[coreutils/f17] fix multiple segmantation faults in i18n patch (by SUSE) (#869442, #902917)- CVE2013-0223/CVE2013-02
Ondrej Vasik
ovasik at fedoraproject.org
Wed Jan 30 15:38:07 UTC 2013
commit 7491020ff9f0c45480b5b365823a58c869df7552
Author: Ondřej Vašík <ovasik at redhat.com>
Date: Wed Jan 30 16:38:00 2013 +0100
fix multiple segmantation faults in i18n patch (by SUSE) (#869442, #902917)- CVE2013-0223/CVE2013-0221/CVE2013-0222
coreutils-i18n.patch | 253 ++++++++++++++++++++++++++++----------------------
coreutils.spec | 4 +
2 files changed, 144 insertions(+), 113 deletions(-)
---
diff --git a/coreutils-i18n.patch b/coreutils-i18n.patch
index de8d839..55f12e7 100644
--- a/coreutils-i18n.patch
+++ b/coreutils-i18n.patch
@@ -1,6 +1,6 @@
-diff -urNp coreutils-8.13-orig/lib/linebuffer.h coreutils-8.13/lib/linebuffer.h
---- coreutils-8.13-orig/lib/linebuffer.h 2011-04-24 19:21:45.000000000 +0200
-+++ coreutils-8.13/lib/linebuffer.h 2011-09-09 10:23:14.163704760 +0200
+diff -urNp coreutils-8.15-orig/lib/linebuffer.h coreutils-8.15/lib/linebuffer.h
+--- coreutils-8.15-orig/lib/linebuffer.h 2012-01-06 10:14:31.000000000 +0100
++++ coreutils-8.15/lib/linebuffer.h 2013-01-30 13:40:37.339145671 +0100
@@ -21,6 +21,11 @@
# include <stdio.h>
@@ -23,9 +23,9 @@ diff -urNp coreutils-8.13-orig/lib/linebuffer.h coreutils-8.13/lib/linebuffer.h
};
/* Initialize linebuffer LINEBUFFER for use. */
-diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
---- coreutils-8.13-orig/src/cut.c 2011-07-28 12:38:27.000000000 +0200
-+++ coreutils-8.13/src/cut.c 2011-09-09 10:23:14.165701039 +0200
+diff -urNp coreutils-8.15-orig/src/cut.c coreutils-8.15/src/cut.c
+--- coreutils-8.15-orig/src/cut.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/cut.c 2013-01-30 13:40:37.341145459 +0100
@@ -28,6 +28,11 @@
#include <assert.h>
#include <getopt.h>
@@ -304,7 +304,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
/* Read from stream STREAM, printing to standard output any selected fields. */
static void
-@@ -704,13 +843,195 @@ cut_fields (FILE *stream)
+@@ -704,13 +857,195 @@ cut_fields (FILE *stream)
}
}
@@ -503,7 +503,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
}
/* Process file FILE to standard output.
-@@ -762,6 +1080,8 @@ main (int argc, char **argv)
+@@ -762,6 +1097,8 @@ main (int argc, char **argv)
bool ok;
bool delim_specified = false;
char *spec_list_string IF_LINT ( = NULL);
@@ -512,7 +512,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
initialize_main (&argc, &argv);
set_program_name (argv[0]);
-@@ -784,7 +1104,6 @@ main (int argc, char **argv)
+@@ -784,7 +1121,6 @@ main (int argc, char **argv)
switch (optc)
{
case 'b':
@@ -520,7 +520,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
/* Build the byte list. */
if (operating_mode != undefined_mode)
FATAL_ERROR (_("only one type of list may be specified"));
-@@ -792,6 +1111,14 @@ main (int argc, char **argv)
+@@ -792,6 +1128,14 @@ main (int argc, char **argv)
spec_list_string = optarg;
break;
@@ -535,7 +535,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
case 'f':
/* Build the field list. */
if (operating_mode != undefined_mode)
-@@ -803,10 +1130,35 @@ main (int argc, char **argv)
+@@ -803,10 +1147,35 @@ main (int argc, char **argv)
case 'd':
/* New delimiter. */
/* Interpret -d '' to mean `use the NUL byte as the delimiter.' */
@@ -575,7 +575,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
break;
case OUTPUT_DELIMITER_OPTION:
-@@ -819,6 +1171,7 @@ main (int argc, char **argv)
+@@ -819,6 +1188,7 @@ main (int argc, char **argv)
break;
case 'n':
@@ -583,7 +583,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
break;
case 's':
-@@ -841,7 +1194,7 @@ main (int argc, char **argv)
+@@ -841,7 +1211,7 @@ main (int argc, char **argv)
if (operating_mode == undefined_mode)
