diff options
Diffstat (limited to 'meta/recipes-devtools/git/files/CVE-2023-25652.patch')
-rw-r--r-- | meta/recipes-devtools/git/files/CVE-2023-25652.patch | 94 |
1 files changed, 94 insertions, 0 deletions
diff --git a/meta/recipes-devtools/git/files/CVE-2023-25652.patch b/meta/recipes-devtools/git/files/CVE-2023-25652.patch new file mode 100644 index 0000000000..d6b17a2b8a --- /dev/null +++ b/meta/recipes-devtools/git/files/CVE-2023-25652.patch | |||
@@ -0,0 +1,94 @@ | |||
1 | From 9db05711c98efc14f414d4c87135a34c13586e0b Mon Sep 17 00:00:00 2001 | ||
2 | From: Johannes Schindelin <johannes.schindelin@gmx.de> | ||
3 | Date: Thu, 9 Mar 2023 16:02:54 +0100 | ||
4 | Subject: [PATCH] apply --reject: overwrite existing `.rej` symlink if it | ||
5 | exists | ||
6 | |||
7 | The `git apply --reject` is expected to write out `.rej` files in case | ||
8 | one or more hunks fail to apply cleanly. Historically, the command | ||
9 | overwrites any existing `.rej` files. The idea being that | ||
10 | apply/reject/edit cycles are relatively common, and the generated `.rej` | ||
11 | files are not considered precious. | ||
12 | |||
13 | But the command does not overwrite existing `.rej` symbolic links, and | ||
14 | instead follows them. This is unsafe because the same patch could | ||
15 | potentially create such a symbolic link and point at arbitrary paths | ||
16 | outside the current worktree, and `git apply` would write the contents | ||
17 | of the `.rej` file into that location. | ||
18 | |||
19 | Therefore, let's make sure that any existing `.rej` file or symbolic | ||
20 | link is removed before writing it. | ||
21 | |||
22 | Reported-by: RyotaK <ryotak.mail@gmail.com> | ||
23 | Helped-by: Taylor Blau <me@ttaylorr.com> | ||
24 | Helped-by: Junio C Hamano <gitster@pobox.com> | ||
25 | Helped-by: Linus Torvalds <torvalds@linuxfoundation.org> | ||
26 | Signed-off-by: Johannes Schindelin <johannes.schindelin@gmx.de> | ||
27 | |||
28 | Upstream-Status: Backport [https://github.com/git/git/commit/9db05711c98efc14f414d4c87135a34c13586e0b] | ||
29 | CVE: CVE-2023-25652 | ||
30 | Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> | ||
31 | --- | ||
32 | apply.c | 14 ++++++++++++-- | ||
33 | t/t4115-apply-symlink.sh | 15 +++++++++++++++ | ||
34 | 2 files changed, 27 insertions(+), 2 deletions(-) | ||
35 | |||
36 | diff --git a/apply.c b/apply.c | ||
37 | index 4f303bf..aa7111d 100644 | ||
38 | --- a/apply.c | ||
39 | +++ b/apply.c | ||
40 | @@ -4531,7 +4531,7 @@ static int write_out_one_reject(struct apply_state *state, struct patch *patch) | ||
41 | FILE *rej; | ||
42 | char namebuf[PATH_MAX]; | ||
43 | struct fragment *frag; | ||
44 | - int cnt = 0; | ||
45 | + int fd, cnt = 0; | ||
46 | struct strbuf sb = STRBUF_INIT; | ||
47 | |||
48 | for (cnt = 0, frag = patch->fragments; frag; frag = frag->next) { | ||
49 | @@ -4571,7 +4571,17 @@ static int write_out_one_reject(struct apply_state *state, struct patch *patch) | ||
50 | memcpy(namebuf, patch->new_name, cnt); | ||
51 | memcpy(namebuf + cnt, ".rej", 5); | ||
52 | |||
53 | - rej = fopen(namebuf, "w"); | ||
54 | + fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666); | ||
55 | + if (fd < 0) { | ||
56 | + if (errno != EEXIST) | ||
57 | + return error_errno(_("cannot open %s"), namebuf); | ||
58 | + if (unlink(namebuf)) | ||
59 | + return error_errno(_("cannot unlink '%s'"), namebuf); | ||
60 | + fd = open(namebuf, O_CREAT | O_EXCL | O_WRONLY, 0666); | ||
61 | + if (fd < 0) | ||
62 | + return error_errno(_("cannot open %s"), namebuf); | ||
63 | + } | ||
64 | + rej = fdopen(fd, "w"); | ||
65 | if (!rej) | ||
66 | return error_errno(_("cannot open %s"), namebuf); | ||
67 | |||
68 | diff --git a/t/t4115-apply-symlink.sh b/t/t4115-apply-symlink.sh | ||
69 | index 1acb7b2..2b034ff 100755 | ||
70 | --- a/t/t4115-apply-symlink.sh | ||
71 | +++ b/t/t4115-apply-symlink.sh | ||
72 | @@ -125,4 +125,19 @@ test_expect_success SYMLINKS 'symlink escape when deleting file' ' | ||
73 | test_path_is_file .git/delete-me | ||
74 | ' | ||
75 | |||
76 | +test_expect_success SYMLINKS '--reject removes .rej symlink if it exists' ' | ||
77 | + test_when_finished "git reset --hard && git clean -dfx" && | ||
78 | + | ||
79 | + test_commit file && | ||
80 | + echo modified >file.t && | ||
81 | + git diff -- file.t >patch && | ||
82 | + echo modified-again >file.t && | ||
83 | + | ||
84 | + ln -s foo file.t.rej && | ||
85 | + test_must_fail git apply patch --reject 2>err && | ||
86 | + test_i18ngrep "Rejected hunk" err && | ||
87 | + test_path_is_missing foo && | ||
88 | + test_path_is_file file.t.rej | ||
89 | +' | ||
90 | + | ||
91 | test_done | ||
92 | -- | ||
93 | 2.25.1 | ||
94 | |||