6.1/src/patch.c.get-arg 2010-07-27 18:05:26.217150510 +0100
-+++ patch-2.6.1/src/patch.c 2010-07-27 18:05:47.464150892 +0100
-@@ -558,7 +558,7 @@ static struct option const longopts[] =
- {"remove-empty-files", no_argument, NULL, 'E'},
- {"force", no_argument, NULL, 'f'},
- {"fuzz", required_argument, NULL, 'F'},
-- {"get", no_argument, NULL, 'g'},
-+ {"get", required_argument, NULL, 'g'},
- {"input", required_argument, NULL, 'i'},
- {"ignore-whitespace", no_argument, NULL, 'l'},
- #ifdef ENABLE_MERGE
+++ /dev/null
-diff -up patch-2.6.1/Makefile.in.selinux patch-2.6.1/Makefile.in
---- patch-2.6.1/Makefile.in.selinux 2011-02-08 11:29:34.590271489 +0000
-+++ patch-2.6.1/Makefile.in 2011-02-08 11:29:34.602271607 +0000
-@@ -40,7 +40,7 @@ EXEEXT = @EXEEXT@
- LDFLAGS = @LDFLAGS@
- LIBOBJDIR = gl/lib/
- LIBOBJS = @LIBOBJS@ ${LIBOBJDIR}full-write$U.o
--LIBS = @LIBS@
-+LIBS = @LIBS@ -lselinux
- OBJEXT = @OBJEXT@
- PACKAGE_NAME = @PACKAGE_NAME@
- PACKAGE_VERSION = @PACKAGE_VERSION@
-diff -up patch-2.6.1/src/common.h.selinux patch-2.6.1/src/common.h
---- patch-2.6.1/src/common.h.selinux 2009-12-30 12:56:30.000000000 +0000
-+++ patch-2.6.1/src/common.h 2011-02-08 11:29:34.602271607 +0000
-@@ -32,6 +32,8 @@
- #include <sys/types.h>
- #include <time.h>
-
-+#include <selinux/selinux.h>
-+
- #include <sys/stat.h>
- #if ! defined S_ISDIR && defined S_IFDIR
- # define S_ISDIR(m) (((m) & S_IFMT) == S_IFDIR)
-@@ -118,6 +120,7 @@ XTERN char *outfile;
- XTERN int inerrno;
- XTERN int invc;
- XTERN struct stat instat;
-+XTERN security_context_t incontext;
- XTERN bool dry_run;
- XTERN bool posixly_correct;
-
-diff -up patch-2.6.1/src/inp.c.selinux patch-2.6.1/src/inp.c
---- patch-2.6.1/src/inp.c.selinux 2011-02-08 11:29:34.576271352 +0000
-+++ patch-2.6.1/src/inp.c 2011-02-08 11:29:34.604271627 +0000
-@@ -152,8 +152,18 @@ get_input_file (char const *filename, ch
- char *diffbuf;
- char *getbuf;
-
-- if (inerrno == -1)
-- inerrno = stat (filename, &instat) == 0 ? 0 : errno;
-+ inerrno = stat (filename, &instat) == 0 ? 0 : errno;
-+ if (inerrno == 0)
-+ {
-+ inerrno = getfilecon (inname, &incontext) == -1 ? errno : 0;
-+ if (inerrno == ENODATA || inerrno == ENOTSUP)
-+ {
-+ inerrno = 0;
-+ incontext = NULL;
-+ }
-+ }
-+ else
-+ incontext = NULL;
-
- /* Perhaps look for RCS or SCCS versions. */
- if (patch_get
-@@ -197,7 +207,7 @@ get_input_file (char const *filename, ch
- }
-
- if (cs && version_get (filename, cs, ! inerrno, elsewhere, getbuf,
-- &instat))
-+ &instat, &incontext))
- inerrno = 0;
-
- free (getbuf);
-@@ -209,6 +219,7 @@ get_input_file (char const *filename, ch
- {
- instat.st_mode = S_IRUSR|S_IWUSR|S_IRGRP|S_IWGRP|S_IROTH|S_IWOTH;
- instat.st_size = 0;
-+ incontext = NULL;
- }
- else if (! S_ISREG (instat.st_mode))
- fatal ("File %s is not a regular file -- can't patch",
-diff -up patch-2.6.1/src/patch.c.selinux patch-2.6.1/src/patch.c
---- patch-2.6.1/src/patch.c.selinux 2011-02-08 11:29:34.586271450 +0000
-+++ patch-2.6.1/src/patch.c 2011-02-08 11:29:34.606271646 +0000
-@@ -421,6 +421,21 @@ main (int argc, char **argv)
- /* Fails if we are not in group instat.st_gid. */
- chown (outname, -1, instat.st_gid);
