coreutils/coreutils-invalid-ids.patch

27 lines
900 B
Diff
Raw Normal View History

While uid_t and gid_t are both unsigned, the values (uid_t) -1 and
(gid_t) -1 are reserved. A uid or gid argument of -1 to the chown(2)
system call means to leave the uid/gid unchanged. Catch this case
so that trying to set a uid or gid to -1 will result in an error.
Test cases:
chown 4294967295 file
chown :4294967295 file
chgrp 4294967295 file
Andreas Gruenbacher <agruen@suse.de>
Index: src/chgrp.c
===================================================================
- Avoid segmentation fault in "uniq" with long line input (bnc#796243, VUL-1) * src/cut.c: Instead of usig unreliable alloca() stack allocation, use heap allocation via xmalloc()+free(). (coreutils-i18n.patch) - Fix test-suite errors (bnc#798261). * tests/cp/fiemap-FMR: Fix path to src directory and declare require_valgrind_ function. (coreutils-cp-corrupt-fragmented-sparse.patch) * tests/misc/cut: Fix src/cut.c to properly pass output-delimiter tests. Synchronize cut.c related part of the i18n patch with Fedora's. Merge coreutils-i18n-infloop.patch into coreutils-i18n.patch. Merge coreutils-i18n-uninit.patch into coreutils-i18n.patch. In tests/misc/cut, do not replace the non-i18n error messages. (coreutils-i18n.patch) * tests/rm/ext3-perf: This test failed due to heavy parallel CPU and/or disk load because it is based on timeouts. Do not run the test-suite with 'make -jN. (coreutils.spec, coreutils-testsuite.spec) * Further spec changes: Run more tests: also run "very expensive" tests; add acl, python-pyinotify, strace and valgrind to the build requirements. Remove patch5 and patch6 as they are now merged into coreutils-i18n.patch (see above). (coreutils.spec, coreutils-testsuite.spec) - Maintenance changes: (coreutils.spec, coreutils-testsuite.spec) * Add perl and texinfo to the build requirements as they are needed to re-generate the man pages and the texinfo documentation. * Remove already-active "-Wall" compiler option from CFLAGS variable. * Install the compressed test-suite.log into the documentation directory of the coreutils-testsuite package (section %check and %files). * Properly guard the spec sections for the coreutils and the coreutils-testsuite package. * Update patches to reflect new line numbers. OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=172
2013-01-16 20:09:57 +01:00
--- src/chgrp.c.orig
+++ src/chgrp.c
- Update to 8.16: - Improvements: * As a GNU extension, 'chmod', 'mkdir', and 'install' now accept operators '-', '+', '=' followed by octal modes; * Also, ordinary numeric modes with five or more digits no longer preserve setuid and setgid bits, so that 'chmod 00755 FOO' now clears FOO's setuid and setgid bits. * dd now accepts the count_bytes, skip_bytes iflags and the seek_bytes oflag, to more easily allow processing portions of a file. * dd now accepts the conv=sparse flag to attempt to create sparse output, by seeking rather than writing to the output file. * ln now accepts the --relative option, to generate a relative symbolic link to a target, irrespective of how the target is specified. * split now accepts an optional "from" argument to --numeric-suffixes, which changes the start number from the default of 0. * split now accepts the --additional-suffix option, to append an additional static suffix to output file names. * basename now supports the -a and -s options, which allow processing of more than one argument at a time. Also the complementary -z option was added to delimit output items with the NUL character. * dirname now supports more than one argument. Also the complementary z option was added to delimit output items with the NUL character. - Bug fixes * du --one-file-system (-x) would ignore any non-directory specified on the command line. For example, "touch f; du -x f" would print nothing. [bug introduced in coreutils-8.15] * mv now lets you move a symlink onto a same-inode destination file that has two or more hard links. * "mv A B" could succeed, yet A would remain. * realpath no longer mishandles a root directory. - Improvements * ls can be much more efficient, especially with large directories on file systems for which getfilecon-, ACL-check- and XATTR- check-induced syscalls fail with ENOTSUP or similar. * 'realpath --relative-base=dir' in isolation now implies '--relative-to=dir' instead of causing a usage failure. * split now supports an unlimited number of split files as default behavior. For a detaild list se NEWS in the documentation. - Add up-to-date german translation. - Add two upstream patches that speed up ls (bnc#752943): * Cache (l)getfilecon calls to avoid the vast majority of the failing underlying getxattr syscalls. * Avoids always-failing queries for whether a file has a nontrivial ACL and for whether a file has certain "capabilities". OBS-URL: https://build.opensuse.org/package/show/Base:System/coreutils?expand=0&rev=147
2012-04-16 17:12:46 +02:00
@@ -88,7 +88,7 @@ parse_group (const char *name)
{
unsigned long int tmp;
if (! (xstrtoul (name, NULL, 10, &tmp, "") == LONGINT_OK
- && tmp <= GID_T_MAX))
+ && tmp <= GID_T_MAX && (gid_t) tmp != (gid_t) -1))
error (EXIT_FAILURE, 0, _("invalid group: %s"), quote (name));
gid = tmp;
}