[at/f19] filter environment variables not acceptable in bash input (#1147043)
Tomáš Mráz
tmraz at fedoraproject.org
Sat Oct 4 07:06:57 UTC 2014
commit 427587fa5593bb3601aba6e8aee33bfc27f0e064
Author: Tomas Mraz <tmraz at fedoraproject.org>
Date: Sat Oct 4 09:06:49 2014 +0200
filter environment variables not acceptable in bash input (#1147043)
at-3.1.10-filter-environment.patch | 26 ++++++++++++++++++++++++++
at.spec | 9 +++++++--
2 files changed, 33 insertions(+), 2 deletions(-)
---
diff --git a/at-3.1.10-filter-environment.patch b/at-3.1.10-filter-environment.patch
new file mode 100644
index 0000000..55fc669
--- /dev/null
+++ b/at-3.1.10-filter-environment.patch
@@ -0,0 +1,26 @@
+diff -up at-3.1.10/at.c.filter-environment at-3.1.10/at.c
+--- at-3.1.10/at.c.filter-environment 2014-10-02 10:21:01.684890331 +0200
++++ at-3.1.10/at.c 2014-10-02 10:21:40.678770635 +0200
+@@ -388,6 +388,22 @@ writefile(time_t runtimer, char queue)
+ int export = 1;
+ char *eqp;
+
++ /* Only accept alphanumerics and underscore in variable names.
++ * Also require the name to not start with a digit.
++ * Some shells don't like other variable names.
++ */
++ {
++ char *p = *atenv;
++ if (isdigit(*p))
++ export = 0;
++ for (; *p != '=' && *p != '\0'; ++p) {
++ if (!isalnum(*p) && *p != '_') {
++ export = 0;
++ break;
++ }
++ }
++ }
++
+ eqp = strchr(*atenv, '=');
+ if (ap == NULL)
+ eqp = *atenv;
diff --git a/at.spec b/at.spec
index 9701ae7..32881ae 100644
--- a/at.spec
+++ b/at.spec
@@ -3,7 +3,7 @@
Summary: Job spooling tools
Name: at
Version: 3.1.13
-Release: 13%{dist}
+Release: 15%{?dist}
# http://packages.debian.org/changelogs/pool/main/a/at/current/copyright
# + install-sh is MIT license with changes under Public Domain
License: GPLv3+ and GPLv2+ and ISC and MIT and Public Domain
@@ -29,6 +29,7 @@ Patch9: at-3.1.13-mailwithhostname.patch
Patch10: at-3.1.13-usePOSIXtimers.patch
Patch11: at-3.1.13-help.patch
Patch12: at-3.1.14-wrong_format.patch
+Patch13: at-3.1.10-filter-environment.patch
BuildRequires: fileutils /etc/init.d
BuildRequires: flex flex-static bison autoconf
@@ -83,6 +84,7 @@ cp %{SOURCE1} .
%patch10 -p1 -b .posix
%patch11 -p1 -b .help
%patch12 -p1 -b .wrong
+%patch13 -p1 -b .filter-environment
%build
# patch9 touches configure.in
@@ -98,7 +100,7 @@ rm -f lex.yy.* y.tab.*
--with-pam
%endif
-make %{?_smp_mflags} V=1
+make V=1
%install
make install \
@@ -189,6 +191,9 @@ chown daemon:daemon %{_localstatedir}/spool/at/.SEQ
%attr(0755,root,root) %{_initrddir}/atd
%changelog
+* Sat Oct 4 2014 Tomáš Mráz <tmraz at redhat.com> - 3.1.13-15
+- filter environment variables not acceptable in bash input (#1147043)
+
* Wed Dec 4 2013 Marcela Mašláňová <mmaslano at redhat.com> 3.1.13-13
- 989201 PAM issue prevents atd sending mail
- 718422 File a0000f0149b7f3 is in wrong format
More information about the scm-commits
mailing list