FATAL_ERROR (_("you must specify a list of bytes, characters, or fields"));
@@ -592,7 +592,7 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
FATAL_ERROR (_("an input delimiter may be specified only\
when operating on fields"));
-@@ -868,15 +1221,34 @@ main (int argc, char **argv)
+@@ -868,15 +1238,34 @@ main (int argc, char **argv)
}
if (!delim_specified)
@@ -633,9 +633,9 @@ diff -urNp coreutils-8.13-orig/src/cut.c coreutils-8.13/src/cut.c
}
if (optind == argc)
-diff -urNp coreutils-8.13-orig/src/expand.c coreutils-8.13/src/expand.c
---- coreutils-8.13-orig/src/expand.c 2011-07-28 12:38:27.000000000 +0200
-+++ coreutils-8.13/src/expand.c 2011-09-09 10:23:14.167583399 +0200
+diff -urNp coreutils-8.15-orig/src/expand.c coreutils-8.15/src/expand.c
+--- coreutils-8.15-orig/src/expand.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/expand.c 2013-01-30 13:40:37.343145830 +0100
@@ -38,12 +38,29 @@
#include <stdio.h>
#include <getopt.h>
@@ -823,9 +823,9 @@ diff -urNp coreutils-8.13-orig/src/expand.c coreutils-8.13/src/expand.c
if (have_read_stdin && fclose (stdin) != 0)
error (EXIT_FAILURE, errno, "-");
-diff -urNp coreutils-8.13-orig/src/fold.c coreutils-8.13/src/fold.c
---- coreutils-8.13-orig/src/fold.c 2011-07-28 12:38:27.000000000 +0200
-+++ coreutils-8.13/src/fold.c 2011-09-09 10:23:14.169583741 +0200
+diff -urNp coreutils-8.15-orig/src/fold.c coreutils-8.15/src/fold.c
+--- coreutils-8.15-orig/src/fold.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/fold.c 2013-01-30 13:40:37.344145705 +0100
@@ -22,12 +22,34 @@
#include <getopt.h>
#include <sys/types.h>
@@ -1223,9 +1223,9 @@ diff -urNp coreutils-8.13-orig/src/fold.c coreutils-8.13/src/fold.c
break;
case 's': /* Break at word boundaries. */
-diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
---- coreutils-8.13-orig/src/join.c 2011-08-08 10:16:09.000000000 +0200
-+++ coreutils-8.13/src/join.c 2011-09-09 10:23:14.172687087 +0200
+diff -urNp coreutils-8.15-orig/src/join.c coreutils-8.15/src/join.c
+--- coreutils-8.15-orig/src/join.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/join.c 2013-01-30 15:59:19.544250392 +0100
@@ -22,18 +22,32 @@
#include <sys/types.h>
#include <getopt.h>
@@ -1444,7 +1444,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
static void
freeline (struct line *line)
{
-@@ -314,56 +473,115 @@ keycmp (struct line const *line1, struct
+@@ -314,56 +473,129 @@ keycmp (struct line const *line1, struct
size_t jf_1, size_t jf_2)
{
/* Start of field to compare in each file. */
@@ -1458,6 +1458,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
+ size_t len[2]; /* Length of fields to compare. */
int diff;
+ int i, j;
++ int mallocd = 0;
if (jf_1 < line1->nfields)
{
@@ -1513,7 +1514,8 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
+
+ for (i = 0; i < 2; i++)
+ {
-+ copy[i] = alloca (len[i] + 1);
++ copy[i] = xmalloc (len[i] + 1);
++ mallocd = 1;
+
+ for (j = 0; j < MIN (len[0], len[1]);)
+ {
@@ -1553,7 +1555,8 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
+ {
+ for (i = 0; i < 2; i++)
+ {
-+ copy[i] = alloca (len[i] + 1);
++ copy[i] = xmalloc (len[i] + 1);
++ mallocd = 1;
+
+ for (j = 0; j < MIN (len[0], len[1]); j++)
+ copy[i][j] = toupper (beg[i][j]);
@@ -1569,13 +1572,24 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
- diff = memcmp (beg1, beg2, MIN (len1, len2));
+ copy[0] = (unsigned char *) beg[0];
+ copy[1] = (unsigned char *) beg[1];
- }
-
++ }
++
+ if (hard_LC_COLLATE)
-+ return xmemcoll ((char *) copy[0], len[0], (char *) copy[1], len[1]);
-+ diff = memcmp (copy[0], copy[1], MIN (len[0], len[1]));
++ {
++ diff = xmemcoll ((char *) copy[0], len[0], (char *) copy[1], len[1]);
+
++ if (mallocd)
++ for (i = 0; i < 2; i++)
++ free (copy[i]);
+
++ return diff;
+ }
