Blame SOURCES/patch-2.7.6-CVE-2018-20969.patch

f13c65
diff -up patch-2.7.6/src/pch.c.CVE-2018-20969 patch-2.7.6/src/pch.c
f13c65
--- patch-2.7.6/src/pch.c.CVE-2018-20969	2019-09-02 15:40:09.087994204 +0200
f13c65
+++ patch-2.7.6/src/pch.c	2019-09-02 15:42:23.486485786 +0200
f13c65
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
f13c65
 	    *outname_needs_removal = true;
f13c65
 	    copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
f13c65
 	  }
f13c65
-	sprintf (buf, "%s %s%s", editor_program,
f13c65
-		 verbosity == VERBOSE ? "" : "- ",
f13c65
-		 outname);
f13c65
 	fflush (stdout);
f13c65
 
f13c65
 	pid = fork();
f13c65
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
f13c65
 	else if (pid == 0)
f13c65
 	  {
f13c65
 	    dup2 (tmpfd, 0);
f13c65
-	    execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
f13c65
+	    assert (outname[0] != '!' && outname[0] != '-');
f13c65
+	    execlp (editor_program, editor_program, "-", outname, (char  *) NULL);
f13c65
 	    _exit (2);
f13c65
 	  }
f13c65
 	else