diff options
Diffstat (limited to 'gnu/packages/patches')
-rw-r--r-- | gnu/packages/patches/zsh-CVE-2018-7548.patch | 48 | ||||
-rw-r--r-- | gnu/packages/patches/zsh-CVE-2018-7549.patch | 56 |
2 files changed, 0 insertions, 104 deletions
diff --git a/gnu/packages/patches/zsh-CVE-2018-7548.patch b/gnu/packages/patches/zsh-CVE-2018-7548.patch deleted file mode 100644 index 1ee15fad73..0000000000 --- a/gnu/packages/patches/zsh-CVE-2018-7548.patch +++ /dev/null @@ -1,48 +0,0 @@ -Fix CVE-2018-7548: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7548 - -Patch copied from upstream source repository: - -https://sourceforge.net/p/zsh/code/ci/110b13e1090bc31ac1352b28adc2d02b6d25a102 - -From 110b13e1090bc31ac1352b28adc2d02b6d25a102 Mon Sep 17 00:00:00 2001 -From: Joey Pabalinas <joeypabalinas@gmail.com> -Date: Tue, 23 Jan 2018 22:28:08 -0800 -Subject: [PATCH] 42313: avoid null-pointer deref when using ${(PA)...} on an - empty array result - ---- - ChangeLog | 5 +++++ - Src/subst.c | 2 +- - 2 files changed, 6 insertions(+), 1 deletion(-) - -#diff --git a/ChangeLog b/ChangeLog -#index d2ba94afc..3037edda4 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -1,3 +1,8 @@ -#+2018-01-23 Barton E. Schaefer <schaefer@zsh.org> -#+ -#+ * Joey Pabalinas: 42313: Src/subst.c: avoid null-pointer deref -#+ when using ${(PA)...} on an empty array result -#+ -# 2018-01-23 Oliver Kiddle <okiddle@yahoo.co.uk> -# -# * 42317: Completion/Linux/Command/_cryptsetup, -diff --git a/Src/subst.c b/Src/subst.c -index d027e3d83..a265a187e 100644 ---- a/Src/subst.c -+++ b/Src/subst.c -@@ -2430,7 +2430,7 @@ paramsubst(LinkList l, LinkNode n, char **str, int qt, int pf_flags, - val = aval[0]; - isarr = 0; - } -- s = dyncat(val, s); -+ s = val ? dyncat(val, s) : dupstring(s); - /* Now behave po-faced as if it was always like that... */ - subexp = 0; - /* --- -2.16.2 - diff --git a/gnu/packages/patches/zsh-CVE-2018-7549.patch b/gnu/packages/patches/zsh-CVE-2018-7549.patch deleted file mode 100644 index abefcdf2f9..0000000000 --- a/gnu/packages/patches/zsh-CVE-2018-7549.patch +++ /dev/null @@ -1,56 +0,0 @@ -Fix CVE-2018-7549: - -https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7549 - -Patch copied from upstream source repository: - -https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd - -From c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd Mon Sep 17 00:00:00 2001 -From: Stephane Chazelas <stephane.chazelas@gmail.com> -Date: Fri, 22 Dec 2017 22:17:09 +0000 -Subject: [PATCH] Avoid crash copying empty hash table. - -Visible with typeset -p. ---- - ChangeLog | 2 ++ - Src/params.c | 11 +++++++---- - 2 files changed, 9 insertions(+), 4 deletions(-) - -#diff --git a/ChangeLog b/ChangeLog -#index f74c26b88..e3628cfa7 100644 -#--- a/ChangeLog -#+++ b/ChangeLog -#@@ -1,5 +1,7 @@ -# 2018-01-04 Peter Stephenson <p.stephenson@samsung.com> -# -#+ * Stephane: 42159: Src/params.c: avoid crash copying empty hash table. -#+ -# * Sebastian: 42188: Src/Modules/system.c: It is necessary to -# close the lock descriptor in some failure cases. -# -diff --git a/Src/params.c b/Src/params.c -index 31ff0445b..de7730ae7 100644 ---- a/Src/params.c -+++ b/Src/params.c -@@ -549,10 +549,13 @@ scancopyparams(HashNode hn, UNUSED(int flags)) - HashTable - copyparamtable(HashTable ht, char *name) - { -- HashTable nht = newparamtable(ht->hsize, name); -- outtable = nht; -- scanhashtable(ht, 0, 0, 0, scancopyparams, 0); -- outtable = NULL; -+ HashTable nht = 0; -+ if (ht) { -+ nht = newparamtable(ht->hsize, name); -+ outtable = nht; -+ scanhashtable(ht, 0, 0, 0, scancopyparams, 0); -+ outtable = NULL; -+ } - return nht; - } - --- -2.16.2 - |