mirror of
https://git.in.rschanz.org/ryan77627/guix.git
synced 2024-11-15 11:25:22 -05:00
f55aa0c7b7
* gnu/packages/patches/zsh-CVE-2018-7548.patch, gnu/packages/patches/zsh-CVE-2018-7549.patch: New files. * gnu/local.mk (dist_patch_DATA): Add them. * gnu/packages/shells.scm (zsh)[source]: Use them.
56 lines
1.5 KiB
Diff
56 lines
1.5 KiB
Diff
Fix CVE-2018-7549:
|
|
|
|
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-7549
|
|
|
|
Patch copied from upstream source repository:
|
|
|
|
https://sourceforge.net/p/zsh/code/ci/c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd
|
|
|
|
From c2cc8b0fbefc9868fa83537f5b6d90fc1ec438dd Mon Sep 17 00:00:00 2001
|
|
From: Stephane Chazelas <stephane.chazelas@gmail.com>
|
|
Date: Fri, 22 Dec 2017 22:17:09 +0000
|
|
Subject: [PATCH] Avoid crash copying empty hash table.
|
|
|
|
Visible with typeset -p.
|
|
---
|
|
ChangeLog | 2 ++
|
|
Src/params.c | 11 +++++++----
|
|
2 files changed, 9 insertions(+), 4 deletions(-)
|
|
|
|
#diff --git a/ChangeLog b/ChangeLog
|
|
#index f74c26b88..e3628cfa7 100644
|
|
#--- a/ChangeLog
|
|
#+++ b/ChangeLog
|
|
#@@ -1,5 +1,7 @@
|
|
# 2018-01-04 Peter Stephenson <p.stephenson@samsung.com>
|
|
#
|
|
#+ * Stephane: 42159: Src/params.c: avoid crash copying empty hash table.
|
|
#+
|
|
# * Sebastian: 42188: Src/Modules/system.c: It is necessary to
|
|
# close the lock descriptor in some failure cases.
|
|
#
|
|
diff --git a/Src/params.c b/Src/params.c
|
|
index 31ff0445b..de7730ae7 100644
|
|
--- a/Src/params.c
|
|
+++ b/Src/params.c
|
|
@@ -549,10 +549,13 @@ scancopyparams(HashNode hn, UNUSED(int flags))
|
|
HashTable
|
|
copyparamtable(HashTable ht, char *name)
|
|
{
|
|
- HashTable nht = newparamtable(ht->hsize, name);
|
|
- outtable = nht;
|
|
- scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
|
|
- outtable = NULL;
|
|
+ HashTable nht = 0;
|
|
+ if (ht) {
|
|
+ nht = newparamtable(ht->hsize, name);
|
|
+ outtable = nht;
|
|
+ scanhashtable(ht, 0, 0, 0, scancopyparams, 0);
|
|
+ outtable = NULL;
|
|
+ }
|
|
return nht;
|
|
}
|
|
|
|
--
|
|
2.16.2
|
|
|