++ diff = memcmp (copy[0], copy[1], MIN (len[0], len[1]));
++
++ if (mallocd)
++ for (i = 0; i < 2; i++)
++ free (copy[i]);
+
if (diff)
return diff;
- return len1 < len2 ? -1 : len1 != len2;
@@ -1583,7 +1597,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
}
/* Check that successive input lines PREV and CURRENT from input file
-@@ -455,6 +673,11 @@ get_line (FILE *fp, struct line **linep,
+@@ -455,6 +687,11 @@ get_line (FILE *fp, struct line **linep,
}
++line_no[which - 1];
@@ -1595,7 +1609,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
xfields (line);
if (prevline[which - 1])
-@@ -554,21 +777,28 @@ prfield (size_t n, struct line const *li
+@@ -554,21 +791,28 @@ prfield (size_t n, struct line const *li
/* Output all the fields in line, other than the join field. */
@@ -1627,7 +1641,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
prfield (i, line);
}
}
-@@ -579,7 +809,6 @@ static void
+@@ -579,7 +823,6 @@ static void
prjoin (struct line const *line1, struct line const *line2)
{
const struct outlist *outlist;
@@ -1635,7 +1649,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
size_t field;
struct line const *line;
-@@ -613,7 +842,7 @@ prjoin (struct line const *line1, struct
+@@ -613,7 +856,7 @@ prjoin (struct line const *line1, struct
o = o->next;
if (o == NULL)
break;
@@ -1644,7 +1658,7 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
}
putchar ('\n');
}
-@@ -1091,21 +1320,46 @@ main (int argc, char **argv)
+@@ -1091,21 +1334,46 @@ main (int argc, char **argv)
case 't':
{
@@ -1670,8 +1684,8 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
+#endif
+ newtablen = 1;
if (! newtab)
-+ {
- newtab = '\n'; /* '' => process the whole line. */
++ {
+ newtab = "\n"; /* '' => process the whole line. */
+ }
else if (optarg[1])
@@ -1701,9 +1715,9 @@ diff -urNp coreutils-8.13-orig/src/join.c coreutils-8.13/src/join.c
break;
case NOCHECK_ORDER_OPTION:
-diff -urNp coreutils-8.13-orig/src/pr.c coreutils-8.13/src/pr.c
---- coreutils-8.13-orig/src/pr.c 2011-08-30 23:01:40.000000000 +0200
-+++ coreutils-8.13/src/pr.c 2011-09-09 10:23:14.177658905 +0200
+diff -urNp coreutils-8.15-orig/src/pr.c coreutils-8.15/src/pr.c
+--- coreutils-8.15-orig/src/pr.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/pr.c 2013-01-30 13:40:37.350146206 +0100
@@ -312,6 +312,32 @@
#include <getopt.h>
@@ -2151,7 +2165,7 @@ diff -urNp coreutils-8.13-orig/src/pr.c coreutils-8.13/src/pr.c
/* sep_string ends with some spaces */
if (spaces_not_printed > 0)
print_white_space ();
-@@ -2305,7 +2443,7 @@ print_clump (COLUMN *p, int n, char *clump)
+@@ -2305,7 +2443,7 @@ print_clump (COLUMN *p, int n, char *clu
required number of tabs and spaces. */
static void
@@ -2447,9 +2461,9 @@ diff -urNp coreutils-8.13-orig/src/pr.c coreutils-8.13/src/pr.c
/* We've just printed some files and need to clean up things before
looking for more options and printing the next batch of files.
-diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
---- coreutils-8.13-orig/src/sort.c 2011-07-29 10:12:25.000000000 +0200
-+++ coreutils-8.13/src/sort.c 2011-09-09 10:23:14.183686800 +0200
+diff -urNp coreutils-8.15-orig/src/sort.c coreutils-8.15/src/sort.c
+--- coreutils-8.15-orig/src/sort.c 2013-01-30 13:39:59.892046631 +0100
++++ coreutils-8.15/src/sort.c 2013-01-30 15:56:48.675032507 +0100
@@ -22,11 +22,20 @@
#include <config.h>
@@ -2507,7 +2521,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* The kind of blanks for '-b' to skip in various options. */
enum blanktype { bl_start, bl_end, bl_both };
-@@ -343,13 +374,11 @@ static bool reverse;
+@@ -346,13 +377,11 @@ static bool reverse;
they were read if all keys compare equal. */
static bool stable;
@@ -2524,7 +2538,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Flag to remove consecutive duplicate lines from the output.
