Blame SOURCES/patch-2.7.x-CVE-2018-20969.patch
|
|
75ce22 |
diff -up patch-2.7.1/src/pch.c.orig patch-2.7.1/src/pch.c
|
|
|
75ce22 |
--- patch-2.7.1/src/pch.c.orig 2019-09-02 10:01:18.283754723 +0200
|
|
|
75ce22 |
+++ patch-2.7.1/src/pch.c 2019-09-02 10:03:31.742214005 +0200
|
|
|
75ce22 |
@@ -2459,9 +2459,6 @@ do_ed_script (char const *inname, char c
|
|
|
75ce22 |
*outname_needs_removal = true;
|
|
|
75ce22 |
copy_file (inname, outname, 0, exclusive, instat.st_mode, true);
|
|
|
75ce22 |
}
|
|
|
75ce22 |
- sprintf (buf, "%s %s%s", editor_program,
|
|
|
75ce22 |
- verbosity == VERBOSE ? "" : "- ",
|
|
|
75ce22 |
- outname);
|
|
|
75ce22 |
fflush (stdout);
|
|
|
75ce22 |
|
|
|
75ce22 |
pid = fork();
|
|
|
75ce22 |
@@ -2470,7 +2467,8 @@ do_ed_script (char const *inname, char c
|
|
|
75ce22 |
else if (pid == 0)
|
|
|
75ce22 |
{
|
|
|
75ce22 |
dup2 (tmpfd, 0);
|
|
|
75ce22 |
- execl ("/bin/sh", "sh", "-c", buf, (char *) 0);
|
|
|
75ce22 |
+ assert (outname[0] != '!' && outname[0] != '-');
|
|
|
75ce22 |
+ execlp (editor_program, editor_program, "-", outname, (char *) NULL);
|
|
|
75ce22 |
_exit (2);
|
|
|
75ce22 |
}
|
|
|
75ce22 |
else
|