[coreutils/f20] fix the date crash or infloop in TZ= parsing (#1069657), colorls - unset unnecessary envvars and fix
Ondrej Vasik
ovasik at fedoraproject.org
Wed Mar 5 12:39:28 UTC 2014
commit 505bcfb22f0ce9a4b2ba010885e7a74434b1554f
Author: Ondřej Vašík <ovasik at redhat.com>
Date: Wed Mar 5 13:39:16 2014 +0100
fix the date crash or infloop in TZ= parsing (#1069657), colorls - unset unnecessary envvars and fix issue with noclobber set
coreutils-8.22-datetzcrash.patch | 67 ++++++++++++++++++++++++++++++++++++++
coreutils-colorls.csh | 4 ++-
coreutils-colorls.sh | 4 ++-
coreutils.spec | 6 +++
4 files changed, 79 insertions(+), 2 deletions(-)
---
diff --git a/coreutils-8.22-datetzcrash.patch b/coreutils-8.22-datetzcrash.patch
new file mode 100644
index 0000000..44481af
--- /dev/null
+++ b/coreutils-8.22-datetzcrash.patch
@@ -0,0 +1,67 @@
+diff -urNp coreutils-8.22-orig/gnulib-tests/test-parse-datetime.c coreutils-8.22/gnulib-tests/test-parse-datetime.c
+--- coreutils-8.22-orig/gnulib-tests/test-parse-datetime.c 2013-12-04 15:53:33.000000000 +0100
++++ coreutils-8.22/gnulib-tests/test-parse-datetime.c 2014-03-02 20:33:25.691688592 +0100
+@@ -419,5 +419,21 @@ main (int argc _GL_UNUSED, char **argv)
+ starting with a high-bit-set byte would be treated like "0". */
+ ASSERT ( ! parse_datetime (&result, "\xb0", &now));
+
++ /* Exercise TZ="" parsing code. */
++ /* These two would infloop or segfault before Feb 2014. */
++ ASSERT ( ! parse_datetime (&result, "TZ=\"\"\"", &now));
++ ASSERT ( ! parse_datetime (&result, "TZ=\"\" \"", &now));
++ /* Exercise invalid patterns. */
++ ASSERT ( ! parse_datetime (&result, "TZ=\"", &now));
++ ASSERT ( ! parse_datetime (&result, "TZ=\"\\\"", &now));
++ ASSERT ( ! parse_datetime (&result, "TZ=\"\\n", &now));
++ ASSERT ( ! parse_datetime (&result, "TZ=\"\\n\"", &now));
++ /* Exercise valid patterns. */
++ ASSERT ( parse_datetime (&result, "TZ=\"\"", &now));
++ ASSERT ( parse_datetime (&result, "TZ=\"\" ", &now));
++ ASSERT ( parse_datetime (&result, " TZ=\"\"", &now));
++ ASSERT ( parse_datetime (&result, "TZ=\"\\\\\"", &now));
++ ASSERT ( parse_datetime (&result, "TZ=\"\\\"\"", &now));
++
+ return 0;
+ }
+diff -urNp coreutils-8.22-orig/lib/parse-datetime.y coreutils-8.22/lib/parse-datetime.y
+--- coreutils-8.22-orig/lib/parse-datetime.y 2013-12-04 15:53:33.000000000 +0100
++++ coreutils-8.22/lib/parse-datetime.y 2014-03-02 20:32:23.246124920 +0100
+@@ -1303,8 +1303,6 @@ parse_datetime (struct timespec *result,
+ char tz1buf[TZBUFSIZE];
+ bool large_tz = TZBUFSIZE < tzsize;
+ bool setenv_ok;
+- /* Free tz0, in case this is the 2nd or subsequent time through. */
+- free (tz0);
+ tz0 = get_tz (tz0buf);
+ z = tz1 = large_tz ? xmalloc (tzsize) : tz1buf;
+ for (s = tzbase; *s != '"'; s++)
+@@ -1316,7 +1314,12 @@ parse_datetime (struct timespec *result,
+ if (!setenv_ok)
+ goto fail;
+ tz_was_altered = true;
++
+ p = s + 1;
++ while (c = *p, c_isspace (c))
++ p++;
++
++ break;
+ }
+ }
+
+diff -urNp coreutils-8.22-orig/tests/misc/date.pl coreutils-8.22/tests/misc/date.pl
+--- coreutils-8.22-orig/tests/misc/date.pl 2013-12-04 15:48:30.000000000 +0100
++++ coreutils-8.22/tests/misc/date.pl 2014-03-02 20:30:43.200328295 +0100
+@@ -287,6 +287,13 @@ my @Tests =
+ {ERR => "date: invalid date '\\260'\n"},
+ {EXIT => 1},
+ ],
++
++ # From coreutils-5.3.0 to 8.22 inclusive
++ # this would either infinite loop or crash
++ ['invalid-TZ-crash', "-d 'TZ=\"\"\"'",
++ {ERR => "date: invalid date 'TZ=\"\"\"'\n"},
++ {EXIT => 1},
++ ],
+ );
+
+ # Repeat the cross-dst test, using Jan 1, 2005 and every interval from 1..364.