Only the last of a sequence of equal lines will be output. */
-@@ -783,6 +812,46 @@ reap_all (void)
+@@ -786,6 +815,46 @@ reap_all (void)
reap (-1);
}
@@ -2571,7 +2585,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Clean up any remaining temporary files. */
static void
-@@ -1215,7 +1284,7 @@ zaptemp (char const *name)
+@@ -1218,7 +1287,7 @@ zaptemp (char const *name)
free (node);
}
@@ -2580,7 +2594,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
static int
struct_month_cmp (void const *m1, void const *m2)
-@@ -1230,7 +1299,7 @@ struct_month_cmp (void const *m1, void c
+@@ -1233,7 +1302,7 @@ struct_month_cmp (void const *m1, void c
/* Initialize the character class tables. */
static void
@@ -2589,7 +2603,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
size_t i;
-@@ -1242,7 +1311,7 @@ inittables (void)
+@@ -1245,7 +1314,7 @@ inittables (void)
fold_toupper[i] = toupper (i);
}
@@ -2598,7 +2612,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* If we're not in the "C" locale, read different names for months. */
if (hard_LC_TIME)
{
-@@ -1324,6 +1393,84 @@ specify_nmerge (int oi, char c, char con
+@@ -1327,6 +1396,84 @@ specify_nmerge (int oi, char c, char con
xstrtol_fatal (e, oi, c, long_options, s);
}
@@ -2683,7 +2697,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Specify the amount of main memory to use when sorting. */
static void
specify_sort_size (int oi, char c, char const *s)
-@@ -1552,7 +1699,7 @@ buffer_linelim (struct buffer const *buf
+@@ -1555,7 +1702,7 @@ buffer_linelim (struct buffer const *buf
by KEY in LINE. */
static char *
@@ -2692,7 +2706,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
char *ptr = line->text, *lim = ptr + line->length - 1;
size_t sword = key->sword;
-@@ -1561,10 +1708,10 @@ begfield (struct line const *line, struc
+@@ -1564,10 +1711,10 @@ begfield (struct line const *line, struc
/* The leading field separator itself is included in a field when -t
is absent. */
@@ -2705,7 +2719,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
++ptr;
if (ptr < lim)
++ptr;
-@@ -1590,11 +1737,70 @@ begfield (struct line const *line, struc
+@@ -1593,11 +1740,70 @@ begfield (struct line const *line, struc
return ptr;
}
@@ -2777,7 +2791,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
char *ptr = line->text, *lim = ptr + line->length - 1;
size_t eword = key->eword, echar = key->echar;
-@@ -1609,10 +1815,10 @@ limfield (struct line const *line, struc
+@@ -1612,10 +1818,10 @@ limfield (struct line const *line, struc
`beginning' is the first character following the delimiting TAB.
Otherwise, leave PTR pointing at the first `blank' character after
the preceding field. */
@@ -2790,7 +2804,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
++ptr;
if (ptr < lim && (eword || echar))
++ptr;
-@@ -1658,10 +1864,10 @@ limfield (struct line const *line, struc
+@@ -1661,10 +1867,10 @@ limfield (struct line const *line, struc
*/
/* Make LIM point to the end of (one byte past) the current field. */
@@ -2803,7 +2817,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
if (newlim)
lim = newlim;
}
-@@ -1692,6 +1898,130 @@ limfield (struct line const *line, struc
+@@ -1695,6 +1901,130 @@ limfield (struct line const *line, struc
return ptr;
}
@@ -2934,7 +2948,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Fill BUF reading from FP, moving buf->left bytes from the end
of buf->buf to the beginning first. If EOF is reached and the
file wasn't terminated by a newline, supply one. Set up BUF's line
-@@ -1778,8 +2108,22 @@ fillbuf (struct buffer *buf, FILE *fp, c
+@@ -1781,8 +2111,22 @@ fillbuf (struct buffer *buf, FILE *fp, c
else
{
if (key->skipsblanks)
@@ -2959,7 +2973,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
line->keybeg = line_start;
}
}
-@@ -1900,7 +2244,7 @@ human_numcompare (char const *a, char co
+@@ -1903,7 +2247,7 @@ human_numcompare (char const *a, char co
hideously fast. */
static int
