diff options
author | Jim Meyering <meyering@redhat.com> | 2011-10-09 11:42:32 +0200 |
---|---|---|
committer | Andreas Gruenbacher <agruen@linbit.com> | 2011-10-11 03:31:57 +0200 |
commit | 4e595c3b6de267bfe770c218bb38c116a3d7d59f (patch) | |
tree | b07c94225acebd5036ec9812bf0d8d04d8367aa3 | |
parent | 46ad06707c71e3bbfc34e5f098745ef5bec3968b (diff) | |
download | patch-4e595c3b6de267bfe770c218bb38c116a3d7d59f.tar.gz |
give a diagnostic rather than a failed assertion for a mangled patch
* src/pch.c (another_hunk): Rather than asserting(C), issue the
"replacement text or line numbers mangled ..." diagnostic when !C.
* tests/mangled-numbers-abort: New test for the above.
* tests/Makefile.am (TESTS): Add it.
* NEWS: Mention it.
Reported by Gabriel Vlasiu via Tim Waugh.
See also http://bugzilla.redhat.com/738959
-rw-r--r-- | NEWS | 1 | ||||
-rw-r--r-- | src/pch.c | 4 | ||||
-rw-r--r-- | tests/Makefile.am | 1 | ||||
-rw-r--r-- | tests/mangled-numbers-abort | 42 |
4 files changed, 47 insertions, 1 deletions
@@ -1,3 +1,4 @@ +* Patch no longer gets a failed assertion for certain mangled patches. * Patch now ignores destination file names that are absolute or that contain a component of "..". This addresses CVE-2010-4651, * Support for most features of the "diff --git" format: renames and copies, @@ -1513,7 +1513,9 @@ another_hunk (enum diff difftype, bool rev) p_suffix_context = ((ptrn_suffix_context != -1 && ptrn_suffix_context < context) ? ptrn_suffix_context : context); - assert (p_prefix_context != -1 && p_suffix_context != -1); + if (p_prefix_context == -1 || p_suffix_context == -1) + fatal ("replacement text or line numbers mangled in hunk at line %s", + format_linenum (numbuf0, p_hunk_beg)); if (difftype == CONTEXT_DIFF && (fillcnt diff --git a/tests/Makefile.am b/tests/Makefile.am index de8862c..f29d68e 100644 --- a/tests/Makefile.am +++ b/tests/Makefile.am @@ -36,6 +36,7 @@ TESTS = \ inname \ line-numbers \ merge \ + mangled-numbers-abort \ munged-context-format \ need-filename \ no-newline-triggers-assert \ diff --git a/tests/mangled-numbers-abort b/tests/mangled-numbers-abort new file mode 100644 index 0000000..1e1cde9 --- /dev/null +++ b/tests/mangled-numbers-abort @@ -0,0 +1,42 @@ +# Copyright (C) 2011 Free Software Foundation, Inc. +# +# Copying and distribution of this file, with or without modification, +# in any medium, are permitted without royalty provided the copyright +# notice and this notice are preserved. + +. $srcdir/test-lib.sh + +require_cat +use_local_patch +use_tmpdir + +# ============================================================== +# Regression test for a failed assertion. +# Based on a report from Gabriel Vlasiu via Tim Waugh +# in http://bugzilla.redhat.com/738959 + +seq 1 7 > a + +cat > bogus.diff <<EOF +*** p +--- p +*************** +*** 405,409 **** +--- 405,407 ---- + a + b + c ++ d + x + y + z +EOF + +# Before v2.6.1-148, this would trigger the failed assertion: +# pch.c:1516: another_hunk: Assertion `p_prefix_context != -1 \ +# && p_suffix_context != -1' failed. + +check 'patch a < bogus.diff; echo "Status: $?"' <<EOF +$PATCH: **** replacement text or line numbers mangled in hunk at line 4 +Status: 2 +EOF |