From: Andreas Gruenbacher Date: Mon, 12 Feb 2018 16:48:24 +0100 Subject: Fix segfault with mangled rename patch Patch-mainline: yes Git-commit: f290f48a621867084884bfff87f8093c15195e6a References: bsc#1080951, CVE-2018-6951, savannah#53133 http://savannah.gnu.org/bugs/?53132 * src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). diff --git a/src/pch.c b/src/pch.c index ff9ed2c..bc6278c 100644 --- a/src/pch.c +++ b/src/pch.c @@ -974,7 +974,8 @@ intuit_diff_type (bool need_header, mode_t *p_file_type) if ((pch_rename () || pch_copy ()) && ! inname && ! ((i == OLD || i == NEW) && - p_name[! reverse] && + p_name[reverse] && p_name[! reverse] && + name_is_valid (p_name[reverse]) && name_is_valid (p_name[! reverse]))) { say ("Cannot %s file without two valid file names\n", pch_rename () ? "rename" : "copy");