@@ -2968,7 +2982,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
while (blanks[to_uchar (*a)])
a++;
-@@ -1910,6 +2254,25 @@ numcompare (char const *a, char const *b
+@@ -1913,6 +2257,25 @@ numcompare (char const *a, char const *b
return strnumcmp (a, b, decimal_point, thousands_sep);
}
@@ -2994,7 +3008,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Work around a problem whereby the long double value returned by glibc's
strtold ("NaN", ...) contains uninitialized bits: clear all bytes of
A and B before calling strtold. FIXME: remove this function once
-@@ -1942,7 +2305,7 @@ general_numcompare (char const *sa, char
+@@ -1963,7 +2326,7 @@ general_numcompare (char const *sa, char
Return 0 if the name in S is not recognized. */
static int
@@ -3003,7 +3017,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
size_t lo = 0;
size_t hi = MONTHS_PER_YEAR;
-@@ -2217,15 +2580,14 @@ debug_key (struct line const *line, stru
+@@ -2238,15 +2601,14 @@ debug_key (struct line const *line, stru
char saved = *lim;
*lim = '\0';
@@ -3021,7 +3035,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
else if (key->general_numeric)
ignore_value (strtold (beg, &tighter_lim));
else if (key->numeric || key->human_numeric)
-@@ -2369,7 +2731,7 @@ key_warnings (struct keyfield const *gke
+@@ -2390,7 +2752,7 @@ key_warnings (struct keyfield const *gke
bool maybe_space_aligned = !hard_LC_COLLATE && default_key_compare (key)
&& !(key->schar || key->echar);
bool line_offset = key->eword == 0 && key->echar != 0; /* -k1.x,1.y */
@@ -3030,7 +3044,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
&& ((!key->skipsblanks && !(implicit_skip || maybe_space_aligned))
|| (!key->skipsblanks && key->schar)
|| (!key->skipeblanks && key->echar)))
-@@ -2427,11 +2789,83 @@ key_warnings (struct keyfield const *gke
+@@ -2448,11 +2810,87 @@ key_warnings (struct keyfield const *gke
error (0, 0, _("option `-r' only applies to last-resort comparison"));
}
@@ -3057,13 +3071,13 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
+ if (len == 0)
+ return 0;
+
-+ month = (char *) alloca (len + 1);
++ month = (char *) xmalloc (len + 1);
+
-+ tmp = (char *) alloca (len + 1);
++ tmp = (char *) xmalloc (len + 1);
+ memcpy (tmp, s, len);
+ tmp[len] = '\0';
+ pp = (const char **)&tmp;
-+ month_wcs = (wchar_t *) alloca ((len + 1) * sizeof (wchar_t));
++ month_wcs = (wchar_t *) xmalloc ((len + 1) * sizeof (wchar_t));
+ memset (&state, '\0', sizeof(mbstate_t));
+
+ wclength = mbsrtowcs (month_wcs, pp, len + 1, &state);
@@ -3102,6 +3116,10 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
+ if (ea && result)
+ *ea = s + strlen (monthtab[lo].name);
+
++ free (month);
++ free (tmp);
++ free (month_wcs);
++
+ return result;
+}
+#endif
@@ -3115,7 +3133,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
{
struct keyfield *key = keylist;
-@@ -2516,7 +2950,7 @@ keycompare (struct line const *a, struct
+@@ -2537,7 +2975,7 @@ keycompare (struct line const *a, struct
else if (key->human_numeric)
diff = human_numcompare (ta, tb);
else if (key->month)
@@ -3124,7 +3142,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
else if (key->random)
diff = compare_random (ta, tlena, tb, tlenb);
else if (key->version)
-@@ -2632,6 +3066,180 @@ keycompare (struct line const *a, struct
+@@ -2653,6 +3091,181 @@ keycompare (struct line const *a, struct
return key->reverse ? -diff : diff;
}
@@ -3180,7 +3198,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
+ {
+ if (ignore || translate)
+ {
-+ char *copy_a = (char *) alloca (lena + 1 + lenb + 1);
++ char *copy_a = (char *) xmalloc (lena + 1 + lenb + 1);
+ char *copy_b = copy_a + lena + 1;
+ size_t new_len_a, new_len_b;
+ size_t i, j;
@@ -3256,6 +3274,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
+ IGNORE_CHARS (new_len_b, lenb, textb, copy_b,
+ wc_b, mblength_b, state_b);
+ diff = xmemcoll (copy_a, new_len_a, copy_b, new_len_b);
++ free(copy_a);
+ }