- }
-+
-+ if (! inerrno && incontext)
-+ {
-+ security_context_t outcontext;
-+ if (getfilecon (outname, &outcontext) != -1 &&
-+ outcontext &&
-+ strcmp(outcontext, incontext) &&
-+ setfilecon (outname, incontext) != 0)
-+ {
-+ if (errno != ENOTSUP && errno != EPERM)
-+ pfatal ("Can't set security context "
-+ "on file %s", quotearg (outname));
-+ }
-+ }
-+
- /* FIXME: There may be other attributes to preserve. */
- }
- }
-diff -up patch-2.6.1/src/pch.c.selinux patch-2.6.1/src/pch.c
---- patch-2.6.1/src/pch.c.selinux 2011-02-08 11:29:34.591271499 +0000
-+++ patch-2.6.1/src/pch.c 2011-02-08 11:30:08.810621570 +0000
-@@ -307,7 +307,12 @@ there_is_another_patch (bool need_header
- inname[t - buf - 1] = 0;
- if (stat (inname, &instat) == 0)
- {
-- inerrno = 0;
-+ inerrno = getfilecon (inname, &incontext) == -1 ? errno : 0;
-+ if (inerrno == ENODATA || inerrno == ENOTSUP)
-+ {
-+ inerrno = 0;
-+ incontext = NULL;
-+ }
- invc = -1;
- }
- else
-@@ -681,7 +686,7 @@ intuit_diff_type (bool need_header)
- if (cs)
- {
- if (version_get (p_name[i], cs, false, readonly,
-- getbuf, &st[i]))
-+ getbuf, &st[i], NULL))
- stat_errno[i] = 0;
- else
- version_controlled[i] = 0;
-@@ -746,6 +751,7 @@ intuit_diff_type (bool need_header)
- invc = version_controlled[i];
- instat = st[i];
- validate_target_name (inname);
-+ getfilecon (inname, &incontext);
- }
-
- return retval;
-diff -up patch-2.6.1/src/util.c.selinux patch-2.6.1/src/util.c
---- patch-2.6.1/src/util.c.selinux 2009-11-02 19:09:57.000000000 +0000
-+++ patch-2.6.1/src/util.c 2011-02-08 11:29:34.613271715 +0000
-@@ -574,7 +574,8 @@ version_controller (char const *filename
- Return true if successful. */
- bool
- version_get (char const *filename, char const *cs, bool exists, bool readonly,
-- char const *getbuf, struct stat *filestat)
-+ char const *getbuf, struct stat *filestat,
-+ security_context_t *filecontext)
- {
- if (patch_get < 0)
- {
-@@ -599,6 +600,13 @@ version_get (char const *filename, char
- fatal ("Can't get file %s from %s", quotearg (filename), cs);
- if (stat (filename, filestat) != 0)
- pfatal ("%s", quotearg (filename));
-+ if (filecontext && getfilecon (filename, filecontext) == -1)
-+ {
-+ if (errno == ENODATA || errno == ENOTSUP)
-+ *filecontext = NULL;
-+ else
-+ pfatal ("%s", quotearg (filename));
-+ }
- }
-
- return 1;
-diff -up patch-2.6.1/src/util.h.selinux patch-2.6.1/src/util.h
---- patch-2.6.1/src/util.h.selinux 2009-11-02 19:09:57.000000000 +0000
-+++ patch-2.6.1/src/util.h 2011-02-08 11:29:34.614271726 +0000
-@@ -51,7 +51,7 @@ char *fetchname (char *, int, char **, t
- char *savebuf (char const *, size_t);
- char *savestr (char const *);
- char const *version_controller (char const *, bool, struct stat const *, char **, char **);
--bool version_get (char const *, char const *, bool, bool, char const *, struct stat *);
-+bool version_get (char const *, char const *, bool, bool, char const *, struct stat *, security_context_t *);
- int create_file (char const *, int, mode_t, bool);
- int systemic (char const *);
- char *format_linenum (char[LINENUM_LENGTH_BOUND + 1], LINENUM);
projects / ipfire-3.x.git / commitdiff
