Projects
openEuler:24.03
less
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
Expand all
Collapse all
Changes of Revision 9
View file
_service:tar_scm:less.spec
Changed
@@ -1,12 +1,15 @@ Name: less Version: 633 -Release: 1 +Release: 2 Summary: Less is a pager that displays text files. License: GPLv3+ or BSD URL: http://www.greenwoodsoftware.com/less Source0: http://www.greenwoodsoftware.com/less/%{name}-%{version}.tar.gz Patch0: less-394-time.patch Patch1: less-475-fsync.patch +Patch2: backport-Some-constifying.patch +Patch3: backport-Implement-osc8_open.patch +Patch4: backport-CVE-2024-32487.patch BuildRequires: gcc make ncurses-devel autoconf automake libtool @@ -45,6 +48,9 @@ %{_mandir}/man1/* %changelog +* Mon Apr 22 2024 wangjiang <wangjiang37@h-partners.com> - 633-2 +- fix CVE-2024-32487 + * Tue Jan 30 2024 hongjinghao <hongjinghao@huawei.com> - 633-1 - Update to 633
View file
_service:tar_scm:backport-CVE-2024-32487.patch
Added
@@ -0,0 +1,70 @@ +From 007521ac3c95bc76e3d59c6dbfe75d06c8075c33 Mon Sep 17 00:00:00 2001 +From: Mark Nudelman <markn@greenwoodsoftware.com> +Date: Thu, 11 Apr 2024 17:49:48 -0700 +Subject: PATCH Fix bug when viewing a file whose name contains a newline. + +--- + filename.c | 29 ++++++++++++++++++++++++----- + 1 file changed, 24 insertions(+), 5 deletions(-) + +diff --git a/filename.c b/filename.c +index 5d7a5ef..987c24a 100644 +--- a/filename.c ++++ b/filename.c +@@ -133,6 +133,15 @@ static int metachar(char c) + return (strchr(metachars(), c) != NULL); + } + ++/* ++ * Must use quotes rather than escape char for this metachar? ++ */ ++static int must_quote(char c) ++{ ++ /* {{ Maybe the set of must_quote chars should be configurable? }} */ ++ return (c == '\n'); ++} ++ + /* + * Insert a backslash before each metacharacter in a string. + */ +@@ -165,6 +174,9 @@ public char * shell_quoten(constant char *s, size_t slen) + * doesn't support escape chars. Use quotes. + */ + use_quotes = 1; ++ } else if (must_quote(*p)) ++ { ++ len += 3; /* open quote + char + close quote */ + } else + { + /* +@@ -195,15 +207,22 @@ public char * shell_quoten(constant char *s, size_t slen) + constant char *es = s + slen; + while (s < es) + { +- if (metachar(*s)) ++ if (!metachar(*s)) + { +- /* +- * Add the escape char. +- */ ++ *np++ = *s++; ++ } else if (must_quote(*s)) ++ { ++ /* Surround the char with quotes. */ ++ *np++ = openquote; ++ *np++ = *s++; ++ *np++ = closequote; ++ } else ++ { ++ /* Insert an escape char before the char. */ + strcpy(np, esc); + np += esclen; ++ *np++ = *s++; + } +- *np++ = *s++; + } + *np = '\0'; + } +-- +2.43.0 +
View file
_service:tar_scm:backport-Implement-osc8_open.patch
Added
@@ -0,0 +1,69 @@ +From 90d9d12ba9d3818a0074f33c5153b577d07aa8fd Mon Sep 17 00:00:00 2001 +From: Mark Nudelman <markn@greenwoodsoftware.com> +Date: Tue, 16 Jan 2024 18:14:33 -0800 +Subject: PATCH Implement osc8_open(). + +--- + filename.c | 16 +++++++++++----- + 1 file changed, 11 insertions(+), 5 deletions(-) + +diff --git a/filename.c b/filename.c +index 672dc94..5d7a5ef 100644 +--- a/filename.c ++++ b/filename.c +@@ -136,7 +136,7 @@ static int metachar(char c) + /* + * Insert a backslash before each metacharacter in a string. + */ +-public char * shell_quote(constant char *s) ++public char * shell_quoten(constant char *s, size_t slen) + { + constant char *p; + char *np; +@@ -151,7 +151,7 @@ public char * shell_quote(constant char *s) + * Determine how big a string we need to allocate. + */ + len = 1; /* Trailing null byte */ +- for (p = s; *p != '\0'; p++) ++ for (p = s; p < s + slen; p++) + { + len++; + if (*p == openquote || *p == closequote) +@@ -181,7 +181,7 @@ public char * shell_quote(constant char *s) + * We can't quote a string that contains quotes. + */ + return (NULL); +- len = (int) strlen(s) + 3; ++ len = slen + 3; + } + /* + * Allocate and construct the new string. +@@ -189,10 +189,11 @@ public char * shell_quote(constant char *s) + newstr = np = (char *) ecalloc(len, sizeof(char)); + if (use_quotes) + { +- SNPRINTF3(newstr, len, "%c%s%c", openquote, s, closequote); ++ SNPRINTF4(newstr, len, "%c%.*s%c", openquote, (int) slen, s, closequote); + } else + { +- while (*s != '\0') ++ constant char *es = s + slen; ++ while (s < es) + { + if (metachar(*s)) + { +@@ -209,6 +210,11 @@ public char * shell_quote(constant char *s) + return (newstr); + } + ++public char * shell_quote(char *s) ++{ ++ return shell_quoten(s, strlen(s)); ++} ++ + /* + * Return a pathname that points to a specified file in a specified directory. + * Return NULL if the file does not exist in the directory. +-- +2.43.0 +
View file
_service:tar_scm:backport-Some-constifying.patch
Added
@@ -0,0 +1,59 @@ +From 756acc92c9d6bea9929d9105207e081054be05fb Mon Sep 17 00:00:00 2001 +From: Mark Nudelman <markn@greenwoodsoftware.com> +Date: Mon, 6 Nov 2023 11:44:08 -0800 +Subject: PATCH Some constifying. + +--- + filename.c | 17 +++++++++-------- + 1 file changed, 9 insertions(+), 8 deletions(-) + +diff --git a/filename.c b/filename.c +index a8726dc..672dc94 100644 +--- a/filename.c ++++ b/filename.c +@@ -136,12 +136,13 @@ static int metachar(char c) + /* + * Insert a backslash before each metacharacter in a string. + */ +-public char * shell_quote(char *s) ++public char * shell_quote(constant char *s) + { +- char *p; ++ constant char *p; ++ char *np; + char *newstr; + int len; +- char *esc = get_meta_escape(); ++ constant char *esc = get_meta_escape(); + int esclen = (int) strlen(esc); + int use_quotes = 0; + int have_quotes = 0; +@@ -185,7 +186,7 @@ public char * shell_quote(char *s) + /* + * Allocate and construct the new string. + */ +- newstr = p = (char *) ecalloc(len, sizeof(char)); ++ newstr = np = (char *) ecalloc(len, sizeof(char)); + if (use_quotes) + { + SNPRINTF3(newstr, len, "%c%s%c", openquote, s, closequote); +@@ -198,12 +199,12 @@ public char * shell_quote(char *s) + /* + * Add the escape char. + */ +- strcpy(p, esc); +- p += esclen; ++ strcpy(np, esc); ++ np += esclen; + } +- *p++ = *s++; ++ *np++ = *s++; + } +- *p = '\0'; ++ *np = '\0'; + } + return (newstr); + } +-- +2.43.0 +
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2