+ else if (lena == 0)
+ diff = - NONZERO (lenb);
@@ -3305,7 +3324,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
/* Compare two lines A and B, returning negative, zero, or positive
depending on whether A compares less than, equal to, or greater than B. */
-@@ -4095,7 +4702,7 @@ main (int argc, char **argv)
+@@ -4113,7 +4726,7 @@ main (int argc, char **argv)
initialize_exit_failure (SORT_FAILURE);
hard_LC_COLLATE = hard_locale (LC_COLLATE);
@@ -3314,7 +3333,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
hard_LC_TIME = hard_locale (LC_TIME);
#endif
-@@ -4116,6 +4723,29 @@ main (int argc, char **argv)
+@@ -4134,6 +4747,29 @@ main (int argc, char **argv)
thousands_sep = -1;
}
@@ -3344,7 +3363,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
have_read_stdin = false;
inittables ();
-@@ -4386,13 +5016,34 @@ main (int argc, char **argv)
+@@ -4404,13 +5040,34 @@ main (int argc, char **argv)
case 't':
{
@@ -3383,7 +3402,7 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
else
{
/* Provoke with `sort -txx'. Complain about
-@@ -4403,9 +5054,12 @@ main (int argc, char **argv)
+@@ -4421,9 +5078,12 @@ main (int argc, char **argv)
quote (optarg));
}
}
@@ -3398,9 +3417,9 @@ diff -urNp coreutils-8.13-orig/src/sort.c coreutils-8.13/src/sort.c
}
break;
-diff -urNp coreutils-8.13-orig/src/unexpand.c coreutils-8.13/src/unexpand.c
---- coreutils-8.13-orig/src/unexpand.c 2011-07-28 12:38:27.000000000 +0200
-+++ coreutils-8.13/src/unexpand.c 2011-09-09 10:23:14.185647633 +0200
+diff -urNp coreutils-8.15-orig/src/unexpand.c coreutils-8.15/src/unexpand.c
+--- coreutils-8.15-orig/src/unexpand.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/unexpand.c 2013-01-30 13:40:37.358398268 +0100
@@ -39,12 +39,29 @@
#include <stdio.h>
#include <getopt.h>
@@ -3654,9 +3673,9 @@ diff -urNp coreutils-8.13-orig/src/unexpand.c coreutils-8.13/src/unexpand.c
if (have_read_stdin && fclose (stdin) != 0)
error (EXIT_FAILURE, errno, "-");
-diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
---- coreutils-8.13-orig/src/uniq.c 2011-07-28 12:38:27.000000000 +0200
-+++ coreutils-8.13/src/uniq.c 2011-09-09 10:24:19.631560964 +0200
+diff -urNp coreutils-8.15-orig/src/uniq.c coreutils-8.15/src/uniq.c
+--- coreutils-8.15-orig/src/uniq.c 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/src/uniq.c 2013-01-30 15:54:04.584020982 +0100
@@ -21,6 +21,16 @@
#include <getopt.h>
#include <sys/types.h>
@@ -3808,7 +3827,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
if (check_chars < oldlen)
oldlen = check_chars;
if (check_chars < newlen)
-@@ -242,14 +347,92 @@ different (char *old, char *new, size_t
+@@ -242,14 +347,100 @@ different (char *old, char *new, size_t
if (ignore_case)
{
@@ -3816,14 +3835,18 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
- return oldlen != newlen || memcasecmp (old, new, oldlen);
+ size_t i;
+
-+ copy_old = alloca (oldlen + 1);
-+ copy_new = alloca (oldlen + 1);
++ copy_old = xmalloc (oldlen + 1);
++ copy_new = xmalloc (oldlen + 1);
+
+ for (i = 0; i < oldlen; i++)
+ {
+ copy_old[i] = toupper (old[i]);
+ copy_new[i] = toupper (new[i]);
+ }
++ bool rc = xmemcoll (copy_old, oldlen, copy_new, newlen);
++ free (copy_old);
++ free (copy_new);
++ return rc;
}
- else if (hard_LC_COLLATE)
- return xmemcoll (old, oldlen, new, newlen) != 0;
@@ -3859,7 +3882,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
+
+ for (i = 0; i < 2; i++)
+ {
-+ copy[i] = alloca (len[i] + 1);
++ copy[i] = xmalloc (len[i] + 1);
+
+ for (j = 0, chars = 0; j < len[i] && chars < check_chars; chars++)
+ {
@@ -3900,13 +3923,17 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
+ len[i] = j;
+ }
+
-+ return xmemcoll (copy[0], len[0], copy[1], len[1]);
++ int rc = xmemcoll (copy[0], len[0], copy[1], len[1]);
++ free (copy[0]);
++ free (copy[1]);
++ return rc;
++
}
+#endif
/* Output the line in linebuffer LINE to standard output
provided that the switches say it should be output.
