| Patch | Description | Author | Forwarded | Bugs | Origin | Last update |
|---|---|---|---|---|---|---|
| m-merge | no | |||||
| path_max | no | |||||
| 558485-backupmode | no | |||||
| Fix_segfault_with_mangled_rename_patch.patch | Fix segfault with mangled rename patch http://savannah.gnu.org/bugs/?53132 * src/pch.c (intuit_diff_type): Ensure that two filenames are specified for renames and copies (fix the existing check). |
Andreas Gruenbacher <agruen@gnu.org> | no | 2018-02-12 | ||
| Allow_input_files_to_be_missing_for_ed-style_patches.patch | Allow input files to be missing for ed-style patches * src/pch.c (do_ed_script): Allow input files to be missing so that new files will be created as with non-ed-style patches. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2018-04-06 | ||
| Fix_arbitrary_command_execution_in_ed-style_patches.patch | Fix arbitrary command execution in ed-style patches (CVE-2018-1000156) * src/pch.c (do_ed_script): Write ed script to a temporary file instead of piping it to ed: this will cause ed to abort on invalid commands instead of rejecting them and carrying on. * tests/ed-style: New test case. * tests/Makefile.am (TESTS): Add test case. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2018-04-06 | ||
| 0001-Fix-ed-style-test-failure.patch | [PATCH] Fix 'ed-style' test failure. * tests/ed-style: Remove '?' line from expected output. |
Bruno Haible <bruno@clisp.org> | no | 2018-04-07 | ||
| 0002-Abort_when_cleaning_up_fails.patch | Abort when cleaning up fails When a fatal error triggers during cleanup, another attempt will be made to clean up, which will likely lead to the same fatal error. So instead, bail out when that happens. src/patch.c (cleanup): Bail out when called recursively. (main): There is no need to call output_files() before cleanup() as cleanup() already does that. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2019-06-28 | ||
| 0003-Do_not_crash_when_RLIMIT_NOFILE_is_set_to_RLIM_INFINITY.patch | Don't crash when RLIMIT_NOFILE is set to RLIM_INFINITY * src/safe.c (min_cached_fds): Define minimum number of cached dir file descriptors. (max_cached_fds): Change type to rlim_t to allow storing RLIM_INFINITY. (init_dirfd_cache): Set max_cached_fds to RLIM_INFINITY when RLIMIT_NOFILE is RLIM_INFINITY. Set the initial hash table size to min_cached_fds, independent of RLIMIT_NOFILE: patches commonly only affect one or a few files, so a small hash table will usually suffice; if needed, the hash table will grow. (insert_cached_dirfd): Don't shrink the cache when max_cached_fds is RLIM_INFINITY. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2019-06-27 | ||
| 0004-CVE-2019-13636.patch | Don't follow symlinks unless --follow-symlinks is given * src/inp.c (plan_a, plan_b), src/util.c (copy_to_fd, copy_file, append_to_file): Unless the --follow-symlinks option is given, open files with the O_NOFOLLOW flag to avoid following symlinks. So far, we were only doing that consistently for input files. * src/util.c (create_backup): When creating empty backup files, (re)create them with O_CREAT | O_EXCL to avoid following symlinks in that case as well. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2019-07-15 | ||
| 0005-CVE-2019-13638.patch | Invoke ed directly instead of using the shell * src/pch.c (do_ed_script): Invoke ed directly instead of using a shell command to avoid quoting vulnerabilities. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2018-04-06 | ||
| 0006-Do_not_leak_temporary_file.patch | Don't leak temporary file on failed ed-style patch Now that we write ed-style patches to a temporary file before we apply them, we need to ensure that the temporary file is removed before we leave, even on fatal error. * src/pch.c (do_ed_script): Use global TMPEDNAME instead of local tmpname. Don't unlink the file directly, instead tag it for removal at exit time. * src/patch.c (cleanup): Unlink TMPEDNAME at exit. This closes bug #53820: https://savannah.gnu.org/bugs/index.php?53820 |
Jean Delvare <jdelvare@suse.de> | no | 2018-05-03 | ||
| 0007-Do_not_leak_temporary_file_on_failed_multi-file.patch | Don't leak temporary file on failed multi-file ed-style patch The previous fix worked fine with single-file ed-style patches, but would still leak temporary files in the case of multi-file ed-style patch. Fix that case as well, and extend the test case to check for it. * src/patch.c (main): Unlink TMPEDNAME if needed before moving to the next file in a patch. This closes bug #53820: https://savannah.gnu.org/bugs/index.php?53820 |
Jean Delvare <jdelvare@suse.de> | no | 2018-05-07 | ||
| 0008-Avoid_invalid_memory_access_in_context_format_diffs.patch | Avoid invalid memory access in context format diffs * src/pch.c (another_hunk): Avoid invalid memory access in context format diffs. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2019-07-15 | ||
| 0009-Fix_failed_assertion_outstate-after_newline.patch | Fix failed assertion 'outstate->after_newline' The assertion triggers when the -o FILE option is used, more than one output file is written into FILE, and one of those files (except the last one) ends in the middle of a line. * src/patch.c (main): Fix the case described above. |
Andreas Gruenbacher <agruen@gnu.org> | no | 2019-07-16 |