Compare commits

...

No commits in common. 'c9' and 'c8-beta-stream-5.32' have entirely different histories.

@ -1,76 +0,0 @@
From c8c367581c3333c38d07481e2ea8d81171403c81 Mon Sep 17 00:00:00 2001
From: David Mitchell <davem@iabyn.com>
Date: Mon, 26 Oct 2020 15:11:14 +0000
Subject: [PATCH] PathTools/Cwd.xs: fix off-by-one in bsd_realpath()
MIME-Version: 1.0
Content-Type: text/plain; charset=UTF-8
Content-Transfer-Encoding: 8bit
At the heart of this function is a loop which repeatedly finds the next
component in the path, processes it, then chops that component off the
front of the path by shifting the string to the start of the buffer;
i.e. something like:
while (remaining_len) {
s = strchr(remaining, '/')
...
remaining_len -= s - remaining;
memmove(remaining, s, remaining_len + 1);
}
The problem is that the per-iteration decrement to remaining_len doesn't
take account of the '/' character, so each iteration, remaining_len gets
one more byte too big.
It turns out that this is harmless - it just means that more and more
garbage characters after the trailing null byte get copied each time,
but after each copy the path string is still well formed, with a
trailing null in the right place. So just the random garbage after the
null byte is different.
This commit fixes that.
Although really, it would be better to just increment the
start-of-string pointer each time rather than shift the whole string
each time.
Signed-off-by: Petr Písař <ppisar@redhat.com>
---
dist/PathTools/Cwd.xs | 15 ++++++++++++---
1 file changed, 12 insertions(+), 3 deletions(-)
diff --git a/dist/PathTools/Cwd.xs b/dist/PathTools/Cwd.xs
index 8662400e47..e7ecb3c6c1 100644
--- a/dist/PathTools/Cwd.xs
+++ b/dist/PathTools/Cwd.xs
@@ -119,15 +119,24 @@ bsd_realpath(const char *path, char resolved[MAXPATHLEN])
p = strchr(remaining, '/');
s = p ? p : remaining + remaining_len;
+
if ((STRLEN)(s - remaining) >= (STRLEN)sizeof(next_token)) {
errno = ENAMETOOLONG;
return (NULL);
}
memcpy(next_token, remaining, s - remaining);
next_token[s - remaining] = '\0';
- remaining_len -= s - remaining;
- if (p != NULL)
- memmove(remaining, s + 1, remaining_len + 1);
+
+ /* shift first component off front of path, including '/' */
+ if (p) {
+ s++; /* skip '/' */
+ remaining_len -= s - remaining;
+ /* the +1 includes the trailing '\0' */
+ memmove(remaining, s, remaining_len + 1);
+ }
+ else
+ remaining_len = 0;
+
if (resolved[resolved_len - 1] != '/') {
if (resolved_len + 1 >= MAXPATHLEN) {
errno = ENAMETOOLONG;
--
2.25.4

@ -2,7 +2,7 @@
Name: perl-PathTools
Version: 3.78
Release: 461%{?dist}
Release: 439%{?dist}
Summary: PathTools Perl module (Cwd, File::Spec)
# Cwd.xs: BSD
# other files: GPL+ or Artistic
@ -13,8 +13,6 @@ Source0: https://cpan.metacpan.org/authors/id/X/XS/XSAWYERX/PathTools-%{b
Patch0: PathTools-3.74-Disable-VMS-tests.patch
# Unbundled from perl 5.29.10
Patch1: PathTools-3.75-Upgrade-to-3.78.patch
# Fix an off-by-one in bsd_realpath(), in perl after 5.33.3
Patch2: perl-5.33.3-PathTools-Cwd.xs-fix-off-by-one-in-bsd_realpath.patch
BuildRequires: coreutils
BuildRequires: findutils
BuildRequires: gcc
@ -23,6 +21,7 @@ BuildRequires: perl-devel
BuildRequires: perl-generators
BuildRequires: perl-interpreter
BuildRequires: perl(ExtUtils::MakeMaker) >= 6.76
BuildRequires: sed
# Run-time:
BuildRequires: perl(Carp)
BuildRequires: perl(constant)
@ -58,18 +57,17 @@ This is the combined distribution for the File::Spec and Cwd modules.
%setup -q -n PathTools-%{base_version}
%patch0 -p1
%patch1 -p1
%patch2 -p3
# Do not distribute File::Spec::VMS as it works on VMS only (bug #973713)
rm lib/File/Spec/VMS.pm
perl -i -ne 'print $_ unless m{^\Qlib/File/Spec/VMS.pm\E}' MANIFEST
sed -i -e '/^lib\/File\/Spec\/VMS.pm/d' MANIFEST
%build
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 NO_PERLLOCAL=1 OPTIMIZE="$RPM_OPT_FLAGS"
%{make_build}
perl Makefile.PL INSTALLDIRS=vendor NO_PACKLIST=1 OPTIMIZE="$RPM_OPT_FLAGS"
make %{?_smp_mflags}
%install
%{make_install}
make pure_install DESTDIR=$RPM_BUILD_ROOT
find $RPM_BUILD_ROOT -type f -name '*.bs' -size 0 -delete
%{_fixperms} $RPM_BUILD_ROOT/*
@ -84,33 +82,6 @@ make test
%{_mandir}/man3/*
%changelog
* Mon Aug 09 2021 Mohan Boddu <mboddu@redhat.com> - 3.78-461
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688
* Fri Apr 16 2021 Mohan Boddu <mboddu@redhat.com> - 3.78-460
- Rebuilt for RHEL 9 BETA on Apr 15th 2021. Related: rhbz#1947937
* Wed Jan 27 2021 Fedora Release Engineering <releng@fedoraproject.org> - 3.78-459
- Rebuilt for https://fedoraproject.org/wiki/Fedora_34_Mass_Rebuild
* Thu Nov 05 2020 Petr Pisar <ppisar@redhat.com> - 3.78-458
- Fix an off-by-one in bsd_realpath()
* Tue Jul 28 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.78-457
- Rebuilt for https://fedoraproject.org/wiki/Fedora_33_Mass_Rebuild
* Mon Jun 22 2020 Jitka Plesnikova <jplesnik@redhat.com> - 3.78-456
- Increase release to favour standalone package
* Thu Feb 06 2020 Tom Stellard <tstellar@redhat.com> - 3.78-441
- Spec file cleanups: Use make_build and make_install macros
- https://docs.fedoraproject.org/en-US/packaging-guidelines/#_parallel_make
- https://fedoraproject.org/wiki/Perl/Tips#ExtUtils::MakeMake
* Thu Jan 30 2020 Fedora Release Engineering <releng@fedoraproject.org> - 3.78-440
- Rebuilt for https://fedoraproject.org/wiki/Fedora_32_Mass_Rebuild
* Fri Jul 26 2019 Fedora Release Engineering <releng@fedoraproject.org> - 3.78-439
- Rebuilt for https://fedoraproject.org/wiki/Fedora_31_Mass_Rebuild

Loading…
Cancel
Save