diff --git a/coreutils-colorls.csh b/coreutils-colorls.csh
index d02fe85..11282ba 100755
--- a/coreutils-colorls.csh
+++ b/coreutils-colorls.csh
@@ -33,7 +33,7 @@ if ( ! -e "$COLORS" ) exit
set _tmp="`mktemp .colorlsXXX --tmpdir=/tmp`"
-if ( "$INCLUDE" != '' ) cat "$INCLUDE" > $_tmp
+if ( "$INCLUDE" != '' ) cat "$INCLUDE" >> $_tmp
grep -v '^INCLUDE' "$COLORS" >> $_tmp
eval "`dircolors -c $_tmp`"
@@ -48,6 +48,8 @@ if ( "$color_none" != '' ) then
endif
unset color_none
unset _tmp
+unset INCLUDE
+unset COLORS
finish:
alias ll 'ls -l --color=auto'
diff --git a/coreutils-colorls.sh b/coreutils-colorls.sh
index 7d27940..5957d71 100755
--- a/coreutils-colorls.sh
+++ b/coreutils-colorls.sh
@@ -35,7 +35,7 @@ if [ -z "$USER_LS_COLORS" ]; then
TMP="`mktemp .colorlsXXX --tmpdir=/tmp`"
- [ -e "$INCLUDE" ] && cat "$INCLUDE" > $TMP
+ [ -e "$INCLUDE" ] && cat "$INCLUDE" >> $TMP
grep -v '^INCLUDE' "$COLORS" >> $TMP
eval "`dircolors --sh $TMP 2>/dev/null`"
@@ -46,6 +46,8 @@ if [ -z "$USER_LS_COLORS" ]; then
grep -qi "^COLOR.*none" $COLORS >/dev/null 2>/dev/null && return
fi
+unset TMP COLORS INCLUDE
+
alias ll='ls -l --color=auto' 2>/dev/null
alias l.='ls -d .* --color=auto' 2>/dev/null
alias ls='ls --color=auto' 2>/dev/null
diff --git a/coreutils.spec b/coreutils.spec
index 4b1b41f..a145329 100644
--- a/coreutils.spec
+++ b/coreutils.spec
@@ -16,6 +16,7 @@ Source106: coreutils-colorls.csh
Patch1: coreutils-8.21-install-strip.patch
Patch2: coreutils-aarch64-longlong.patch
Patch3: coreutils-8.21-ln-updateexisting.patch
+Patch4: coreutils-8.22-datetzcrash.patch
# Our patches
#general patch to workaround koji build system issues
@@ -131,6 +132,7 @@ the old GNU fileutils, sh-utils, and textutils packages.
%patch1 -p1 -b .strip
%patch2 -p1 -b .aarch64
%patch3 -p1 -b .exist
+%patch4 -p1 -b .tzcrash
# Our patches
%patch100 -p1 -b .configure
@@ -379,6 +381,10 @@ fi
%changelog
* Wed Mar 05 2014 Ondrej Vasik <ovasik at redhat.com> 8.21-21
- ln: --relative: fix updating of existing symlinks (#1072103)
+- fix possible colorls.csh script errors for tcsh with
+ noclobber set and entered include file (#1027279)
+- unset the unnecessary envvars after colorls scripts(#1051703)
+- fix the date crash or infloop in TZ="" parsing (#1069657)
* Mon Jan 06 2014 Ondrej Oprala <ooprala at redhat.com> 8.21-20
- fix sorting by non-first field (#1003544)
More information about the scm-commits
mailing list