-@@ -305,15 +488,43 @@ check_file (const char *infile, const ch
+@@ -305,15 +496,43 @@ check_file (const char *infile, const ch
{
char *prevfield IF_LINT ( = NULL);
size_t prevlen IF_LINT ( = 0);
@@ -3950,7 +3977,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
if (prevline->length == 0
|| different (thisfield, prevfield, thislen, prevlen))
{
-@@ -332,17 +543,26 @@ check_file (const char *infile, const ch
+@@ -332,17 +551,26 @@ check_file (const char *infile, const ch
size_t prevlen;
uintmax_t match_count = 0;
bool first_delimiter = true;
@@ -3977,7 +4004,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
if (readlinebuffer_delim (thisline, stdin, delimiter) == 0)
{
if (ferror (stdin))
-@@ -351,6 +571,14 @@ check_file (const char *infile, const ch
+@@ -351,6 +579,14 @@ check_file (const char *infile, const ch
}
thisfield = find_field (thisline);
thislen = thisline->length - 1 - (thisfield - thisline->buffer);
@@ -3992,7 +4019,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
match = !different (thisfield, prevfield, thislen, prevlen);
match_count += match;
-@@ -383,6 +611,9 @@ check_file (const char *infile, const ch
+@@ -383,6 +619,9 @@ check_file (const char *infile, const ch
SWAP_LINES (prevline, thisline);
prevfield = thisfield;
prevlen = thislen;
@@ -4002,7 +4029,7 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
if (!match)
match_count = 0;
}
-@@ -428,6 +659,19 @@ main (int argc, char **argv)
+@@ -428,6 +667,19 @@ main (int argc, char **argv)
atexit (close_stdout);
@@ -4022,10 +4049,10 @@ diff -urNp coreutils-8.13-orig/src/uniq.c coreutils-8.13/src/uniq.c
skip_chars = 0;
skip_fields = 0;
check_chars = SIZE_MAX;
-diff -urNp coreutils-8.13-orig/tests/Makefile.am coreutils-8.13/tests/Makefile.am
---- coreutils-8.13-orig/tests/Makefile.am 2011-09-09 10:22:43.352561668 +0200
-+++ coreutils-8.13/tests/Makefile.am 2011-09-09 10:23:14.189688942 +0200
-@@ -238,6 +238,7 @@ TESTS = \
+diff -urNp coreutils-8.15-orig/tests/Makefile.am coreutils-8.15/tests/Makefile.am
+--- coreutils-8.15-orig/tests/Makefile.am 2013-01-30 13:39:59.940175847 +0100
++++ coreutils-8.15/tests/Makefile.am 2013-01-30 13:40:37.361294753 +0100
+@@ -240,6 +240,7 @@ TESTS = \
misc/sort-debug-keys \
misc/sort-debug-warn \
misc/sort-files0-from \
@@ -4033,7 +4060,7 @@ diff -urNp coreutils-8.13-orig/tests/Makefile.am coreutils-8.13/tests/Makefile.a
misc/sort-float \
misc/sort-merge \
misc/sort-merge-fdlimit \
-@@ -518,6 +519,10 @@ TESTS = \
+@@ -529,6 +530,10 @@ TESTS = \
$(root_tests)
pr_data = \
@@ -4044,10 +4071,10 @@ diff -urNp coreutils-8.13-orig/tests/Makefile.am coreutils-8.13/tests/Makefile.a
pr/0F \
pr/0FF \
pr/0FFnt \
-diff -urNp coreutils-8.13-orig/tests/misc/cut coreutils-8.13/tests/misc/cut
---- coreutils-8.13-orig/tests/misc/cut 2011-09-02 14:08:40.000000000 +0200
-+++ coreutils-8.13/tests/misc/cut 2011-09-09 10:23:14.190686793 +0200
-@@ -23,14 +23,15 @@ my $mb_locale = $ENV{LOCALE_FR_UTF8};
+diff -urNp coreutils-8.15-orig/tests/misc/cut coreutils-8.15/tests/misc/cut
+--- coreutils-8.15-orig/tests/misc/cut 2012-01-01 10:04:06.000000000 +0100
++++ coreutils-8.15/tests/misc/cut 2013-01-30 13:40:37.361294753 +0100
+@@ -23,14 +23,15 @@ use strict;
# Turn off localization of executable's output.
@ENV{qw(LANGUAGE LANG LC_ALL)} = ('C') x 3;
@@ -4067,7 +4094,7 @@ diff -urNp coreutils-8.13-orig/tests/misc/cut coreutils-8.13/tests/misc/cut
my $no_endpoint = "$prog: invalid range with no endpoint: -\n$try";
