- Add AUTHORS and COPYING to %doc.

- fix-segfault-mangled-rename.patch: Fix segfault with mangled rename patch (bsc#1080951, CVE-2018-6951, savannah#53132). OBS-URL: https://build.opensuse.org/package/show/devel:tools/patch?expand=0&rev=52
2018-03-21 15:47:14 +00:00 · 2018-03-21 15:47:14 +00:00 · 2bda6a542b
commit 2bda6a542b
parent a19fa79f16
3 changed files with 35 additions and 1 deletions
--- a/fix-segfault-mangled-rename.patch
+++ b/fix-segfault-mangled-rename.patch
@ -0,0 +1,25 @@
+From: Andreas Gruenbacher <agruen@gnu.org>
+Date: Mon, 12 Feb 2018 16:48:24 +0100
+Subject: Fix segfault with mangled rename patch
+Patch-mainline: yes
+Git-commit: f290f48a621867084884bfff87f8093c15195e6a
+References: bsc#1080951, CVE-2018-6951, savannah#53133
+
+http://savannah.gnu.org/bugs/?53132
+* src/pch.c (intuit_diff_type): Ensure that two filenames are specified
+for renames and copies (fix the existing check).
+
+diff --git a/src/pch.c b/src/pch.c
+index ff9ed2c..bc6278c 100644
+--- a/src/pch.c
+++ b/src/pch.c
+@@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type)
+     if ((pch_rename () || pch_copy ())
+ 	&& ! inname
+ 	&& ! ((i == OLD || i == NEW) &&
+-	      p_name[! reverse] &&
+	      p_name[reverse] && p_name[! reverse] &&
+	      name_is_valid (p_name[reverse]) &&
+ 	      name_is_valid (p_name[! reverse])))
+       {
+ 	say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");
--- a/patch.changes
+++ b/patch.changes
@ -1,3 +1,10 @@
+-------------------------------------------------------------------
+Wed Mar 21 16:44:09 CET 2018 - jdelvare@suse.de
+
+- Add AUTHORS and COPYING to %doc.
+- fix-segfault-mangled-rename.patch: Fix segfault with mangled
+  rename patch (bsc#1080951, CVE-2018-6951, savannah#53132).
+
 -------------------------------------------------------------------
 Wed Feb  7 18:43:51 UTC 2018 - astieger@suse.com

--- a/patch.spec
+++ b/patch.spec
@ -26,6 +26,7 @@ Url:            http://ftp.gnu.org/gnu/patch/
 Source:         http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz
 Source2:        http://ftp.gnu.org/gnu/patch/%{name}-%{version}.tar.xz.sig
 Source3:        http://savannah.gnu.org/project/memberlist-gpgkeys.php?group=patch&download=1#/patch.keyring
+Patch1:         fix-segfault-mangled-rename.patch
 # See bnc#662957. The fix for CVE-2010-4651 breaks the way interdiff was
 # invoking patch, so interdiff had to be fixed too.
 Conflicts:      patchutils < 0.3.2
@ -39,6 +40,7 @@ changed files (generated by the diff command) to the original files.

 %prep
 %setup -q
+%patch1 -p1

 %build
 export CFLAGS="%{optflags} -Wall -O2 -pipe"
@ -52,7 +54,7 @@ make %{?_smp_mflags} check %{verbose:V=1}
 make install DESTDIR=%{buildroot} %{verbose:V=1}

 %files
-%doc NEWS README
+%doc AUTHORS COPYING NEWS README
 %{_bindir}/patch
 %{_mandir}/man1/patch.1%{ext_man}