Sync from SUSE:SLFO:Main less revision e0196ab6f4cd201291067a5af6442c5a

This commit is contained in:
Adrian Schröter 2024-06-30 14:22:47 +02:00
parent 850a11be1d
commit a97e1ba035
3 changed files with 78 additions and 0 deletions

67
CVE-2024-32487.patch Normal file
View File

@ -0,0 +1,67 @@
From 007521ac3c95bc76e3d59c6dbfe75d06c8075c33 Mon Sep 17 00:00:00 2001
From: Mark Nudelman <markn@greenwoodsoftware.com>
Date: Thu, 11 Apr 2024 17:49:48 -0700
Subject: [PATCH] Fix bug when viewing a file whose name contains a newline.
---
filename.c | 31 +++++++++++++++++++++++++------
1 file changed, 25 insertions(+), 6 deletions(-)
Index: less-633/filename.c
===================================================================
--- less-633.orig/filename.c
+++ less-633/filename.c
@@ -134,6 +134,15 @@ static int metachar(char c)
}
/*
+ * Must use quotes rather than escape char for this metachar?
+ */
+static int must_quote(char c)
+{
+ /* {{ Maybe the set of must_quote chars should be configurable? }} */
+ return (c == '\n');
+}
+
+/*
* Insert a backslash before each metacharacter in a string.
*/
public char * shell_quote(char *s)
@@ -164,6 +173,9 @@ public char * shell_quote(char *s)
* doesn't support escape chars. Use quotes.
*/
use_quotes = 1;
+ } else if (must_quote(*p))
+ {
+ len += 3; /* open quote + char + close quote */
} else
{
/*
@@ -193,15 +205,22 @@ public char * shell_quote(char *s)
{
while (*s != '\0')
{
- if (metachar(*s))
+ if (!metachar(*s))
{
- /*
- * Add the escape char.
- */
+ *p++ = *s++;
+ } else if (must_quote(*s))
+ {
+ /* Surround the char with quotes. */
+ *p++ = openquote;
+ *p++ = *s++;
+ *p++ = closequote;
+ } else
+ {
+ /* Insert an escape char before the char. */
strcpy(p, esc);
p += esclen;
+ *p++ = *s++;
}
- *p++ = *s++;
}
*p = '\0';
}

View File

@ -1,3 +1,11 @@
-------------------------------------------------------------------
Tue Jun 11 21:53:49 UTC 2024 - Stanislav Brabec <sbrabec@suse.com>
- Fix CVE-2024-32487, mishandling of \n character in paths when
LESSOPEN is set leads to OS command execution
(CVE-2024-32487, bsc#1222849)
* CVE-2024-32487.patch
------------------------------------------------------------------- -------------------------------------------------------------------
Thu May 4 08:12:21 UTC 2023 - Kristyna Streitova <kstreitova@suse.com> Thu May 4 08:12:21 UTC 2023 - Kristyna Streitova <kstreitova@suse.com>

View File

@ -37,6 +37,9 @@ Source5: https://www.greenwoodsoftware.com/less/less-%{version}.sig
Source6: https://www.greenwoodsoftware.com/less/pubkey.asc#/%{name}.keyring Source6: https://www.greenwoodsoftware.com/less/pubkey.asc#/%{name}.keyring
Patch0: less-429-shell.patch Patch0: less-429-shell.patch
Patch2: less-429-more.patch Patch2: less-429-more.patch
# PATCH-FIX-UPSTREAM danilo.spinella@suse.com bsc#1222849
# mishandling of \n character in paths when LESSOPEN is set leads to OS command execution
Patch3: CVE-2024-32487.patch
BuildRequires: automake BuildRequires: automake
BuildRequires: ncurses-devel BuildRequires: ncurses-devel
BuildRequires: pkgconfig BuildRequires: pkgconfig