Blame - tools/patch/patches/060-CVE-2019-13638.patch - T108

blob: 590cf186e7c67eff0b71ce54a09513e0bd1fbd30 [file] [log] [blame]

b.liu	e958203	2025-04-17 19:18:16 +0800	[diff] [blame]	1	From 3fcd042d26d70856e826a42b5f93dc4854d80bf0 Mon Sep 17 00:00:00 2001
				2	From: Andreas Gruenbacher <agruen@gnu.org>
				3	Date: Fri, 6 Apr 2018 19:36:15 +0200
				4	Subject: Invoke ed directly instead of using the shell
				5
				6	* src/pch.c (do_ed_script): Invoke ed directly instead of using a shell
				7	command to avoid quoting vulnerabilities.
				8	---
				9	src/pch.c \| 6 ++----
				10	1 file changed, 2 insertions(+), 4 deletions(-)
				11
				12	--- a/src/pch.c
				13	+++ b/src/pch.c
				14	@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
				15	*outname_needs_removal = true;
				16	copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
				17	}
				18	- sprintf (buf, "%s %s%s", editor_program,
				19	- verbosity == VERBOSE ? "" : "- ",
				20	- outname);
				21	fflush (stdout);
				22
				23	pid = fork();
				24	@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
				25	else if (pid == 0)
				26	{
				27	dup2 (tmpfd, 0);
				28	- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
				29	+ assert (outname[0] != '!' && outname[0] != '-');
				30	+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
				31	_exit (2);
				32	}
				33	else