Projects
openEuler:24.03:SP1:Everything
sed
_service:tar_scm:backport-sed-fix-symlink-bufsi...
Sign Up
Log In
Username
Password
Overview
Repositories
Revisions
Requests
Users
Attributes
Meta
File _service:tar_scm:backport-sed-fix-symlink-bufsize-readlink-check.patch of Package sed
From 8f600f2df293d539e9e9137f6f82faa1633b97c1 Mon Sep 17 00:00:00 2001 From: Paul Eggert <eggert@cs.ucla.edu> Date: Sat, 17 Dec 2022 20:56:29 -0800 Subject: [PATCH] sed: fix symlink bufsize readlink check Problem reported by Hauke Mehrtens. * sed/utils.c (follow_symlink): Fix typo when checking size of second and later symlink, when that symlink is so large that it does not fit into the buffer. Although the bug is not a buffer overflow, it does cause sed to mishandle the symlink. * testsuite/follow-symlinks.sh: Test for the bug. --- NEWS | 8 ++++++++ sed/utils.c | 2 +- testsuite/follow-symlinks.sh | 13 +++++++++++++ 3 files changed, 22 insertions(+), 1 deletion(-) diff --git a/NEWS b/NEWS index b3db3bc..85a8db9 100644 --- a/NEWS +++ b/NEWS @@ -1,5 +1,13 @@ GNU sed NEWS -*- outline -*- +* Noteworthy changes in release ?.? (????-??-??) [?] + +** Bug fixes + + 'sed --follow-symlinks -i' no longer mishandles an operand that is a + short symbolic link to a long symbolic link to a file. + [bug introduced in sed 4.9] + * Noteworthy changes in release 4.9 (2022-11-06) [stable] ** Bug fixes diff --git a/sed/utils.c b/sed/utils.c index 2952e8b..1ccda42 100644 --- a/sed/utils.c +++ b/sed/utils.c @@ -346,7 +346,7 @@ follow_symlink (const char *fname) while ((linklen = (buf_used < buf_size ? readlink (fn, buf + buf_used, buf_size - buf_used) : 0)) - == buf_size) + == buf_size - buf_used) { buf = xpalloc (buf, &buf_size, 1, SSIZE_IDX_MAX, 1); if (num_links) diff --git a/testsuite/follow-symlinks.sh b/testsuite/follow-symlinks.sh index 880a80e..c418804 100644 --- a/testsuite/follow-symlinks.sh +++ b/testsuite/follow-symlinks.sh @@ -73,4 +73,17 @@ compare_ exp-la-abs out-la-abs || fail=1 ln -s la-loop la-loop || framework_failure_ sed --follow-symlinks -i s/a/b/ la-loop && fail=1 +# symlink of length 128 +long=d/ +for i in 2 3 4 5 6 7; do + long=$long$long +done +dir=${long%/d/} +file=$dir/xx +mkdir -p $dir && +echo x >$file && +ln -s $file yy && +ln -s yy xx || framework_failure_ +sed -i --follow-symlinks s/x/y/ xx || fail=1 + Exit $fail -- 2.23.0
Locations
Projects
Search
Status Monitor
Help
Open Build Service
OBS Manuals
API Documentation
OBS Portal
Reporting a Bug
Contact
Mailing List
Forums
Chat (IRC)
Twitter
Open Build Service (OBS)
is an
openSUSE project
.
浙ICP备2022010568号-2