my @Tests =
-@@ -147,7 +147,7 @@ my @Tests =
+@@ -147,7 +148,7 @@ my @Tests =
# None of the following invalid ranges provoked an error up to coreutils-6.9.
['inval1', qw(-f 2-0), {IN=>''}, {OUT=>''}, {EXIT=>1},
@@ -4076,41 +4103,41 @@ diff -urNp coreutils-8.13-orig/tests/misc/cut coreutils-8.13/tests/misc/cut
['inval2', qw(-f -), {IN=>''}, {OUT=>''}, {EXIT=>1}, {ERR=>$no_endpoint}],
['inval3', '-f', '4,-', {IN=>''}, {OUT=>''}, {EXIT=>1}, {ERR=>$no_endpoint}],
['inval4', '-f', '1-2,-', {IN=>''}, {OUT=>''}, {EXIT=>1},
-diff -urNp coreutils-8.13-orig/tests/misc/mb1.I coreutils-8.13/tests/misc/mb1.I
---- coreutils-8.13-orig/tests/misc/mb1.I 1970-01-01 01:00:00.000000000 +0100
-+++ coreutils-8.13/tests/misc/mb1.I 2011-09-09 10:23:14.191687037 +0200
+diff -urNp coreutils-8.15-orig/tests/misc/mb1.I coreutils-8.15/tests/misc/mb1.I
+--- coreutils-8.15-orig/tests/misc/mb1.I 1970-01-01 01:00:00.000000000 +0100
++++ coreutils-8.15/tests/misc/mb1.I 2013-01-30 13:40:37.362395749 +0100
@@ -0,0 +1,4 @@
+Apple@10
+Banana@5
+Citrus@20
+Cherry@30
-diff -urNp coreutils-8.13-orig/tests/misc/mb1.X coreutils-8.13/tests/misc/mb1.X
---- coreutils-8.13-orig/tests/misc/mb1.X 1970-01-01 01:00:00.000000000 +0100
-+++ coreutils-8.13/tests/misc/mb1.X 2011-09-09 10:23:14.192581910 +0200
+diff -urNp coreutils-8.15-orig/tests/misc/mb1.X coreutils-8.15/tests/misc/mb1.X
+--- coreutils-8.15-orig/tests/misc/mb1.X 1970-01-01 01:00:00.000000000 +0100
++++ coreutils-8.15/tests/misc/mb1.X 2013-01-30 13:40:37.363395657 +0100
@@ -0,0 +1,4 @@
+Banana@5
+Apple@10
+Citrus@20
+Cherry@30
-diff -urNp coreutils-8.13-orig/tests/misc/mb2.I coreutils-8.13/tests/misc/mb2.I
---- coreutils-8.13-orig/tests/misc/mb2.I 1970-01-01 01:00:00.000000000 +0100
-+++ coreutils-8.13/tests/misc/mb2.I 2011-09-09 10:23:14.192581910 +0200
+diff -urNp coreutils-8.15-orig/tests/misc/mb2.I coreutils-8.15/tests/misc/mb2.I
+--- coreutils-8.15-orig/tests/misc/mb2.I 1970-01-01 01:00:00.000000000 +0100
++++ coreutils-8.15/tests/misc/mb2.I 2013-01-30 13:40:37.363395657 +0100
@@ -0,0 +1,4 @@
+Apple@AA10@@20
+Banana@AA5@@30
+Citrus@AA20@@5
+Cherry@AA30@@10
-diff -urNp coreutils-8.13-orig/tests/misc/mb2.X coreutils-8.13/tests/misc/mb2.X
---- coreutils-8.13-orig/tests/misc/mb2.X 1970-01-01 01:00:00.000000000 +0100
-+++ coreutils-8.13/tests/misc/mb2.X 2011-09-09 10:23:14.193687456 +0200
+diff -urNp coreutils-8.15-orig/tests/misc/mb2.X coreutils-8.15/tests/misc/mb2.X
+--- coreutils-8.15-orig/tests/misc/mb2.X 1970-01-01 01:00:00.000000000 +0100
++++ coreutils-8.15/tests/misc/mb2.X 2013-01-30 13:40:37.364411214 +0100
@@ -0,0 +1,4 @@
+Citrus@AA20@@5
+Cherry@AA30@@10
+Apple@AA10@@20
+Banana@AA5@@30
-diff -urNp coreutils-8.13-orig/tests/misc/sort-mb-tests coreutils-8.13/tests/misc/sort-mb-tests
---- coreutils-8.13-orig/tests/misc/sort-mb-tests 1970-01-01 01:00:00.000000000 +0100
-+++ coreutils-8.13/tests/misc/sort-mb-tests 2011-09-09 10:23:14.194687565 +0200
+diff -urNp coreutils-8.15-orig/tests/misc/sort-mb-tests coreutils-8.15/tests/misc/sort-mb-tests
+--- coreutils-8.15-orig/tests/misc/sort-mb-tests 1970-01-01 01:00:00.000000000 +0100
++++ coreutils-8.15/tests/misc/sort-mb-tests 2013-01-30 13:40:37.365177992 +0100
@@ -0,0 +1,58 @@
+#! /bin/sh
+case $# in
diff --git a/coreutils.spec b/coreutils.spec
index e516de1..09ad350 100644
--- a/coreutils.spec
+++ b/coreutils.spec
@@ -427,6 +427,10 @@ fi
%{?!norunuser:%{_sbindir}/runuser}
%changelog
+* Wed Jan 30 2013 Ondrej Vasik <ovasik at redhat.com> 8.15-10
+- fix multiple segmantation faults in i18n patch (by SUSE)
+ (#869442, #902917)- CVE2013-0223/CVE2013-0221/CVE2013-0222
+
* Wed Dec 12 2012 Ondrej Vasik <ovasik at redhat.com> 8.15-9
- fix showing duplicates in df (#709351, O.Oprala, B.Voelker)
More information about the scm-commits
mailing list